From e8964e0eb739e6852f60188a5373dce10e6c3d6c Mon Sep 17 00:00:00 2001 From: Evelyn Gurschler Date: Thu, 15 Jun 2023 18:09:16 +0200 Subject: [PATCH] chore: enable dockerhub push & new consortia envs (#6) - enable push to dockerhub for init containers - combine init container for consortia environments into one image - enable stable and rc (release candidate) environments - add consortia specific files (env specific values files and argo app templates) why: - move to new container registry - retire helm-environments branch - improve setup in general --- .github/pull_request_template.md | 24 + .github/workflows/centralidp-chart-test.yaml | 56 +- .../{cx-iam-beta.yml => cx-iam-consortia.yml} | 54 +- .github/workflows/cx-iam-dev.yml | 69 - .github/workflows/cx-iam-int.yml | 69 - .github/workflows/cx-iam-pen.yml | 69 - .github/workflows/cx-iam-pre-prod.yml | 69 - .github/workflows/cx-iam.yml | 49 +- .github/workflows/kics.yml | 2 +- .github/workflows/sharedidp-chart-test.yaml | 56 +- .github/workflows/trivy.yml | 147 +- README.md | 21 +- .../centralidp/appsetup-beta.yaml | 38 + .../centralidp/appsetup-dev.yaml | 32 +- .../centralidp/appsetup-int.yaml | 38 + .../centralidp/appsetup-pen.yaml | 38 + .../centralidp/appsetup-rc.yaml | 38 + .../centralidp/appsetup-stable.yaml | 38 + .../appsetup-templateconsortia.yaml | 38 + .../centralidp/appsetup-templategeneric.yaml | 38 + .../sharedidp/appsetup-beta.yaml | 32 +- .../sharedidp/appsetup-dev.yaml | 38 + .../sharedidp/appsetup-int.yaml | 32 +- .../sharedidp/appsetup-pen.yaml | 38 + .../sharedidp/appsetup-rc.yaml | 32 +- .../sharedidp/appsetup-stable.yaml | 38 + .../sharedidp/appsetup-templateconsortia.yaml | 38 + .../sharedidp/appsetup-templategeneric.yaml | 38 + .../environments/centralidp/values-beta.yaml | 75 + .../environments/centralidp/values-dev.yaml | 75 + .../environments/centralidp/values-int.yaml | 75 + .../environments/centralidp/values-pen.yaml | 75 + .../environments/centralidp/values-rc.yaml | 75 + .../centralidp/values-stable.yaml | 75 + .../centralidp/values-templateconsortia.yaml | 75 + .../centralidp/values-templategeneric.yaml | 75 + .../environments/sharedidp/values-beta.yaml | 101 + .../environments/sharedidp/values-dev.yaml | 101 + .../environments/sharedidp/values-int.yaml | 101 + .../environments/sharedidp/values-pen.yaml | 104 + .../environments/sharedidp/values-rc.yaml | 101 + .../environments/sharedidp/values-stable.yaml | 101 + .../sharedidp/values-templateconsortia.yaml | 101 + .../sharedidp/values-templategeneric.yaml | 85 + docker/Dockerfile.consortia.import | 39 + docker/Dockerfile.pre-prod.import | 32 - docker/notice-iam-consortia.md | 23 + docker/notice-iam.md | 23 + .../catenax-central/rc/CX-Central-realm.json | 17223 +++++++++++++++ .../stable/CX-Central-realm.json | 17224 ++++++++++++++++ .../catenax-shared/rc/App-Provider-realm.json | 2159 ++ .../catenax-shared/rc/CX-Operator-realm.json | 2159 ++ .../rc/CX-Test-Access-realm.json | 2310 +++ .../catenax-shared/rc/Company-1-realm.json | 2192 ++ .../catenax-shared/rc/Company-2-realm.json | 2183 ++ .../rc/Security-Company-realm.json | 2182 ++ .../rc/Service-Provider-realm.json | 2159 ++ .../catenax-shared/rc/master-realm.json | 4985 +++++ .../stable/App-Provider-realm.json | 2159 ++ .../stable/CX-Operator-realm.json | 2159 ++ .../stable/CX-Test-Access-realm.json | 2310 +++ .../stable/Company-1-realm.json | 2192 ++ .../stable/Company-2-realm.json | 2183 ++ .../stable/Security-Company-realm.json | 2182 ++ .../stable/Service-Provider-realm.json | 2159 ++ .../catenax-shared/stable/master-realm.json | 4985 +++++ 66 files changed, 77311 insertions(+), 575 deletions(-) create mode 100644 .github/pull_request_template.md rename .github/workflows/{cx-iam-beta.yml => cx-iam-consortia.yml} (51%) delete mode 100644 .github/workflows/cx-iam-dev.yml delete mode 100644 .github/workflows/cx-iam-int.yml delete mode 100644 .github/workflows/cx-iam-pen.yml delete mode 100644 .github/workflows/cx-iam-pre-prod.yml create mode 100644 consortia/argocd-app-templates/centralidp/appsetup-beta.yaml rename docker/Dockerfile.beta.import => consortia/argocd-app-templates/centralidp/appsetup-dev.yaml (61%) create mode 100644 consortia/argocd-app-templates/centralidp/appsetup-int.yaml create mode 100644 consortia/argocd-app-templates/centralidp/appsetup-pen.yaml create mode 100644 consortia/argocd-app-templates/centralidp/appsetup-rc.yaml create mode 100644 consortia/argocd-app-templates/centralidp/appsetup-stable.yaml create mode 100644 consortia/argocd-app-templates/centralidp/appsetup-templateconsortia.yaml create mode 100644 consortia/argocd-app-templates/centralidp/appsetup-templategeneric.yaml rename docker/Dockerfile.pen.import => consortia/argocd-app-templates/sharedidp/appsetup-beta.yaml (61%) create mode 100644 consortia/argocd-app-templates/sharedidp/appsetup-dev.yaml rename docker/Dockerfile.int.import => consortia/argocd-app-templates/sharedidp/appsetup-int.yaml (61%) create mode 100644 consortia/argocd-app-templates/sharedidp/appsetup-pen.yaml rename docker/Dockerfile.dev.import => consortia/argocd-app-templates/sharedidp/appsetup-rc.yaml (61%) create mode 100644 consortia/argocd-app-templates/sharedidp/appsetup-stable.yaml create mode 100644 consortia/argocd-app-templates/sharedidp/appsetup-templateconsortia.yaml create mode 100644 consortia/argocd-app-templates/sharedidp/appsetup-templategeneric.yaml create mode 100644 consortia/environments/centralidp/values-beta.yaml create mode 100644 consortia/environments/centralidp/values-dev.yaml create mode 100644 consortia/environments/centralidp/values-int.yaml create mode 100644 consortia/environments/centralidp/values-pen.yaml create mode 100644 consortia/environments/centralidp/values-rc.yaml create mode 100644 consortia/environments/centralidp/values-stable.yaml create mode 100644 consortia/environments/centralidp/values-templateconsortia.yaml create mode 100644 consortia/environments/centralidp/values-templategeneric.yaml create mode 100644 consortia/environments/sharedidp/values-beta.yaml create mode 100644 consortia/environments/sharedidp/values-dev.yaml create mode 100644 consortia/environments/sharedidp/values-int.yaml create mode 100644 consortia/environments/sharedidp/values-pen.yaml create mode 100644 consortia/environments/sharedidp/values-rc.yaml create mode 100644 consortia/environments/sharedidp/values-stable.yaml create mode 100644 consortia/environments/sharedidp/values-templateconsortia.yaml create mode 100644 consortia/environments/sharedidp/values-templategeneric.yaml create mode 100644 docker/Dockerfile.consortia.import delete mode 100644 docker/Dockerfile.pre-prod.import create mode 100644 docker/notice-iam-consortia.md create mode 100644 docker/notice-iam.md create mode 100644 import/realm-config/consortia/catenax-central/rc/CX-Central-realm.json create mode 100644 import/realm-config/consortia/catenax-central/stable/CX-Central-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/rc/App-Provider-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/rc/CX-Operator-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/rc/CX-Test-Access-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/rc/Company-1-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/rc/Company-2-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/rc/Security-Company-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/rc/Service-Provider-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/rc/master-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/stable/App-Provider-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/stable/CX-Operator-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/stable/CX-Test-Access-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/stable/Company-1-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/stable/Company-2-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/stable/Security-Company-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/stable/Service-Provider-realm.json create mode 100644 import/realm-config/consortia/catenax-shared/stable/master-realm.json diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..5e2891d9 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,24 @@ +## Description + +Please include a summary of the change. + +## Why + +Please include an explanation of why this change is necessary as well as relevant motivation and context. List any dependencies that are required for this change. + +## Issue + +Link to Github issue. + +## Checklist + +Please delete options that are not relevant. + +- [ ] I have followed the [contributing guidelines](https://github.com/eclipse-tractusx/portal-assets/blob/main/developer/Technical%20Documentation/Dev%20Process/How%20to%20contribute.md#commit-and-pr-guidelines) +- [ ] I have performed a self-review of my changes +- [ ] I have successfully tested my changes +- [ ] I have added comments in the default values.yaml file with helm-docs syntax ('# -- ') if relevant for installation +- [ ] I have commented my changes, particularly in hard-to-understand areas +- [ ] I have added a copyright and license header in all affected files +- [ ] I have performed [IP checks](https://eclipse-tractusx.github.io/docs/release/trg-7/trg-7-04#checking-libraries-using-the-eclipse-dash-license-tool) for added or updated 3rd party libraries +- [ ] I have created and linked IP issues or requested their creation by a committer diff --git a/.github/workflows/centralidp-chart-test.yaml b/.github/workflows/centralidp-chart-test.yaml index be973064..470f20ed 100644 --- a/.github/workflows/centralidp-chart-test.yaml +++ b/.github/workflows/centralidp-chart-test.yaml @@ -23,11 +23,24 @@ on: push: paths: - 'charts/centralidp/**' - branches: [main, helm-environments] + branches: [ main ] pull_request: paths: - 'charts/centralidp/**' workflow_dispatch: + inputs: + node_image: + description: 'kindest/node image for k8s kind cluster' + # k8s version from 3.1 release + default: 'kindest/node:v1.24.6' + required: false + type: string + upgrade_from: + description: 'portal chart version to upgrade from' + # centralidp version from 3.1 release + default: '1.1.0' + required: false + type: string jobs: lint-test: @@ -38,6 +51,12 @@ jobs: with: fetch-depth: 0 + - name: Kubernetes KinD Cluster + uses: container-tools/kind-action@v2 + with: + version: v0.19.0 + node_image: ${{ github.event.inputs.node_image || 'kindest/node:v1.24.6' }} + - name: Set up Helm uses: azure/setup-helm@v3 with: @@ -46,30 +65,35 @@ jobs: # Setup python as a prerequisite for chart linting - uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: '3.9' + check-latest: true - name: Set up chart-testing uses: helm/chart-testing-action@v2.3.1 - # - name: Run chart-testing (list-changed) - # id: list-changed - # run: | - # changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) - # if [[ -n "$changed" ]]; then - # echo "::set-output name=changed::true" - # fi + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> $GITHUB_OUTPUT + fi # run chart linting - name: Run chart-testing (lint) run: ct lint --charts charts/centralidp --config charts/chart-testing-config.yaml - # Preparing a kind cluster to install and test charts on - - name: Create kind cluster - uses: helm/kind-action@v1.4.0 - # if: steps.list-changed.outputs.changed == 'true' - - # install the chart to the kind cluster and run helm test # define charts to test with the --charts parameter - name: Run chart-testing (install) run: ct install --charts charts/centralidp --config charts/chart-testing-config.yaml - # if: steps.list-changed.outputs.changed == 'true' + if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true' + + # Upgrade the released centralidp chart version with the locally available chart + - name: Run helm upgrade + run: | + helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami + helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev + helm install centralidp tractusx-dev/centralidp --version ${{ github.event.inputs.upgrade_from || '1.1.0' }} + helm dependency update charts/centralidp + helm upgrade centralidp charts/centralidp + if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true' diff --git a/.github/workflows/cx-iam-beta.yml b/.github/workflows/cx-iam-consortia.yml similarity index 51% rename from .github/workflows/cx-iam-beta.yml rename to .github/workflows/cx-iam-consortia.yml index e1bdbdab..93d56c0d 100644 --- a/.github/workflows/cx-iam-beta.yml +++ b/.github/workflows/cx-iam-consortia.yml @@ -17,53 +17,61 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -name: IAM-BETA +name: IAM CONSORTIA on: push: tags: - - 'v*' + - 'v*.*.*' workflow_dispatch: +env: + IMAGE_NAMESPACE: "tractusx" + IMAGE_NAME: "portal-iam-consortia" + REF_NAME: "${{ github.ref_name }}" + jobs: build: - name: 90 iam-import image built + name: Build-and push image for init container runs-on: ubuntu-latest permissions: contents: read - packages: write - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}_iam-import-beta steps: - - name: Get tag name - id: git-tag - run: echo ::set-output name=git-version::${GITHUB_REF/refs\/tags\//} - - # Get the latest sources - name: Checkout uses: actions/checkout@v3 - - name: Login to GitHub Container Registry + - name: Login to DockerHub + if: github.event_name != 'pull_request' uses: docker/login-action@v2 with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} - - name: Extract Metadata (tags, labels) for Docker + - name: Docker meta id: meta uses: docker/metadata-action@v4 with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest + type=raw,value=${{ env.REF_NAME }} - # Build and push KeyCloak custom images for central and shared idp instances - - name: 'Build and push KeyCloak images' + - name: Build and push Keycloak init container uses: docker/build-push-action@v4 with: context: . - file: docker/Dockerfile.beta.import - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.git-tag.outputs.git-version }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + file: docker/Dockerfile.consortia.import + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + + # https://github.com/peter-evans/dockerhub-description + - name: Update Docker Hub description + if: github.event_name != 'pull_request' + uses: peter-evans/dockerhub-description@v3 + with: + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + readme-filepath: "./docker/notice-iam-consortia.md" diff --git a/.github/workflows/cx-iam-dev.yml b/.github/workflows/cx-iam-dev.yml deleted file mode 100644 index c44b7844..00000000 --- a/.github/workflows/cx-iam-dev.yml +++ /dev/null @@ -1,69 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -name: IAM-DEV - -on: - push: - tags: - - 'v*' - workflow_dispatch: - -jobs: - build: - name: 90 iam-import image built - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}_iam-import-dev - - steps: - - name: Get tag name - id: git-tag - run: echo ::set-output name=git-version::${GITHUB_REF/refs\/tags\//} - - # Get the latest sources - - name: Checkout - uses: actions/checkout@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - # Build and push KeyCloak custom images for central and shared idp instances - - name: 'Build and push KeyCloak images' - uses: docker/build-push-action@v4 - with: - context: . - file: docker/Dockerfile.dev.import - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.git-tag.outputs.git-version }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/cx-iam-int.yml b/.github/workflows/cx-iam-int.yml deleted file mode 100644 index 021809e2..00000000 --- a/.github/workflows/cx-iam-int.yml +++ /dev/null @@ -1,69 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -name: IAM-INT - -on: - push: - tags: - - 'v*' - workflow_dispatch: - -jobs: - build: - name: 90 iam-import image built - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}_iam-import-int - - steps: - - name: Get tag name - id: git-tag - run: echo ::set-output name=git-version::${GITHUB_REF/refs\/tags\//} - - # Get the latest sources - - name: Checkout - uses: actions/checkout@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - # Build and push KeyCloak custom images for central and shared idp instances - - name: 'Build and push KeyCloak images' - uses: docker/build-push-action@v4 - with: - context: . - file: docker/Dockerfile.int.import - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.git-tag.outputs.git-version }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/cx-iam-pen.yml b/.github/workflows/cx-iam-pen.yml deleted file mode 100644 index 37a48e73..00000000 --- a/.github/workflows/cx-iam-pen.yml +++ /dev/null @@ -1,69 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -name: IAM-PEN - -on: - push: - tags: - - 'v*' - workflow_dispatch: - -jobs: - build: - name: 90 iam-import image built - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}_iam-import-pen - - steps: - - name: Get tag name - id: git-tag - run: echo ::set-output name=git-version::${GITHUB_REF/refs\/tags\//} - - # Get the latest sources - - name: Checkout - uses: actions/checkout@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - # Build and push KeyCloak custom images for central and shared idp instances - - name: 'Build and push KeyCloak images' - uses: docker/build-push-action@v4 - with: - context: . - file: docker/Dockerfile.pen.import - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.git-tag.outputs.git-version }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/cx-iam-pre-prod.yml b/.github/workflows/cx-iam-pre-prod.yml deleted file mode 100644 index d1ee2e4e..00000000 --- a/.github/workflows/cx-iam-pre-prod.yml +++ /dev/null @@ -1,69 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -name: IAM-PRE-PROD - -on: - push: - tags: - - 'v*' - workflow_dispatch: - -jobs: - build: - name: 90 iam-import image built - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}_iam-import-pre-prod - - steps: - - name: Get tag name - id: git-tag - run: echo ::set-output name=git-version::${GITHUB_REF/refs\/tags\//} - - # Get the latest sources - - name: Checkout - uses: actions/checkout@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - # Build and push KeyCloak custom images for central and shared idp instances - - name: 'Build and push KeyCloak images' - uses: docker/build-push-action@v4 - with: - context: . - file: docker/Dockerfile.pre-prod.import - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.git-tag.outputs.git-version }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/cx-iam.yml b/.github/workflows/cx-iam.yml index e8efaeb9..c9a709b1 100644 --- a/.github/workflows/cx-iam.yml +++ b/.github/workflows/cx-iam.yml @@ -22,46 +22,57 @@ name: IAM on: push: tags: - - 'v*' + - 'v*.*.*' + - '!v*.*.*-consortia' workflow_dispatch: +env: + IMAGE_NAMESPACE: "tractusx" + IMAGE_NAME: "portal-iam" + REF_NAME: "${{ github.ref_name }}" + jobs: build: - name: Iam-import image build + name: Build-and push image for init container runs-on: ubuntu-latest permissions: contents: read - packages: write - env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}_iam-import steps: - - name: Get tag name - id: git-tag - run: echo ::set-output name=git-version::${GITHUB_REF/refs\/tags\//} - - name: Checkout uses: actions/checkout@v3 - - name: Login to GitHub Container Registry + - name: Login to DockerHub + if: github.event_name != 'pull_request' uses: docker/login-action@v2 with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} - - name: Extract Metadata (tags, labels) for Docker + - name: Docker meta id: meta uses: docker/metadata-action@v4 with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest + type=raw,value=${{ env.REF_NAME }} - - name: Build and push Keycloak custom image + - name: Build and push Keycloak init container uses: docker/build-push-action@v4 with: context: . file: docker/Dockerfile.import - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.git-tag.outputs.git-version }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + + # https://github.com/peter-evans/dockerhub-description + - name: Update Docker Hub description + if: github.event_name != 'pull_request' + uses: peter-evans/dockerhub-description@v3 + with: + username: ${{ secrets.DOCKER_HUB_USER }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }} + readme-filepath: "./docker/notice-iam.md" diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 4c6ce80d..a4b08bf9 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -21,7 +21,7 @@ name: "KICS" on: push: - branches: [main, helm-environments] + branches: [ main ] # pull_request: # The branches below must be a subset of the branches above # branches: [main, master] diff --git a/.github/workflows/sharedidp-chart-test.yaml b/.github/workflows/sharedidp-chart-test.yaml index 4750d357..b5295004 100644 --- a/.github/workflows/sharedidp-chart-test.yaml +++ b/.github/workflows/sharedidp-chart-test.yaml @@ -23,11 +23,24 @@ on: push: paths: - 'charts/sharedidp/**' - branches: [main, helm-environments] + branches: [ main ] pull_request: paths: - 'charts/sharedidp/**' workflow_dispatch: + inputs: + node_image: + description: 'kindest/node image for k8s kind cluster' + # k8s version from 3.1 release + default: 'kindest/node:v1.24.6' + required: false + type: string + upgrade_from: + description: 'portal chart version to upgrade from' + # sharedidp version from 3.1 release + default: '1.1.0' + required: false + type: string jobs: lint-test: @@ -38,6 +51,12 @@ jobs: with: fetch-depth: 0 + - name: Kubernetes KinD Cluster + uses: container-tools/kind-action@v2 + with: + version: v0.19.0 + node_image: ${{ github.event.inputs.node_image || 'kindest/node:v1.24.6' }} + - name: Set up Helm uses: azure/setup-helm@v3 with: @@ -46,30 +65,35 @@ jobs: # Setup python as a prerequisite for chart linting - uses: actions/setup-python@v4 with: - python-version: 3.7 + python-version: '3.9' + check-latest: true - name: Set up chart-testing uses: helm/chart-testing-action@v2.3.1 - # - name: Run chart-testing (list-changed) - # id: list-changed - # run: | - # changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) - # if [[ -n "$changed" ]]; then - # echo "::set-output name=changed::true" - # fi + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> $GITHUB_OUTPUT + fi # run chart linting - name: Run chart-testing (lint) run: ct lint --charts charts/sharedidp --config charts/chart-testing-config.yaml - # Preparing a kind cluster to install and test charts on - - name: Create kind cluster - uses: helm/kind-action@v1.4.0 - # if: steps.list-changed.outputs.changed == 'true' - - # install the chart to the kind cluster and run helm test # define charts to test with the --charts parameter - name: Run chart-testing (install) run: ct install --charts charts/sharedidp --config charts/chart-testing-config.yaml - # if: steps.list-changed.outputs.changed == 'true' + if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true' + + # Upgrade the released sharedidp chart version with the locally available chart + - name: Run helm upgrade + run: | + helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami + helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev + helm install sharedidp tractusx-dev/sharedidp --version ${{ github.event.inputs.upgrade_from || '1.1.0' }} + helm dependency update charts/sharedidp + helm upgrade sharedidp charts/sharedidp + if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true' diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 33047c61..3a1edc67 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -21,7 +21,7 @@ name: "Trivy" on: push: - branches: [ main, helm-environments ] + branches: [ main ] # pull_request: # The branches below must be a subset of the branches above # branches: [ main, master ] @@ -35,8 +35,9 @@ on: # Trigger manually env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} + IMAGE_NAMESPACE: "tractusx" + IMAGE_NAME: "portal-iam" + IMAGE_NAME_CONSORTIA: "portal-iam-consortia" jobs: analyze-config: @@ -67,7 +68,7 @@ jobs: with: sarif_file: "trivy-results1.sarif" - analyze-portal-iam_iam-import: + analyze-portal-iam-import: runs-on: ubuntu-latest permissions: actions: read @@ -88,7 +89,7 @@ jobs: uses: aquasecurity/trivy-action@master with: # Path to Docker image - image-ref: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}_iam-import:latest" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}:latest" format: "sarif" output: "trivy-results2.sarif" exit-code: "1" @@ -100,7 +101,7 @@ jobs: with: sarif_file: "trivy-results2.sarif" - analyze-portal-iam_iam-import-dev: + analyze-portal-iam_consortia-import: runs-on: ubuntu-latest permissions: actions: read @@ -121,7 +122,7 @@ jobs: uses: aquasecurity/trivy-action@master with: # Path to Docker image - image-ref: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}_iam-import-dev:latest" + image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME_CONSORTIA }}:latest" format: "sarif" output: "trivy-results3.sarif" exit-code: "1" @@ -132,135 +133,3 @@ jobs: uses: github/codeql-action/upload-sarif@v2 with: sarif_file: "trivy-results3.sarif" - - analyze-portal-iam_iam-import-int: - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # It's also possible to scan your private registry with Trivy's built-in image scan. - # All you have to do is set ENV vars. - # Docker Hub needs TRIVY_USERNAME and TRIVY_PASSWORD. - # You don't need to set ENV vars when downloading from a public repository. - # For public images, no ENV vars must be set. - - name: Run Trivy vulnerability scanner - if: always() - uses: aquasecurity/trivy-action@master - with: - # Path to Docker image - image-ref: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}_iam-import-int:latest" - format: "sarif" - output: "trivy-results4.sarif" - exit-code: "1" - severity: "CRITICAL,HIGH" - - - name: Upload Trivy scan results to GitHub Security tab - if: always() - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: "trivy-results4.sarif" - - analyze-portal-iam_iam-import-pen: - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # It's also possible to scan your private registry with Trivy's built-in image scan. - # All you have to do is set ENV vars. - # Docker Hub needs TRIVY_USERNAME and TRIVY_PASSWORD. - # You don't need to set ENV vars when downloading from a public repository. - # For public images, no ENV vars must be set. - - name: Run Trivy vulnerability scanner - if: always() - uses: aquasecurity/trivy-action@master - with: - # Path to Docker image - image-ref: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}_iam-import-pen:latest" - format: "sarif" - output: "trivy-results5.sarif" - exit-code: "1" - severity: "CRITICAL,HIGH" - - - name: Upload Trivy scan results to GitHub Security tab - if: always() - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: "trivy-results5.sarif" - - analyze-portal-iam_iam-import-beta: - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # It's also possible to scan your private registry with Trivy's built-in image scan. - # All you have to do is set ENV vars. - # Docker Hub needs TRIVY_USERNAME and TRIVY_PASSWORD. - # You don't need to set ENV vars when downloading from a public repository. - # For public images, no ENV vars must be set. - - name: Run Trivy vulnerability scanner - if: always() - uses: aquasecurity/trivy-action@master - with: - # Path to Docker image - image-ref: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}_iam-import-beta:latest" - format: "sarif" - output: "trivy-results6.sarif" - exit-code: "1" - severity: "CRITICAL,HIGH" - - - name: Upload Trivy scan results to GitHub Security tab - if: always() - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: "trivy-results6.sarif" - - analyze-portal-iam_iam-import-pre-prod: - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # It's also possible to scan your private registry with Trivy's built-in image scan. - # All you have to do is set ENV vars. - # Docker Hub needs TRIVY_USERNAME and TRIVY_PASSWORD. - # You don't need to set ENV vars when downloading from a public repository. - # For public images, no ENV vars must be set. - - name: Run Trivy vulnerability scanner - if: always() - uses: aquasecurity/trivy-action@master - with: - # Path to Docker image - image-ref: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}_iam-import-pre-prod:latest" - format: "sarif" - output: "trivy-results7.sarif" - exit-code: "1" - severity: "CRITICAL,HIGH" - - - name: Upload Trivy scan results to GitHub Security tab - if: always() - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: "trivy-results7.sarif" diff --git a/README.md b/README.md index 9cb8289a..3f49be00 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,7 @@ The repository is split up in: * The helm charts to deploy the CX Keycloak instances * The CX specific configuration (e.g. keycloak-themes and initial realm-config) * The dockerfile (Dockerfile.import) to build an image containing the CX specific configuration which is used as init container at Keycloak startup +* The CX consortia specific configuration For further information please refer to the chart specific README files, available under the following directories: @@ -22,4 +23,22 @@ For further information please refer to the chart specific README files, availab * [Installation](./charts/sharedidp/README.md#installation) * [Post-Install Configuration](./charts/sharedidp/README.md#post-install-configuration) -The referenced container images are for demonstration purposes only. +## Notice for Docker images + +This application provides container images (init containers only) for demonstration purposes. + +DockerHub: + +* https://hub.docker.com/r/tractusx/portal-iam +* https://hub.docker.com/r/tractusx/portal-iam-consortia + +Base image: alpinelinux/docker-alpine:3.17 + +* Dockerfile: [alpinelinux/docker-alpine:3.17](https://github.com/alpinelinux/docker-alpine/blob/681b8c677aaed66e48a5ce721509647bd4dcd017/x86_64/Dockerfile) +* GitHub project: [https://github.com/alpinelinux/docker-alpine](https://github.com/alpinelinux/docker-alpine)) +* DockerHub: [https://hub.docker.com/_/alpine](https://hub.docker.com/_/alpine) + +## License + +Distributed under the Apache 2.0 License. +See [LICENSE](./LICENSE) for more information. diff --git a/consortia/argocd-app-templates/centralidp/appsetup-beta.yaml b/consortia/argocd-app-templates/centralidp/appsetup-beta.yaml new file mode 100644 index 00000000..196a3e96 --- /dev/null +++ b/consortia/argocd-app-templates/centralidp/appsetup-beta.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: centralidp +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/centralidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/centralidp/values-beta.yaml' + project: project-portal diff --git a/docker/Dockerfile.beta.import b/consortia/argocd-app-templates/centralidp/appsetup-dev.yaml similarity index 61% rename from docker/Dockerfile.beta.import rename to consortia/argocd-app-templates/centralidp/appsetup-dev.yaml index 6005a289..4932a4bc 100644 --- a/docker/Dockerfile.beta.import +++ b/consortia/argocd-app-templates/centralidp/appsetup-dev.yaml @@ -17,16 +17,22 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM alpine:3.17 - -# temp fix for CVE-2023-0286 -RUN apk upgrade --no-cache libssl3 libcrypto3 - -RUN mkdir import - -RUN chown -R 1000:3000 /import -USER 1000:3000 - -COPY import/keycloak-themes/ import/themes -COPY import/realm-config/consortia/catenax-central/beta/ import/catenax-central/realms -COPY import/realm-config/consortia/catenax-shared/beta/ import/catenax-shared/realms +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: centralidp +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/centralidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: main + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/centralidp/values-dev.yaml' + project: project-portal diff --git a/consortia/argocd-app-templates/centralidp/appsetup-int.yaml b/consortia/argocd-app-templates/centralidp/appsetup-int.yaml new file mode 100644 index 00000000..34f2f22a --- /dev/null +++ b/consortia/argocd-app-templates/centralidp/appsetup-int.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: centralidp +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/centralidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/centralidp/values-int.yaml' + project: project-portal diff --git a/consortia/argocd-app-templates/centralidp/appsetup-pen.yaml b/consortia/argocd-app-templates/centralidp/appsetup-pen.yaml new file mode 100644 index 00000000..e92941f5 --- /dev/null +++ b/consortia/argocd-app-templates/centralidp/appsetup-pen.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: centralidp-pen +spec: + destination: + namespace: product-portal-pen + server: 'https://kubernetes.default.svc' + source: + path: charts/centralidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/centralidp/values-pen.yaml' + project: project-portal diff --git a/consortia/argocd-app-templates/centralidp/appsetup-rc.yaml b/consortia/argocd-app-templates/centralidp/appsetup-rc.yaml new file mode 100644 index 00000000..78869c29 --- /dev/null +++ b/consortia/argocd-app-templates/centralidp/appsetup-rc.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: centralidp-rc +spec: + destination: + namespace: product-iam + server: 'https://kubernetes.default.svc' + source: + path: charts/centralidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/centralidp/values-rc.yaml' + project: project-portal diff --git a/consortia/argocd-app-templates/centralidp/appsetup-stable.yaml b/consortia/argocd-app-templates/centralidp/appsetup-stable.yaml new file mode 100644 index 00000000..137f6dc9 --- /dev/null +++ b/consortia/argocd-app-templates/centralidp/appsetup-stable.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: centralidp +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/centralidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/centralidp/values-stable.yaml' + project: project-portal diff --git a/consortia/argocd-app-templates/centralidp/appsetup-templateconsortia.yaml b/consortia/argocd-app-templates/centralidp/appsetup-templateconsortia.yaml new file mode 100644 index 00000000..e64102b8 --- /dev/null +++ b/consortia/argocd-app-templates/centralidp/appsetup-templateconsortia.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: centralidp-templateconsortia +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/centralidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/centralidp/values-templateconsortia.yaml' + project: project-portal diff --git a/consortia/argocd-app-templates/centralidp/appsetup-templategeneric.yaml b/consortia/argocd-app-templates/centralidp/appsetup-templategeneric.yaml new file mode 100644 index 00000000..1d653d65 --- /dev/null +++ b/consortia/argocd-app-templates/centralidp/appsetup-templategeneric.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: centralidp-templategeneric +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/centralidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/centralidp/values-templategeneric.yaml' + project: project-portal diff --git a/docker/Dockerfile.pen.import b/consortia/argocd-app-templates/sharedidp/appsetup-beta.yaml similarity index 61% rename from docker/Dockerfile.pen.import rename to consortia/argocd-app-templates/sharedidp/appsetup-beta.yaml index 90e8c4af..39f78e7b 100644 --- a/docker/Dockerfile.pen.import +++ b/consortia/argocd-app-templates/sharedidp/appsetup-beta.yaml @@ -17,16 +17,22 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM alpine:3.17 - -# temp fix for CVE-2023-0286 -RUN apk upgrade --no-cache libssl3 libcrypto3 - -RUN mkdir import - -RUN chown -R 1000:3000 /import -USER 1000:3000 - -COPY import/keycloak-themes/ import/themes -COPY import/realm-config/consortia/catenax-central/pen/ import/catenax-central/realms -COPY import/realm-config/consortia/catenax-shared/pen/ import/catenax-shared/realms +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: sharedidp +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/sharedidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-beta.yaml' + project: project-portal \ No newline at end of file diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-dev.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-dev.yaml new file mode 100644 index 00000000..24af86f3 --- /dev/null +++ b/consortia/argocd-app-templates/sharedidp/appsetup-dev.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: sharedidp +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/sharedidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: helm-environments + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-dev.yaml' + project: project-portal \ No newline at end of file diff --git a/docker/Dockerfile.int.import b/consortia/argocd-app-templates/sharedidp/appsetup-int.yaml similarity index 61% rename from docker/Dockerfile.int.import rename to consortia/argocd-app-templates/sharedidp/appsetup-int.yaml index 42317030..9d710146 100644 --- a/docker/Dockerfile.int.import +++ b/consortia/argocd-app-templates/sharedidp/appsetup-int.yaml @@ -17,16 +17,22 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM alpine:3.17 - -# temp fix for CVE-2023-0286 -RUN apk upgrade --no-cache libssl3 libcrypto3 - -RUN mkdir import - -RUN chown -R 1000:3000 /import -USER 1000:3000 - -COPY import/keycloak-themes/ import/themes -COPY import/realm-config/consortia/catenax-central/int/ import/catenax-central/realms -COPY import/realm-config/consortia/catenax-shared/int/ import/catenax-shared/realms +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: sharedidp +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/sharedidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-int.yaml' + project: project-portal \ No newline at end of file diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-pen.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-pen.yaml new file mode 100644 index 00000000..802d9467 --- /dev/null +++ b/consortia/argocd-app-templates/sharedidp/appsetup-pen.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: sharedidp-pen +spec: + destination: + namespace: product-portal-pen + server: 'https://kubernetes.default.svc' + source: + path: charts/sharedidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-pen.yaml' + project: project-portal \ No newline at end of file diff --git a/docker/Dockerfile.dev.import b/consortia/argocd-app-templates/sharedidp/appsetup-rc.yaml similarity index 61% rename from docker/Dockerfile.dev.import rename to consortia/argocd-app-templates/sharedidp/appsetup-rc.yaml index 670201fe..49350f0c 100644 --- a/docker/Dockerfile.dev.import +++ b/consortia/argocd-app-templates/sharedidp/appsetup-rc.yaml @@ -17,16 +17,22 @@ # SPDX-License-Identifier: Apache-2.0 ############################################################### -FROM alpine:3.17 - -# temp fix for CVE-2023-0286 -RUN apk upgrade --no-cache libssl3 libcrypto3 - -RUN mkdir import - -RUN chown -R 1000:3000 /import -USER 1000:3000 - -COPY import/keycloak-themes/ import/themes -COPY import/realm-config/consortia/catenax-central/dev/ import/catenax-central/realms -COPY import/realm-config/consortia/catenax-shared/dev/ import/catenax-shared/realms +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: sharedidp-rc +spec: + destination: + namespace: product-iam + server: 'https://kubernetes.default.svc' + source: + path: charts/sharedidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-rc.yaml' + project: project-portal \ No newline at end of file diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-stable.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-stable.yaml new file mode 100644 index 00000000..ff691000 --- /dev/null +++ b/consortia/argocd-app-templates/sharedidp/appsetup-stable.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: sharedidp +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/sharedidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-stable.yaml' + project: project-portal \ No newline at end of file diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-templateconsortia.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-templateconsortia.yaml new file mode 100644 index 00000000..b026a50c --- /dev/null +++ b/consortia/argocd-app-templates/sharedidp/appsetup-templateconsortia.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: sharedidp-templateconsortia +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/sharedidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-templateconsortia.yaml' + project: project-portal \ No newline at end of file diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-templategeneric.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-templategeneric.yaml new file mode 100644 index 00000000..c927554d --- /dev/null +++ b/consortia/argocd-app-templates/sharedidp/appsetup-templategeneric.yaml @@ -0,0 +1,38 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: sharedidp-templategeneric +spec: + destination: + namespace: product-portal + server: 'https://kubernetes.default.svc' + source: + path: charts/sharedidp + repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' + targetRevision: v1.1.0-consortia + plugin: + env: + - name: AVP_SECRET + value: vault-secret + - name: helm_args + value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-templategeneric.yaml' + project: project-portal \ No newline at end of file diff --git a/consortia/environments/centralidp/values-beta.yaml b/consortia/environments/centralidp/values-beta.yaml new file mode 100644 index 00000000..8e3d5f46 --- /dev/null +++ b/consortia/environments/centralidp/values-beta.yaml @@ -0,0 +1,75 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes + mountPath: "/opt/bitnami/keycloak/themes/catenax-central" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes..." + cp -R /import/themes/catenax-central/* /themes + echo "Copying realms..." + cp -R /import/catenax-central/beta/realms/* /realms + volumeMounts: + - name: themes + mountPath: "/themes" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: centralidp.beta.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://centralidp.beta.demo.catena-x.net + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" diff --git a/consortia/environments/centralidp/values-dev.yaml b/consortia/environments/centralidp/values-dev.yaml new file mode 100644 index 00000000..2d4f0496 --- /dev/null +++ b/consortia/environments/centralidp/values-dev.yaml @@ -0,0 +1,75 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes + mountPath: "/opt/bitnami/keycloak/themes/catenax-central" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:latest + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes..." + cp -R /import/themes/catenax-central/* /themes + echo "Copying realms..." + cp -R /import/catenax-central/dev/realms/* /realms + volumeMounts: + - name: themes + mountPath: "/themes" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: centralidp.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://centralidp.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" diff --git a/consortia/environments/centralidp/values-int.yaml b/consortia/environments/centralidp/values-int.yaml new file mode 100644 index 00000000..2ef1695f --- /dev/null +++ b/consortia/environments/centralidp/values-int.yaml @@ -0,0 +1,75 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes + mountPath: "/opt/bitnami/keycloak/themes/catenax-central" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes..." + cp -R /import/themes/catenax-central/* /themes + echo "Copying realms..." + cp -R /import/catenax-central/int/realms/* /realms + volumeMounts: + - name: themes + mountPath: "/themes" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: centralidp.int.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://centralidp.int.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" diff --git a/consortia/environments/centralidp/values-pen.yaml b/consortia/environments/centralidp/values-pen.yaml new file mode 100644 index 00000000..2e626f8b --- /dev/null +++ b/consortia/environments/centralidp/values-pen.yaml @@ -0,0 +1,75 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes + mountPath: "/opt/bitnami/keycloak/themes/catenax-central" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes..." + cp -R /import/themes/catenax-central/* /themes + echo "Copying realms..." + cp -R /import/catenax-central/pen/realms/* /realms + volumeMounts: + - name: themes + mountPath: "/themes" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: centralidp-pen.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://centralidp-pen.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" diff --git a/consortia/environments/centralidp/values-rc.yaml b/consortia/environments/centralidp/values-rc.yaml new file mode 100644 index 00000000..2ed2766f --- /dev/null +++ b/consortia/environments/centralidp/values-rc.yaml @@ -0,0 +1,75 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes + mountPath: "/opt/bitnami/keycloak/themes/catenax-central" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes..." + cp -R /import/themes/catenax-central/* /themes + echo "Copying realms..." + cp -R /import/catenax-central/rc/realms/* /realms + volumeMounts: + - name: themes + mountPath: "/themes" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: centralidp-rc.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://centralidp-rc.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" diff --git a/consortia/environments/centralidp/values-stable.yaml b/consortia/environments/centralidp/values-stable.yaml new file mode 100644 index 00000000..a9d258d7 --- /dev/null +++ b/consortia/environments/centralidp/values-stable.yaml @@ -0,0 +1,75 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes + mountPath: "/opt/bitnami/keycloak/themes/catenax-central" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes..." + cp -R /import/themes/catenax-central/* /themes + echo "Copying realms..." + cp -R /import/catenax-central/stable/realms/* /realms + volumeMounts: + - name: themes + mountPath: "/themes" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: centralidp.stable.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://centralidp.stable.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" diff --git a/consortia/environments/centralidp/values-templateconsortia.yaml b/consortia/environments/centralidp/values-templateconsortia.yaml new file mode 100644 index 00000000..7085e74f --- /dev/null +++ b/consortia/environments/centralidp/values-templateconsortia.yaml @@ -0,0 +1,75 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes + mountPath: "/opt/bitnami/keycloak/themes/catenax-central" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes..." + cp -R /import/themes/catenax-central/* /themes + echo "Copying realms..." + cp -R /import/catenax-central/dev/realms/* /realms + volumeMounts: + - name: themes + mountPath: "/themes" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: centralidp-templateconsortia.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://centralidp-templateconsortia.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" diff --git a/consortia/environments/centralidp/values-templategeneric.yaml b/consortia/environments/centralidp/values-templategeneric.yaml new file mode 100644 index 00000000..6a2abf28 --- /dev/null +++ b/consortia/environments/centralidp/values-templategeneric.yaml @@ -0,0 +1,75 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes + mountPath: "/opt/bitnami/keycloak/themes/catenax-central" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes..." + cp -R /import/themes/catenax-central/* /themes + echo "Copying realms..." + cp -R /import/catenax-central/dev/realms/* /realms + volumeMounts: + - name: themes + mountPath: "/themes" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: centralidp-templategeneric.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://centralidp-templategeneric.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" diff --git a/consortia/environments/sharedidp/values-beta.yaml b/consortia/environments/sharedidp/values-beta.yaml new file mode 100644 index 00000000..53ece02b --- /dev/null +++ b/consortia/environments/sharedidp/values-beta.yaml @@ -0,0 +1,101 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes-catenax-shared + emptyDir: {} + - name: themes-catenax-shared-portal + emptyDir: {} + - name: realms + emptyDir: {} + - name: realm-secrets + secret: + secretName: secret-sharedidp-realms + extraVolumeMounts: + - name: themes-catenax-shared + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes-catenax-shared..." + cp -R /import/themes/catenax-shared/* /themes-catenax-shared + echo "Copying themes-catenax-shared-portal..." + cp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal + echo "Copying realms..." + cp -R /import/catenax-shared/beta/realms/* /realms + echo "Copying realms-secrets..." + cp /secrets/* /realms + volumeMounts: + - name: themes-catenax-shared + mountPath: "/themes-catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/themes-catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + ingress: + enabled: true + ingressClassName: nginx + hostname: sharedidp.beta.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://sharedidp.beta.demo.catena-x.net + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" + realmuser: + enabled: true + cxtestaccessuser: "" + company1user: "" + company2user: "" + securitycompany: "" + cxoperator: "" + serviceprovider: "" + appprovider: "" diff --git a/consortia/environments/sharedidp/values-dev.yaml b/consortia/environments/sharedidp/values-dev.yaml new file mode 100644 index 00000000..de55d96e --- /dev/null +++ b/consortia/environments/sharedidp/values-dev.yaml @@ -0,0 +1,101 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes-catenax-shared + emptyDir: {} + - name: themes-catenax-shared-portal + emptyDir: {} + - name: realms + emptyDir: {} + - name: realm-secrets + secret: + secretName: secret-sharedidp-realms + extraVolumeMounts: + - name: themes-catenax-shared + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:latest + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes-catenax-shared..." + cp -R /import/themes/catenax-shared/* /themes-catenax-shared + echo "Copying themes-catenax-shared-portal..." + cp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal + echo "Copying realms..." + cp -R /import/catenax-shared/dev/realms/* /realms + echo "Copying realms-secrets..." + cp /secrets/* /realms + volumeMounts: + - name: themes-catenax-shared + mountPath: "/themes-catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/themes-catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + ingress: + enabled: true + ingressClassName: nginx + hostname: sharedidp.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://sharedidp.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" + realmuser: + enabled: true + cxtestaccessuser: "" + company1user: "" + company2user: "" + securitycompany: "" + cxoperator: "" + serviceprovider: "" + appprovider: "" diff --git a/consortia/environments/sharedidp/values-int.yaml b/consortia/environments/sharedidp/values-int.yaml new file mode 100644 index 00000000..bb9f7641 --- /dev/null +++ b/consortia/environments/sharedidp/values-int.yaml @@ -0,0 +1,101 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes-catenax-shared + emptyDir: {} + - name: themes-catenax-shared-portal + emptyDir: {} + - name: realms + emptyDir: {} + - name: realm-secrets + secret: + secretName: secret-sharedidp-realms + extraVolumeMounts: + - name: themes-catenax-shared + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes-catenax-shared..." + cp -R /import/themes/catenax-shared/* /themes-catenax-shared + echo "Copying themes-catenax-shared-portal..." + cp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal + echo "Copying realms..." + cp -R /import/catenax-shared/int/realms/* /realms + echo "Copying realms-secrets..." + cp /secrets/* /realms + volumeMounts: + - name: themes-catenax-shared + mountPath: "/themes-catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/themes-catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + ingress: + enabled: true + ingressClassName: nginx + hostname: sharedidp.int.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://sharedidp.int.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" + realmuser: + enabled: true + cxtestaccessuser: "" + company1user: "" + company2user: "" + securitycompany: "" + cxoperator: "" + serviceprovider: "" + appprovider: "" diff --git a/consortia/environments/sharedidp/values-pen.yaml b/consortia/environments/sharedidp/values-pen.yaml new file mode 100644 index 00000000..707f3c2b --- /dev/null +++ b/consortia/environments/sharedidp/values-pen.yaml @@ -0,0 +1,104 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes-catenax-shared + emptyDir: {} + - name: themes-catenax-shared-portal + emptyDir: {} + - name: realms + emptyDir: {} + - name: realm-secrets + secret: + secretName: secret-sharedidp-realms + extraVolumeMounts: + - name: themes-catenax-shared + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes-catenax-shared..." + cp -R /import/themes/catenax-shared/* /themes-catenax-shared + echo "Copying themes-catenax-shared-portal..." + cp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal + echo "Copying realms..." + cp -R /import/catenax-shared/pen/realms/* /realms + echo "Copying realms-secrets..." + cp /secrets/* /realms + volumeMounts: + - name: themes-catenax-shared + mountPath: "/themes-catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/themes-catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + ingress: + enabled: true + ingressClassName: nginx + hostname: sharedidp-pen.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://sharedidp-pen.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" + realmuser: + enabled: true + cxtestaccessuser: "" + company1user: "" + company2user: "" + securitycompany: "" + serviceprovider: "" + approvider: "" + cxoperator: "" + cxoperator: "" + serviceprovider: "" + appprovider: "" diff --git a/consortia/environments/sharedidp/values-rc.yaml b/consortia/environments/sharedidp/values-rc.yaml new file mode 100644 index 00000000..0a633037 --- /dev/null +++ b/consortia/environments/sharedidp/values-rc.yaml @@ -0,0 +1,101 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes-catenax-shared + emptyDir: {} + - name: themes-catenax-shared-portal + emptyDir: {} + - name: realms + emptyDir: {} + - name: realm-secrets + secret: + secretName: secret-sharedidp-realms + extraVolumeMounts: + - name: themes-catenax-shared + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes-catenax-shared..." + cp -R /import/themes/catenax-shared/* /themes-catenax-shared + echo "Copying themes-catenax-shared-portal..." + cp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal + echo "Copying realms..." + cp -R /import/catenax-shared/rc/realms/* /realms + echo "Copying realms-secrets..." + cp /secrets/* /realms + volumeMounts: + - name: themes-catenax-shared + mountPath: "/themes-catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/themes-catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + ingress: + enabled: true + ingressClassName: nginx + hostname: sharedidp-rc.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://sharedidp-rc.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" + realmuser: + enabled: true + cxtestaccessuser: "" + company1user: "" + company2user: "" + securitycompany: "" + cxoperator: "" + serviceprovider: "" + appprovider: "" diff --git a/consortia/environments/sharedidp/values-stable.yaml b/consortia/environments/sharedidp/values-stable.yaml new file mode 100644 index 00000000..fae7350a --- /dev/null +++ b/consortia/environments/sharedidp/values-stable.yaml @@ -0,0 +1,101 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes-catenax-shared + emptyDir: {} + - name: themes-catenax-shared-portal + emptyDir: {} + - name: realms + emptyDir: {} + - name: realm-secrets + secret: + secretName: secret-sharedidp-realms + extraVolumeMounts: + - name: themes-catenax-shared + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes-catenax-shared..." + cp -R /import/themes/catenax-shared/* /themes-catenax-shared + echo "Copying themes-catenax-shared-portal..." + cp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal + echo "Copying realms..." + cp -R /import/catenax-shared/stable/realms/* /realms + echo "Copying realms-secrets..." + cp /secrets/* /realms + volumeMounts: + - name: themes-catenax-shared + mountPath: "/themes-catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/themes-catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + ingress: + enabled: true + ingressClassName: nginx + hostname: sharedidp.stable.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://sharedidp.stable.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" + realmuser: + enabled: true + cxtestaccessuser: "" + company1user: "" + company2user: "" + securitycompany: "" + cxoperator: "" + serviceprovider: "" + appprovider: "" diff --git a/consortia/environments/sharedidp/values-templateconsortia.yaml b/consortia/environments/sharedidp/values-templateconsortia.yaml new file mode 100644 index 00000000..7743168c --- /dev/null +++ b/consortia/environments/sharedidp/values-templateconsortia.yaml @@ -0,0 +1,101 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes-catenax-shared + emptyDir: {} + - name: themes-catenax-shared-portal + emptyDir: {} + - name: realms + emptyDir: {} + - name: realm-secrets + secret: + secretName: secret-sharedidp-realms + extraVolumeMounts: + - name: themes-catenax-shared + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes-catenax-shared..." + cp -R /import/themes/catenax-shared/* /themes-catenax-shared + echo "Copying themes-catenax-shared-portal..." + cp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal + echo "Copying realms..." + cp -R /import/catenax-shared/dev/realms/* /realms + echo "Copying realms-secrets..." + cp /secrets/* /realms + volumeMounts: + - name: themes-catenax-shared + mountPath: "/themes-catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/themes-catenax-shared-portal" + - name: realms + mountPath: "/realms" + - name: realm-secrets + mountPath: "/secrets" + ingress: + enabled: true + ingressClassName: nginx + hostname: sharedidp-templateconsortia.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://sharedidp-templateconsortia.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" + realmuser: + enabled: true + cxtestaccessuser: "" + company1user: "" + company2user: "" + securitycompany: "" + cxoperator: "" + serviceprovider: "" + appprovider: "" diff --git a/consortia/environments/sharedidp/values-templategeneric.yaml b/consortia/environments/sharedidp/values-templategeneric.yaml new file mode 100644 index 00000000..d3dcb8ef --- /dev/null +++ b/consortia/environments/sharedidp/values-templategeneric.yaml @@ -0,0 +1,85 @@ +############################################################### +# Copyright (c) 2021-2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +keycloak: + extraVolumes: + - name: themes-catenax-shared + emptyDir: {} + - name: themes-catenax-shared-portal + emptyDir: {} + - name: realms + emptyDir: {} + extraVolumeMounts: + - name: themes-catenax-shared + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/opt/bitnami/keycloak/themes/catenax-shared-portal" + - name: realms + mountPath: "/realms" + initContainers: + - name: import + image: tractusx/portal-iam-consortia:v1.1.0-consortia + imagePullPolicy: Always + command: + - sh + args: + - -c + - | + echo "Copying themes-catenax-shared..." + cp -R /import/themes/catenax-shared/* /themes-catenax-shared + echo "Copying themes-catenax-shared-portal..." + cp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal + echo "Copying realms..." + cp -R /import/catenax-shared/dev/realms/* /realms + volumeMounts: + - name: themes-catenax-shared + mountPath: "/themes-catenax-shared" + - name: themes-catenax-shared-portal + mountPath: "/themes-catenax-shared-portal" + - name: realms + mountPath: "/realms" + ingress: + enabled: true + ingressClassName: nginx + hostname: sharedidp-templategeneric.dev.demo.catena-x.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS + nginx.ingress.kubernetes.io/cors-allow-origin: https://sharedidp-templategeneric.dev.demo.catena-x.net, http://localhost:3000 + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/proxy-buffer-size: 128k + nginx.ingress.kubernetes.io/proxy-buffering: "on" + nginx.ingress.kubernetes.io/proxy-buffers-number: "20" + nginx.ingress.kubernetes.io/use-regex: "true" + tls: true + +secrets: + auth: + existingSecret: + adminpassword: "" + managementpassword: "" + postgresql: + auth: + existingSecret: + postgrespassword: "" + password: "" + replicationPassword: "" + realmuser: + enabled: false diff --git a/docker/Dockerfile.consortia.import b/docker/Dockerfile.consortia.import new file mode 100644 index 00000000..60f4f606 --- /dev/null +++ b/docker/Dockerfile.consortia.import @@ -0,0 +1,39 @@ +############################################################### +# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +############################################################### + +FROM alpine:3.17 + +RUN mkdir import + +RUN chown -R 1000:3000 /import +USER 1000:3000 + +COPY import/keycloak-themes/ import/themes +COPY import/realm-config/consortia/catenax-central/dev/ import/catenax-central/dev/realms +COPY import/realm-config/consortia/catenax-shared/dev/ import/catenax-shared/dev/realms +COPY import/realm-config/consortia/catenax-central/int/ import/catenax-central/int/realms +COPY import/realm-config/consortia/catenax-shared/int/ import/catenax-shared/int/realms +COPY import/realm-config/consortia/catenax-central/beta/ import/catenax-central/beta/realms +COPY import/realm-config/consortia/catenax-shared/beta/ import/catenax-shared/beta/realms +COPY import/realm-config/consortia/catenax-central/pen/ import/catenax-central/pen/realms +COPY import/realm-config/consortia/catenax-shared/pen/ import/catenax-shared/pen/realms +COPY import/realm-config/consortia/catenax-central/rc/ import/catenax-central/rc/realms +COPY import/realm-config/consortia/catenax-shared/rc/ import/catenax-shared/rc/realms +COPY import/realm-config/consortia/catenax-central/stable/ import/catenax-central/stable/realms +COPY import/realm-config/consortia/catenax-shared/stable/ import/catenax-shared/stable/realms diff --git a/docker/Dockerfile.pre-prod.import b/docker/Dockerfile.pre-prod.import deleted file mode 100644 index 106e7f5e..00000000 --- a/docker/Dockerfile.pre-prod.import +++ /dev/null @@ -1,32 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -FROM alpine:3.17 - -# temp fix for CVE-2023-0286 -RUN apk upgrade --no-cache libssl3 libcrypto3 - -RUN mkdir import - -RUN chown -R 1000:3000 /import -USER 1000:3000 - -COPY import/keycloak-themes/ import/themes -COPY import/realm-config/consortia/catenax-central/pre-prod/ import/catenax-central/realms -COPY import/realm-config/consortia/catenax-shared/pre-prod/ import/catenax-shared/realms diff --git a/docker/notice-iam-consortia.md b/docker/notice-iam-consortia.md new file mode 100644 index 00000000..a6f996d3 --- /dev/null +++ b/docker/notice-iam-consortia.md @@ -0,0 +1,23 @@ +## Notice for Docker image + +DockerHub: [https://hub.docker.com/r/tractusx/portal-iam-consortia](https://hub.docker.com/r/tractusx/portal-iam-consortia) + +Eclipse Tractus-X product(s) installed within the image: + +__Portal IAM Consortia__ + +- GitHub: https://github.com/eclipse-tractusx/portal-iam +- Project home: https://projects.eclipse.org/projects/automotive.tractusx +- Dockerfile: https://github.com/eclipse-tractusx/portal-iam/blob/main/docker/Dockerfile.consortia.import +- Project license: [Apache License, Version 2.0](https://github.com/eclipse-tractusx/portal-iam/blob/main/LICENSE) + +__Used base images__ + +- Dockerfile: [alpinelinux/docker-alpine:3.17](https://github.com/alpinelinux/docker-alpine/blob/681b8c677aaed66e48a5ce721509647bd4dcd017/x86_64/Dockerfile) +- GitHub project: [https://github.com/alpinelinux/docker-alpine](https://github.com/alpinelinux/docker-alpine) +- DockerHub: [https://hub.docker.com/_/alpine](https://hub.docker.com/_/alpine) + +As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). + +As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies +with any relevant licenses for all software contained within. diff --git a/docker/notice-iam.md b/docker/notice-iam.md new file mode 100644 index 00000000..dc9a6898 --- /dev/null +++ b/docker/notice-iam.md @@ -0,0 +1,23 @@ +## Notice for Docker image + +DockerHub: [https://hub.docker.com/r/tractusx/portal-iam](https://hub.docker.com/r/tractusx/portal-iam) + +Eclipse Tractus-X product(s) installed within the image: + +__Portal IAM__ + +- GitHub: https://github.com/eclipse-tractusx/portal-iam +- Project home: https://projects.eclipse.org/projects/automotive.tractusx +- Dockerfile: https://github.com/eclipse-tractusx/portal-iam/blob/main/docker/Dockerfile.import +- Project license: [Apache License, Version 2.0](https://github.com/eclipse-tractusx/portal-iam/blob/main/LICENSE) + +__Used base images__ + +- Dockerfile: [alpinelinux/docker-alpine:3.17](https://github.com/alpinelinux/docker-alpine/blob/681b8c677aaed66e48a5ce721509647bd4dcd017/x86_64/Dockerfile) +- GitHub project: [https://github.com/alpinelinux/docker-alpine](https://github.com/alpinelinux/docker-alpine) +- DockerHub: [https://hub.docker.com/_/alpine](https://hub.docker.com/_/alpine) + +As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained). + +As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies +with any relevant licenses for all software contained within. diff --git a/import/realm-config/consortia/catenax-central/rc/CX-Central-realm.json b/import/realm-config/consortia/catenax-central/rc/CX-Central-realm.json new file mode 100644 index 00000000..8f790c68 --- /dev/null +++ b/import/realm-config/consortia/catenax-central/rc/CX-Central-realm.json @@ -0,0 +1,17223 @@ +{ + "id": "CX-Central", + "realm": "CX-Central", + "displayName": "Catena-X Central", + "notBefore": 1660280763, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": true, + "refreshTokenMaxReuse": 1, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": false, + "duplicateEmailsAllowed": true, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "9ed742fe-ac2e-462c-ab1f-09895db556b6", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "fd7248cf-7b65-4dbf-ae84-7a967e8ec7c2", + "name": "user", + "description": "basic user", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "4c19f2aa-f9b9-473e-ba5c-46c2f4e52c8b", + "name": "default-roles-catena-x realm", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "realm-management": [ + "manage-users", + "view-clients" + ], + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "1ec798aa-cd95-43bd-9494-b1883e451fbb", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + } + ], + "client": { + "sa-cl6-cx-10": [], + "sa-cl3-cx-2": [], + "sa-cl6-cx-11": [], + "sa-cl6-cx-12": [], + "sa-cl6-cx-13": [], + "sa-cl6-cx-14": [], + "SAP-Login": [], + "sa-cl3-cx-1": [], + "sa-cl6-cx-16": [], + "sa-cl6-cx-17": [], + "sa-cl10-cx-1": [], + "Cl16-CX-BPDMGate-Portal": [ + { + "id": "94d85051-81d3-4c48-99de-7a808376ff32", + "name": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "17cdc8bc-0081-4fbd-8d28-969881e68507", + "attributes": {} + }, + { + "id": "b37b3f91-126f-4908-a0cd-56d5eebf25d1", + "name": "view_shared_data", + "composite": false, + "clientRole": true, + "containerId": "17cdc8bc-0081-4fbd-8d28-969881e68507", + "attributes": {} + }, + { + "id": "7c22a374-987c-4360-abc0-38d9efb7a137", + "name": "update_company_data", + "composite": false, + "clientRole": true, + "containerId": "17cdc8bc-0081-4fbd-8d28-969881e68507", + "attributes": {} + } + ], + "sa-cl6-cx-21": [], + "sa-cl6-cx-22": [], + "realm-management": [ + { + "id": "aafa6845-0920-4013-a283-594c9dc7ac32", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "08811aa8-7a05-489d-9f5e-bd51fd39fbc3", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "172dbf29-cc79-438f-9f56-24d0941f04ea", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "6ecdc37e-e84c-4b2f-b7f8-950ad361b831", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "3bc03769-6258-4202-9f83-2f9f33821ccb", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "93db5b47-913a-4c45-a227-33f0b5c90701", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "8cce49c4-c187-4573-ad0d-fddabc764ab3", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "a2621233-2118-44ef-aa5b-c1c75854e395", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "fa001419-f155-4709-af5a-7753fa0d5798", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "257abe39-01cd-44d1-96c3-e179d83effb6", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "ad4b404c-de7f-4224-bb64-fc132a6c54c1", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-realm", + "manage-realm", + "impersonation", + "manage-events", + "view-users", + "create-client", + "view-events", + "query-clients", + "view-identity-providers", + "manage-users", + "query-realms", + "manage-identity-providers", + "view-authorization", + "view-clients", + "manage-authorization", + "query-users", + "manage-clients", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "13ba5952-cd79-4aea-9511-0741b2578980", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "9842d196-88db-4df8-9c99-e383fa2e1b95", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "14d19c59-046b-4772-8c2d-9dc1ccc82f46", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "01feddbc-f742-42a9-ba3c-64f8ac2d5ba3", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "f36cf8ec-3f54-4df5-80e6-36b44c0b1803", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "b0c29452-6401-4f9d-a808-25b861c19006", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "acf55e28-5dad-462b-abf5-51f598a7b8e8", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "08547466-edfb-4676-9fb5-e4f4a6ee7363", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + } + ], + "sa-cl6-cx-23": [], + "sa-cl6-cx-24": [], + "sa-cl6-cx-25": [], + "sa-cl6-cx-26": [], + "sa-cl6-cx-27": [], + "sa-cl6-cx-28": [], + "sa-cl1-cx-1": [], + "sa-cl6-cx-20": [], + "sa-cl6-cx-18": [], + "sa-cl6-cx-19": [], + "Cl13-CX-Battery": [ + { + "id": "663693ff-4509-4b04-a260-635a66f421d9", + "name": "Dismantler", + "composite": false, + "clientRole": true, + "containerId": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", + "attributes": {} + }, + { + "id": "0137339a-51f8-408c-adbe-5df3ab6f72e2", + "name": "Recycler", + "composite": false, + "clientRole": true, + "containerId": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", + "attributes": {} + }, + { + "id": "450eb8ef-4407-445c-8808-f2cc8a6982ee", + "name": "OEM", + "composite": false, + "clientRole": true, + "containerId": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", + "attributes": {} + } + ], + "sa-cl2-02": [], + "sa-cl2-01": [], + "Cl10-CX-BPDMShare": [], + "sa-cl2-03": [], + "account-console": [], + "Cl17-CX-Part": [ + { + "id": "98e9e3cd-6b11-440a-8405-126971c54244", + "name": "Supervisor", + "composite": false, + "clientRole": true, + "containerId": "6493bcd5-a1ee-47f0-bec3-a1436f4d8b10", + "attributes": {} + }, + { + "id": "3435cb3e-588f-4415-ba72-200638ec893d", + "name": "Admin", + "composite": false, + "clientRole": true, + "containerId": "6493bcd5-a1ee-47f0-bec3-a1436f4d8b10", + "attributes": {} + }, + { + "id": "5a1480ee-c555-43fb-b380-fd172af0f5f3", + "name": "User", + "composite": false, + "clientRole": true, + "containerId": "6493bcd5-a1ee-47f0-bec3-a1436f4d8b10", + "attributes": {} + } + ], + "Cl15-CX-DFT": [ + { + "id": "628c82c5-aac7-413c-8257-547687785a2a", + "name": "User", + "composite": false, + "clientRole": true, + "containerId": "f864e14f-5f27-4d1d-8f91-2d2a983e163c", + "attributes": {} + } + ], + "technical_roles_management": [ + { + "id": "4ab4e352-bb16-47d3-a9cf-44730df6737b", + "name": "Connector User", + "composite": true, + "composites": { + "client": { + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", + "name": "BPDM Management", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "delete_company_data", + "add_company_data", + "view_company_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "20f2c41a-dacd-4505-877a-bb899066a767", + "name": "BPDM Pool", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", + "composite": false, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", + "name": "BPDM Partner Gate", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "view_company_data", + "update_company_data", + "view_shared_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "08604187-8eef-435a-8116-ccc187b8e897", + "name": "App Tech User", + "composite": true, + "composites": { + "client": { + "Cl6-CX-DAPS": [ + "create_daps_client" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ], + "Cl2-CX-Portal": [ + "view_membership", + "view_connectors" + ], + "Cl20-CX-IRS": [ + "view_irs" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "01cbe8bf-7957-4b9f-ae79-66a068c2c7d9", + "name": "Service Management", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "add_service_offering", + "add_connectors", + "activate_subscription" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "view_connectors" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + } + ], + "sa-beta-cx7": [], + "sa-beta-cx6": [], + "sa-beta-cx5": [], + "sa-beta-cx4": [], + "sa-beta-cx3": [], + "sa-cl5-cx-1": [], + "sa-beta-cx2": [], + "sa-beta-cx1": [], + "sa-cl6-cx-01": [], + "Cl1-CX-Registration": [ + { + "id": "3c7b8dec-3ef8-4665-82a3-2d8aeed059d8", + "name": "view_documents", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "21fce69f-e42a-4f03-a47f-74441f5719c7", + "name": "view_company_roles", + "description": "View Company Roles and Descriptions", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "9fe7f83e-c5af-408f-9e02-66ca6d318d9b", + "name": "delete_documents", + "description": "delete_documents", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "009c93b3-8cb7-4961-9492-9d2fc9574583", + "name": "upload_documents", + "description": "User is able to upload documents in the registration service", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "9607136e-9daf-4057-9274-767d4de473ab", + "name": "add_company_data", + "description": "User is able to add / edit company data under the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "b1b1e25d-0e14-4fc0-882a-126f3f6cbbc0", + "name": "view_registration", + "description": "Permission to access & view the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "fd523149-5499-412d-82b0-d8aeccbb5c5e", + "name": "Company Admin", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "e5f03bf6-0b3c-4539-8873-d146bd18e504", + "name": "CX Admin", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "086cf0b0-7181-4a8a-89d3-137fd02e0847", + "name": "submit_registration", + "description": "User is able to submit the registration to Catena-X", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "87ecd7bb-039a-4e0a-a1a8-ca17b32d7891", + "name": "Signing Manager", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "e12709ce-c1fc-454a-a095-4088cab26539", + "name": "sign_consent", + "description": "User is able to confirm Terms & Conditions", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "461ea134-91cd-4482-a0cb-6f8406846807", + "name": "Legal Manager", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "44d50090-3343-48d8-9843-7eeb15276869", + "name": "invite_user", + "description": "User is able to add additional users to the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + } + ], + "broker": [ + { + "id": "d1330d07-b783-43ad-b545-85a230060023", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "03885031-084a-4317-aa51-de9b4acf8fa9", + "attributes": {} + } + ], + "sa-clx-cx-2": [], + "sa-clx-cx-1": [], + "Cl3-CX-Semantic": [ + { + "id": "beef62b1-2e1c-4fc2-8813-7f3981ebfde2", + "name": "view_semantic_model", + "description": "View existing data models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "fa8261a8-fe09-4867-a558-438737917185", + "name": "delete_semantic_model", + "description": "User can delete existing semantic models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "a46242a3-26db-4b86-b836-bf0339168c56", + "name": "add_semantic_model", + "description": "Add semantic model", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "f7d88948-b75d-4ed0-851d-b4c645ae27ca", + "name": "update_semantic_model", + "description": "User can update existing semantic models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + } + ], + "sa-cl1-reg-2": [], + "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ + { + "id": "af4e22d2-94c8-48cb-9c5e-fa8b47d74538", + "name": "EarthCommerce.Buyer", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "13510549-38f2-45bb-9e55-9477e35951b7", + "name": "CE.Dismantler.Purchase", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "5c63dd30-fc5c-439a-ad15-c04006cf9727", + "name": "EarthCommerce.UserRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "8b14d5c3-2722-48d9-b24d-1195a8d3b7da", + "name": "EC.Buyer.Manager", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "48503f8d-b755-4aba-a7d6-52cd2cb90058", + "name": "EarthCommerce.BuyerRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "50f5d4d7-63d4-4447-addb-02771ac093c5", + "name": "CE.Dismantler.Leader", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "f4840cd9-6d46-4743-be4a-88039df5c84a", + "name": "EarthCommerce.Advanced.BuyerRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "7e9c6415-776c-4fe5-86d2-3999c7e7078e", + "name": "CE.Dismantler.View", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "8de07354-c022-4724-aa41-2f3aee66f0db", + "name": "EarthCommerce.Content.Manager", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "eeb80e52-00f1-461c-bfd3-960a91f56fe8", + "name": "EarthCommerce.AdministratorRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "d838e0d7-2c9f-41dd-8989-23ef2051c39f", + "name": "EarthCommerce.Content.ManagerRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "77edbd2b-d31d-428b-8f52-dc356e36c27f", + "name": "EC.Buyer.buy", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + } + ], + "Cl6-CX-DAPS": [ + { + "id": "96c93605-67d4-4944-af56-30ca028e9b09", + "name": "create_daps_client", + "composite": false, + "clientRole": true, + "containerId": "28273f37-cff9-44c3-9731-2a7a63025d28", + "attributes": {} + } + ], + "security-admin-console": [], + "sa-cl16-cx-1": [], + "Cl2-CX-Portal": [ + { + "id": "39ff444c-888a-4bf6-b8e1-343b66f8a067", + "name": "decline_new_partner", + "description": "User can decline a partner application", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "46905bb9-8d3b-4666-891f-a67e8f963b3b", + "name": "view_documents", + "description": "User can view/download documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0769d6ca-3056-42da-84cd-35f2d535d79e", + "name": "delete_connectors", + "description": "Delete company connectors", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "54bd7ad1-0773-4c9e-b1be-5cf41faa1c05", + "name": "update_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d566bb6c-e621-4517-9322-26093231b77c", + "name": "Service Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "view_submitted_applications", + "delete_connectors", + "update_service_offering", + "view_technical_setup", + "view_tech_user_management", + "view_service_marketplace", + "CX User", + "view_service_offering", + "add_connectors", + "upload_documents", + "view_own_user_account", + "view_use_cases", + "view_idp", + "view_services", + "add_tech_user_management", + "view_membership", + "update_own_user_account", + "add_service_offering", + "view_service_subscriptions", + "activate_subscription", + "view_tech_roles", + "view_notifications", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "view_subscription", + "delete_notifications", + "view_connectors", + "view_partner_network" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4d1ca50b-8a6e-47ee-9a9b-ed5a919bc0d5", + "name": "invite_new_partner", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", + "name": "setup_client", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "34742e28-1497-4222-ad1f-93ab9feac92e", + "name": "view_app_subscription", + "description": "view app subscriptions in pending, active and inactive", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d41dd839-6562-4be4-8364-de787c367458", + "name": "delete_documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8cceb06a-fa9d-4251-a336-9173d268c6d3", + "name": "app_management", + "description": "can manage apps", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "1290996a-0229-49b8-8aa4-732f4d27f5fa", + "name": "view_company_data", + "description": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "ff9d65f5-dbdf-4971-8042-f36bb23cc52c", + "name": "approve_app_release", + "description": "User can approve apps to get released on the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "27521792-5070-4dd9-93ed-d4fea69877e2", + "name": "view_app_language", + "description": "View available app language", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c41486f4-86d3-4b9b-9fb0-ceeaaf718268", + "name": "modify_user_account", + "description": "Users with this right can modify users related to their company", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "03490917-fd0d-4893-b901-3a426d3958db", + "name": "App Developer", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "view_app_language", + "technical_roles_management", + "CX User", + "view_technical_setup", + "view_tech_user_management", + "edit_apps", + "app_management", + "view_use_cases", + "view_apps", + "view_tech_roles" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5c0d11f9-a90d-4960-9917-450b70b419f2", + "name": "Business Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "modify_user_account", + "view_dataspaces", + "add_user_account", + "filter_apps", + "view_apps", + "view_notifications", + "subscribe_apps", + "view_services", + "view_partner_network" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", + "name": "add_connectors", + "description": "Add new connector (registration and self-description)", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9f7a5a51-6a38-4d53-816a-6db01ef52111", + "name": "view_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "1d12d087-bcaf-4ad5-b21f-77fdce13b423", + "name": "view_user_management", + "description": "Users with this right can access the user management in CX", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "bcfd6c59-c999-440a-91ac-396a2b0322d4", + "name": "view_idp", + "description": "User can view IdP details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0cf91728-4ab6-413c-af72-4d8aee959c51", + "name": "add_apps", + "description": "Users with this role can publish new apps in the Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "146c2388-2e26-4505-b85d-6824a4f80a2e", + "name": "add_tech_user_management", + "description": "Create / request technical users for my org", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "15bd8123-3469-4505-93ff-a5bd3b929495", + "name": "subscribe_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0d41349d-30a8-42c1-9e1c-2b67d69fba30", + "name": "update_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b584419b-1973-4c80-b5f9-0d5989263bd4", + "name": "add_self_descriptions", + "description": "add self descriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f42c35ab-9a75-4be8-9c7d-3ca39a156eba", + "name": "view_user_account", + "description": "Users with this role can view the user account of others", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "e5267609-478c-40b6-bf96-6495bba42cd5", + "name": "view_service_subscriptions", + "description": "User is able to view service subscription under own service", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "065e25ce-29db-41f2-87aa-f4003d62df62", + "name": "activate_subscription", + "description": "Activation of subscriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0de2c803-1130-4ebf-9dfb-5016aadb9ca2", + "name": "setup_idp", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", + "name": "view_tech_roles", + "description": "View technical user roles", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", + "name": "view_client_roles", + "description": "Users with this right can view the client roles of an app", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9c81a6b2-737b-477c-9836-479605350a5f", + "name": "subscribe_service", + "description": "subscribe_service", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", + "name": "delete_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c78c4b1f-5578-4b31-8be4-c386fd58c55c", + "name": "view_subscription", + "description": "View my company subscriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f4eca60a-55c3-4b53-b3ee-f93a73d497f1", + "name": "delete_notifications", + "description": "User can delete notifications", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "cbf9e4ee-77f1-4310-b461-67995552324e", + "name": "view_submitted_applications", + "description": "Users with this right can view submitted applications and the respective application status", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c6e35f9f-f7c0-4899-9ce6-7cce7ea79304", + "name": "approve_new_partner", + "description": "User with this right can let new partners access the portal by approving the company registration request inside the admin board", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "67ac93fa-6616-466a-b1db-5293b13c15bb", + "name": "view_technical_setup", + "description": "Users with this right can setup EDC /IDP/etc.", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a34170d5-779d-489b-b2bb-e1b99b88b638", + "name": "view_tech_user_management", + "description": "View technical users", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5998f67b-b190-443d-ab9b-3e76bbd73cab", + "name": "add_user_account", + "description": "Users with this right can add user accounts under their CX company", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5654ef02-0b23-422e-8eb3-7bd95778db8f", + "name": "IT Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin", + "add_digital_twin" + ], + "Cl2-CX-Portal": [ + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "view_company_data", + "modify_user_account", + "disable_idp", + "add_connectors", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_tech_user_management", + "add_idp", + "delete_idp", + "view_membership", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "setup_idp", + "view_notifications", + "view_client_roles", + "delete_tech_user_management", + "my_user_account", + "view_apps", + "view_subscription", + "delete_notifications", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "add_semantic_model", + "update_semantic_model", + "view_semantic_model", + "delete_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f70ac54f-c8fa-4d87-b7a6-e5a8c028cafe", + "name": "Sales Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "subscribe_service", + "CX User", + "view_service_offering", + "view_service_subscriptions", + "activate_subscription", + "subscribe_apps", + "view_services" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", + "name": "delete_apps", + "description": "User with this role can delete apps published in the Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5bcbf360-c331-4fbf-b1d2-b16b1a1ec25a", + "name": "approve_service_release", + "description": "approve_service_release", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", + "name": "view_service_marketplace", + "description": "view_service_marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4581b083-0c1e-42a2-bb4c-85dfd14cfa23", + "name": "Company Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl2-CX-Portal": [ + "view_documents", + "delete_connectors", + "setup_client", + "view_app_subscription", + "delete_documents", + "view_company_data", + "view_app_language", + "modify_user_account", + "add_connectors", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_tech_user_management", + "subscribe_service_offering", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "setup_idp", + "view_tech_roles", + "view_client_roles", + "subscribe_service", + "delete_user_account", + "view_subscription", + "delete_notifications", + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "view_service_marketplace", + "view_service_offering", + "disable_idp", + "upload_documents", + "view_use_cases", + "subscribe_apps", + "view_services", + "add_idp", + "delete_idp", + "view_membership", + "view_dataspaces", + "filter_apps", + "view_notifications", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "view_apps", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "496ae7df-fabd-4977-bb81-d6eb96ad81ed", + "name": "CX User", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl2-CX-Portal": [ + "view_documents", + "view_membership", + "view_dataspaces", + "update_own_user_account", + "filter_apps", + "view_company_data", + "view_notifications", + "view_service_marketplace", + "view_service_offering", + "delete_own_user_account", + "my_user_account", + "view_own_user_account", + "view_apps", + "view_user_management", + "view_subscription", + "delete_notifications", + "view_services", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a1bc8bb5-03bb-465e-8795-c68e3920c51d", + "name": "view_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d9609443-abd1-462f-8881-3e7d8213d785", + "name": "disable_idp", + "description": "disable an assigned idp", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a5492307-2072-4c5d-9de3-f507f3d3302e", + "name": "App Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "add_apps", + "CX User", + "App Developer", + "add_user_account", + "edit_apps", + "activate_subscription", + "delete_apps", + "view_user_management" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "39c00d2f-491f-4658-96ef-9f47920afea6", + "name": "upload_documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", + "name": "view_use_cases", + "description": "Users can view available use cases in the network", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "51e6dede-686f-43d5-925a-693784f8a661", + "name": "subscribe_apps", + "description": "User is able to start the app subscription process", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", + "name": "view_services", + "description": "view service marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", + "name": "update_application_checklist_value", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9b440b50-0ddd-4a6f-9a22-24073aea801e", + "name": "add_idp", + "description": "User can create a new idp under his organisation", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c190da2a-aad4-4a02-9904-88207ba322a6", + "name": "delete_idp", + "description": "User can delete company idps", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8cebb227-d72c-428e-92fd-6b4c01cbb899", + "name": "view_membership", + "description": "view_membership", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "ee373634-1eb3-4702-a269-774f36f54453", + "name": "decline_service_release", + "description": "decline_service_release", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", + "name": "view_dataspaces", + "description": "View dataspace marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b06c2999-6008-4fb6-a22f-93fdac150656", + "name": "decline_app_release", + "description": "User can decline apps to not get released on the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "3a3af42c-c564-44ca-b83c-6d5c3bbd6087", + "name": "add_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", + "name": "filter_apps", + "description": "Users with this role can filter apps in the App Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "765bced5-b422-4f91-b35f-19d648595e6a", + "name": "Purchaser", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "subscribe_service_offering", + "CX User", + "view_app_subscription", + "subscribe_apps" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f9ec0166-c20b-4f1f-9f0d-11349fec657c", + "name": "view_notifications", + "description": "User can view notification details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "7b816094-20e7-44fb-a45f-3ecb9d9d7157", + "name": "CX Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "delete_company_data", + "add_company_data", + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "delete_wallet", + "add_wallet", + "view_wallet", + "update_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin", + "add_digital_twin" + ], + "Cl2-CX-Portal": [ + "decline_new_partner", + "view_documents", + "delete_connectors", + "update_service_offering", + "invite_new_partner", + "setup_client", + "view_app_subscription", + "delete_documents", + "app_management", + "view_company_data", + "approve_app_release", + "view_app_language", + "modify_user_account", + "add_connectors", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_apps", + "add_tech_user_management", + "subscribe_service_offering", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "view_service_subscriptions", + "activate_subscription", + "setup_idp", + "view_tech_roles", + "view_client_roles", + "subscribe_service", + "delete_user_account", + "view_subscription", + "delete_notifications", + "view_submitted_applications", + "approve_new_partner", + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "delete_apps", + "approve_service_release", + "view_service_marketplace", + "view_service_offering", + "disable_idp", + "upload_documents", + "view_use_cases", + "subscribe_apps", + "view_services", + "add_idp", + "delete_idp", + "view_membership", + "decline_service_release", + "view_dataspaces", + "decline_app_release", + "add_service_offering", + "filter_apps", + "view_notifications", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "create_notifications", + "edit_apps", + "view_apps", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "92b5a061-8e54-4562-a86c-94c0bacef12d", + "name": "technical_roles_management", + "description": "technical roles management", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4ac0c3dc-1401-4ed6-a5f8-d8e08e2f5c78", + "name": "delete_tech_user_management", + "description": "Delete a technical user", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", + "name": "my_user_account", + "description": "view my own user account details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "22b05ced-cd8e-4769-a368-b8266bf967ef", + "name": "create_notifications", + "description": "User can create notifications (ONLY FOR TEST REASONS)", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "13fe64aa-6de6-4b94-9e3d-af9b2c7f2917", + "name": "edit_apps", + "description": "Users with this role can edit apps which are published in the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "817fa189-808e-465c-b75d-838336ab7a84", + "name": "view_apps", + "description": "Users with this role can view apps in the App Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "e5ec6a66-8fad-4066-bcdd-92041f894831", + "name": "view_connectors", + "description": "Look up company connectors and their details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "104c094b-eaf5-4b0e-9758-f14dedf925da", + "name": "view_partner_network", + "description": "Partner Network view", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + } + ], + "Cl21-CX-DF": [ + { + "id": "44a9692a-6d97-4ce0-9d1c-bcdd273792a9", + "name": "view_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + }, + { + "id": "3bb6b58e-b10b-4705-aef9-56f359e46111", + "name": "delete_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + }, + { + "id": "518d41c9-c7c7-4ab4-be2b-2b467977ecc9", + "name": "add_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + } + ], + "sa-cl8-cx-1": [], + "Cl11-ADAC-Fleet": [ + { + "id": "95cea93b-ea55-4582-b70e-efc722ee462b", + "name": "customer", + "composite": false, + "clientRole": true, + "containerId": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "attributes": {} + }, + { + "id": "95b0f5d0-5ce8-4324-b8bc-76888fe1addf", + "name": "Admin", + "composite": true, + "composites": { + "client": { + "Cl11-ADAC-Fleet": [ + "admin" + ] + } + }, + "clientRole": true, + "containerId": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "attributes": {} + }, + { + "id": "4559a892-ff7f-48aa-a4d7-792a00c8937f", + "name": "oem", + "composite": false, + "clientRole": true, + "containerId": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "attributes": {} + }, + { + "id": "37c2f367-f03f-4808-ab73-4c470f178625", + "name": "admin", + "composite": false, + "clientRole": true, + "containerId": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "attributes": {} + } + ], + "Cl7-CX-BPDM": [ + { + "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", + "name": "delete_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", + "name": "add_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", + "name": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + } + ], + "admin-cli": [], + "Cl16-CX-BPDMGate": [ + { + "id": "891e715a-7fdb-4dbe-a177-998a383ee836", + "name": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", + "name": "update_company_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", + "name": "view_shared_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + } + ], + "sa-cl7-cx-1": [], + "sa-cl5-custodian-internaltest": [], + "sa-cl7-cx-2": [], + "sa-cl7-cx-3": [], + "sa-cl7-cx-4": [], + "sa-cl21-01": [], + "sa-cl7-cx-5": [], + "sa-cl7-cx-6": [], + "sa-cl7-cx-7": [], + "sa-cl5-custodian-3": [], + "Cl15-BOSCH-AFQM": [ + { + "id": "07e4c7f0-f7c1-420a-8788-81eb42b5a8cd", + "name": "AFQM_USER", + "composite": false, + "clientRole": true, + "containerId": "0cabe6af-0943-48ef-84cf-507a5b162aab", + "attributes": {} + } + ], + "sa-cl5-custodian-4": [], + "sa-cl5-custodian-1": [], + "sa-cl5-custodian-2": [], + "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com": [], + "urn:uuid:7bd86018-d0a2-421b-9e00-b77bab0838b1": [], + "sa-cl6-cx-4": [], + "sa-cl6-cx-3": [], + "sa-cl6-cx-2": [], + "sa-cl6-cx-1": [], + "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com": [ + { + "id": "9252617c-aed9-4ab3-9fe5-a2193fdcad65", + "name": "app_CatenaXUser", + "composite": false, + "clientRole": true, + "containerId": "2d1e3584-9954-4b7f-a58b-8820ca390799", + "attributes": {} + } + ], + "sa-cl6-cx-8": [], + "sa-cl6-cx-6": [], + "sa-cl6-cx-5": [], + "sa-cl22-01": [], + "Cl18-CX-Pal": [ + { + "id": "09a0aceb-f0e5-40de-a718-3d2f532183c8", + "name": "Viewer", + "composite": false, + "clientRole": true, + "containerId": "77d56420-d8d8-4eab-9af0-6b6bb27de356", + "attributes": {} + } + ], + "sa-cl6-cx-30": [], + "Cl22-CX-BPND": [ + { + "id": "798bcaf7-fec5-414f-91ef-352967bfd72a", + "name": "add_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + }, + { + "id": "07c35188-e159-4f5b-b05e-a393c5b8c115", + "name": "delete_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + }, + { + "id": "05bc014a-ce02-4965-bdea-34d5b206e0e5", + "name": "view_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + } + ], + "Cl12-CX-TestManager": [], + "sa-cl6-cx-29": [], + "Cl20-CX-IRS": [ + { + "id": "ee61636e-de19-41cb-be70-ec4c730c474c", + "name": "view_irs", + "description": "view_irs", + "composite": false, + "clientRole": true, + "containerId": "c154b82c-c760-4da5-8b27-7f45b39259e6", + "attributes": {} + } + ], + "Cl16-CX-CRisk": [ + { + "id": "3fc6e7e8-9115-4d0f-a0ab-3f950321af11", + "name": "Company Admin", + "description": "Company Admin", + "composite": false, + "clientRole": true, + "containerId": "9767ac38-506a-4d20-aeb7-0e40cd00e908", + "attributes": {} + }, + { + "id": "a8acd905-7c26-49fe-9910-11a0239bb39b", + "name": "User", + "composite": false, + "clientRole": true, + "containerId": "9767ac38-506a-4d20-aeb7-0e40cd00e908", + "attributes": {} + } + ], + "Cl5-CX-Custodian": [ + { + "id": "11c06d7d-8cab-42e8-b8bb-599940c61f2b", + "name": "delete_wallet", + "description": "User can delete his wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "7cbf7bf7-be0b-4372-9b5d-56bfcfad4ef7", + "name": "add_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "4e985f0a-4d33-409c-93a2-8d1b1de000e6", + "name": "delete_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "823ef0fd-ad22-4817-b31b-4638139b435c", + "name": "update_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "191ff80d-5525-4dc5-a761-80783a4d8c04", + "name": "add_wallet", + "description": "Add a new wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "d6521ed5-9154-49a8-9ac4-c0a12573b201", + "name": "view_wallet", + "description": "Can view own wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "dbdb11f0-f21a-4012-9610-43934407c309", + "name": "update_wallet", + "description": "Change existing wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "82b61160-ff26-4dd0-abf5-33d6ec57cdc7", + "name": "view_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + } + ], + "Cl9-CDQ-Fraud": [ + { + "id": "9f5d6884-a643-4846-bddc-39adeda9aef2", + "name": "fraud_app_manager", + "composite": false, + "clientRole": true, + "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", + "attributes": {} + }, + { + "id": "2d7ea02b-114a-40d6-9c2c-ef57cc7eef67", + "name": "fraud_app_user", + "composite": false, + "clientRole": true, + "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", + "attributes": {} + } + ], + "Cl4-CX-DigitalTwin": [ + { + "id": "6188b8f4-5d2c-41c7-a841-83fb8328f1ba", + "name": "add_digital_twin", + "description": "Users with this role can add digital twins in the digital twin registry", + "composite": false, + "clientRole": true, + "containerId": "0dec1120-c21e-42ad-a779-94fc36217072", + "attributes": {} + }, + { + "id": "7da8c3a4-faed-429e-945c-52ba37dbf9c7", + "name": "view_digital_twin", + "description": "Users with this role can view the digital twin registry in the Portal", + "composite": false, + "clientRole": true, + "containerId": "0dec1120-c21e-42ad-a779-94fc36217072", + "attributes": {} + }, + { + "id": "ecef749d-a16e-4bf3-914d-76a3f10fd892", + "name": "delete_digital_twin", + "description": "Users with this role can delete digital twins in the digital twin registry", + "composite": false, + "clientRole": true, + "containerId": "0dec1120-c21e-42ad-a779-94fc36217072", + "attributes": {} + }, + { + "id": "8543775d-2359-41cf-8bfe-cc78c12ba841", + "name": "update_digital_twin", + "description": "Users with this role can update digital twins in the digital twin registry", + "composite": false, + "clientRole": true, + "containerId": "0dec1120-c21e-42ad-a779-94fc36217072", + "attributes": {} + } + ], + "sa-cl6-cx-9": [], + "account": [ + { + "id": "9a1e745f-e0b5-4efc-9336-3ba403a79cb8", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "93070949-280d-4183-9761-94792722cc1d", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "20d5e725-3d3b-4bfe-9a62-5e650ae55b53", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "d0312a58-8fba-4fea-9a07-bd5e1515f9d8", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "1bc65f13-4eda-4954-9944-6699ec3913b3", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "8b60326c-d508-4563-a41f-7973383d7501", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "ef74a99a-0297-43c7-ae30-109c08a5aa69", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "4c19f2aa-f9b9-473e-ba5c-46c2f4e52c8b", + "name": "default-roles-catena-x realm", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "CX-Central" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "users": [ + { + "id" : "6529834b-a4c1-4b11-a200-d77e5fe7443f", + "createdTimestamp" : 1651814956235, + "username" : "app-provider.aa4b2a5d-2dc7-419c-a8ce-72886e0e32e9", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "App Provider", + "email" : "app-provider@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CSLL" ], + "organisation" : [ "App-Provider" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "App-Provider", + "userId" : "aa4b2a5d-2dc7-419c-a8ce-72886e0e32e9", + "userName" : "app-provider@cx.com" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "4a23930a-30b6-461c-9ad4-58d3e761a0b5", + "createdTimestamp" : 1652788390200, + "username" : "company-1.03b7feab-cc55-48cd-882a-0d8db03a8c8c", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "Company Admin", + "email" : "company.admin@cx.com", + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Company-1", + "userId" : "03b7feab-cc55-48cd-882a-0d8db03a8c8c", + "userName" : "company admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "ee93d4e6-2088-4352-b6e4-21f3fa7f390e", + "createdTimestamp" : 1652788086549, + "username" : "company-2.a81a425e-bdb4-482b-8535-a02c313c25af", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "Company Admin", + "email" : "companyadmin@cx.com", + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Company-2", + "userId" : "a81a425e-bdb4-482b-8535-a02c313c25af", + "userName" : "company admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "502dabcf-01c7-47d9-a88e-0be4279097b5", + "createdTimestamp" : 1651814956235, + "username" : "cx-operator.656e8a94-188b-4a3e-9eec-b45d8efd8347", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "CX Operator", + "email" : "cx-operator@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHL" ], + "organisation" : [ "CX-Operator" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Operator", + "userId" : "656e8a94-188b-4a3e-9eec-b45d8efd8347", + "userName" : "cx-operator@cx.com" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "93a03e4c-8ba5-4d81-93f9-4b065b005b33", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.08132c4c-146d-41ee-938a-09759783eea1", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "user", + "lastName" : "company 2", + "email" : "company2@user.de", + "attributes" : { + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "08132c4c-146d-41ee-938a-09759783eea1", + "userName" : "company 2 user" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl13-CX-Battery" : [ "Recycler" ], + "Cl3-CX-Semantic" : [ "view_semantic_model" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "623770c5-cf38-4b9f-9a35-f8b9ae972e2d", + "createdTimestamp" : 1652269150847, + "username" : "cx-test-access.0f3abd37-9b87-421c-81e7-14a612bab68c", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "CX User", + "email" : "cxuser@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001", "BPNL00000003CRHK" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "0f3abd37-9b87-421c-81e7-14a612bab68c", + "userName" : "cx user" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl15-CX-DFT" : [ "User" ], + "Cl9-CDQ-Fraud" : [ "fraud_app_user" ], + "Cl1-CX-Registration" : [ "CX Admin", "Company Admin" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "2772f485-b0e8-4fab-b5a8-3ed517c5c766", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.311963ed-9c58-44a6-8103-0b689cebaeaa", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "PartChain Three", + "email" : "partchain.three@cx.de", + "attributes" : { + "bpn" : [ "BPNL00000003CML1" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "311963ed-9c58-44a6-8103-0b689cebaeaa", + "userName" : "partchain.three@cx.de" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl17-CX-Part" : [ "Admin" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "e193b73c-f4ec-46c2-b686-5c77fe49135e", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.3d0f5663-2de1-4a08-a394-22d1d4248efc", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "PartChain One", + "email" : "partchain.one@cx.de", + "attributes" : { + "bpn" : [ "BPNL00000003CML1" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "3d0f5663-2de1-4a08-a394-22d1d4248efc", + "userName" : "partchain.one@cx.de" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl17-CX-Part" : [ "User" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "3d8142f1-860b-48aa-8c2b-1ccb18699f65", + "createdTimestamp" : 1652788477397, + "username" : "cx-test-access.6f25fc27-a5ec-4ad8-bd89-e05ca462c741", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "CX Admin", + "email" : "cxadmin@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHK" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "6f25fc27-a5ec-4ad8-bd89-e05ca462c741", + "userName" : "cx admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl16-CX-CRisk" : [ "Company Admin", "User" ], + "Cl9-CDQ-Fraud" : [ "fraud_app_manager", "fraud_app_user" ], + "technical_roles_management" : [ "BPDM Management" ], + "Cl1-CX-Registration" : [ "CX Admin" ], + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "cd863f9a-5a04-44d6-bf8e-9d76e37139b2", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.98715874-e65c-4780-95ad-fb4e8eb917a8", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "user", + "lastName" : "company 1", + "email" : "company1@user.de", + "attributes" : { + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "98715874-e65c-4780-95ad-fb4e8eb917a8", + "userName" : "company 1 user" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl13-CX-Battery" : [ "Dismantler" ], + "Cl3-CX-Semantic" : [ "view_semantic_model" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "47ea7f1f-f10d-4cb2-acaf-b77323ef25b3", + "createdTimestamp" : 1652269178374, + "username" : "cx-test-access.a0661e13-c74c-4b86-8151-ed1c348d0e69", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "Company Admin", + "email" : "companyadmin@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "a0661e13-c74c-4b86-8151-ed1c348d0e69", + "userName" : "company admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "def0d51e-0a78-4774-ab51-b19a0cbe9d94", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.f3d5e0c6-bb7b-4bb2-963f-3daffc90328d", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "PartChain Two", + "email" : "partchain.two@cx.de", + "attributes" : { + "bpn" : [ "BPNL00000003CML1" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "f3d5e0c6-bb7b-4bb2-963f-3daffc90328d", + "userName" : "partchain.two@cx.de" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl17-CX-Part" : [ "Supervisor" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "070e2c20-4b09-4670-84c8-af882589e7ea", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.f58e4a43-c560-443d-9b1e-fcb182682bcb", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "IT Admin", + "email" : "itadmin@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "keycloak-oidc" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "f58e4a43-c560-443d-9b1e-fcb182682bcb", + "userName" : "it admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "IT Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "18f1a488-06e9-4dc4-ad43-cfb9c9a0c7da", + "createdTimestamp" : 1652269150847, + "username" : "security-company.18f1a488-06e9-4dc4-ad43-cfb9c9a0c7db", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 1", + "lastName" : "CX User 1", + "email" : "cxuser-1@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001", "BPNL00000003CRHK" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "18f1a488-06e9-4dc4-ad43-cfb9c9a0c7db", + "userName" : "cx-user-1" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "22b92584-895a-442f-afe9-ed10fe997d94", + "createdTimestamp" : 1652269178374, + "username" : "security-company.22b92584-895a-442f-afe9-ed10fe997d95", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 1", + "lastName" : "Company Admin 1", + "email" : "companyadmin-1@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "22b92584-895a-442f-afe9-ed10fe997d95", + "userName" : "company-admin-1" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "3d064630-3736-477e-80e2-148faf1cd210", + "createdTimestamp" : 1651814956235, + "username" : "security-company.3d064630-3736-477e-80e2-148faf1cd211", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 1", + "lastName" : "IT Admin 1", + "email" : "itadmin-1@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "keycloak-oidc" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "3d064630-3736-477e-80e2-148faf1cd211", + "userName" : "it-admin-1" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "IT Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "4746cff4-7a64-4be8-a70e-cf762a7011b7", + "createdTimestamp" : 1651814956235, + "username" : "security-company.4746cff4-7a64-4be8-a70e-cf762a7011b8", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 2", + "lastName" : "IT Admin 2", + "email" : "itadmin-2@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "keycloak-oidc" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "4746cff4-7a64-4be8-a70e-cf762a7011b8", + "userName" : "it-admin-2" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "IT Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "555b0b81-6ead-4d3d-8d5d-41c07bb8cfbb", + "createdTimestamp" : 1652788477397, + "username" : "security-company.555b0b81-6ead-4d3d-8d5d-41c07bb8cfbc", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 1", + "lastName" : "CX Admin 1", + "email" : "cxadmin-1@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHK" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "555b0b81-6ead-4d3d-8d5d-41c07bb8cfbc", + "userName" : "cx-admin-1" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "CX Admin" ], + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "8b747479-5e22-4e9c-a0a4-a940e8ec0535", + "createdTimestamp" : 1652269150847, + "username" : "security-company.8b747479-5e22-4e9c-a0a4-a940e8ec0536", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 2", + "lastName" : "CX User 2", + "email" : "cxuser-2@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001", "BPNL00000003CRHK" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "8b747479-5e22-4e9c-a0a4-a940e8ec0536", + "userName" : "cx-user-2" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "cc860ece-ede3-4c03-86f9-28e23978b104", + "createdTimestamp" : 1652788477397, + "username" : "security-company.cc860ece-ede3-4c03-86f9-28e23978b105", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 2", + "lastName" : "CX Admin 2", + "email" : "cxadmin-2@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHK" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "cc860ece-ede3-4c03-86f9-28e23978b105", + "userName" : "cx-admin-2" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "CX Admin" ], + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "e5e403d5-3bd9-48f6-8931-7c0c717c3f40", + "createdTimestamp" : 1652269178374, + "username" : "security-company.e5e403d5-3bd9-48f6-8931-7c0c717c3f41", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 2", + "lastName" : "Company Admin 2", + "email" : "companyadmin-2@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "e5e403d5-3bd9-48f6-8931-7c0c717c3f41", + "userName" : "company-admin-2" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "8be5ee49-4b9c-4008-b641-138305430cc4", + "createdTimestamp" : 1651814956235, + "username" : "service-provider.dc438ad3-8bcf-49cc-beb0-437be2745720", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "Service Provider", + "email" : "service-provider@cx.com", + "attributes" : { + "bpn" : [ "BPNL07800HZ01643" ], + "organisation" : [ "Service-Provider" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Service-Provider", + "userId" : "dc438ad3-8bcf-49cc-beb0-437be2745720", + "userName" : "service-provider@cx.com" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, + { + "id": "02b171de-8b88-4d6e-a474-83d88cc743a0", + "createdTimestamp": 1668614896844, + "username": "service-account-sa-beta-cx1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx1", + "attributes": { + "bpn": [ + "BPNL0000000004WK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "1e749bed-5182-47c9-a4a3-d32b4dbc7db9", + "createdTimestamp": 1668615036611, + "username": "service-account-sa-beta-cx2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx2", + "attributes": { + "bpn": [ + "BPNL0000000002XY" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "82a42b46-912e-4be7-8983-84e04a920c5a", + "createdTimestamp": 1668615166988, + "username": "service-account-sa-beta-cx3", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx3", + "attributes": { + "bpn": [ + "BPNL0000000005VV" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "9680ddce-a38e-41a7-9d63-cf25fe11730e", + "createdTimestamp": 1668615267089, + "username": "service-account-sa-beta-cx4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx4", + "attributes": { + "bpn": [ + "BPNL0000000006V6" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "c323b0bd-ea82-42f8-84b8-83744dcd8db6", + "createdTimestamp": 1668615612880, + "username": "service-account-sa-beta-cx5", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx5", + "attributes": { + "bpn": [ + "BPNL0000000003X9" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "540c10ba-ed83-4ee6-8d7d-09e7a281c0b4", + "createdTimestamp": 1668615711719, + "username": "service-account-sa-beta-cx6", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx6", + "attributes": { + "bpn": [ + "BPNL0000000008TS" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "38c96e0e-8ccf-455d-8534-7fcbd5be98d9", + "createdTimestamp": 1668615800408, + "username": "service-account-sa-beta-cx7", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx7", + "attributes": { + "bpn": [ + "BPNL0000000007UH" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "5d1c5051-d9d9-4558-9c3c-78db197b2cdd", + "createdTimestamp": 1668499979859, + "username": "service-account-sa-cl10-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl10-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "BPDM Partner Gate" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "db62cbba-6237-435a-8a87-042ffbb79fd4", + "createdTimestamp": 1668499118676, + "username": "service-account-sa-cl16-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl16-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "BPDM Partner Gate" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "a6b48ac7-a4cb-4527-a5d3-4f52e9175e7a", + "createdTimestamp": 1663675052539, + "username": "service-account-sa-cl1-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl1-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl1-CX-Registration": [ + "Company Admin" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e69c1397-eee8-434a-b83b-dc7944bb9bdd", + "createdTimestamp": 1651730911692, + "username": "service-account-sa-cl1-reg-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl1-reg-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "realm-management": [ + "manage-identity-providers", + "manage-clients" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f0c69a64-dfbe-46e4-92db-75f6f4670909", + "createdTimestamp": 1676572155414, + "username": "service-account-sa-cl2-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_checklist_value" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "18c3a6b3-ecfe-4572-bbb4-af0c1823f206", + "createdTimestamp": 1676572207640, + "username": "service-account-sa-cl2-02", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-02", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_checklist_value" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "84db695c-ddb2-485e-bab1-0789de724037", + "createdTimestamp": 1681380138448, + "username": "service-account-sa-cl2-03", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-03", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "notBefore": 0, + "groups": [] + }, + { + "id": "56cab9c5-5f0f-44a1-8b4c-ecac09cb6d42", + "createdTimestamp": 1681915810810, + "username": "service-account-sa-cl21-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl21-01", + "attributes": { + "bpn": [ + "BPNL000560TEST01" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl21-CX-DF": [ + "view_discovery_endpoint", + "delete_discovery_endpoint", + "add_discovery_endpoint" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "d40538c7-e1e5-4ac0-89e3-0854fac31f40", + "createdTimestamp": 1681915925763, + "username": "service-account-sa-cl22-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl22-01", + "attributes": { + "bpn": [ + "BPNL00000007OP2K" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", + "createdTimestamp": 1658347753956, + "username": "service-account-sa-cl3-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl3-cx-1", + "attributes": { + "bpn": [ + "CAX0000000000001" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl3-CX-Semantic": [ + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "24be7ee7-0948-435e-84fe-dab3da395831", + "createdTimestamp": 1668612874208, + "username": "service-account-sa-cl3-cx-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl3-cx-2", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", + "createdTimestamp": 1651615151516, + "username": "service-account-sa-cl5-custodian-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "update_wallets", + "view_wallet", + "update_wallet", + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", + "createdTimestamp": 1657558751239, + "username": "service-account-sa-cl5-custodian-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "add_wallets", + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "0e1028a6-99c2-46ad-a323-9917ebe7346b", + "createdTimestamp": 1657571043337, + "username": "service-account-sa-cl5-custodian-3", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-3", + "attributes": { + "bpn": [ + "BPNL00000003BX33" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "300de02c-e667-4528-ac99-a3749c214bd2", + "createdTimestamp": 1657571107848, + "username": "service-account-sa-cl5-custodian-4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-4", + "attributes": { + "bpn": [ + "BPNL00000003AYRE" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "8b7b0192-b24f-41b3-b7b7-b49efcc49e34", + "createdTimestamp": 1654613733324, + "username": "service-account-sa-cl5-custodian-internaltest", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-internaltest", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "delete_wallet", + "add_wallets", + "delete_wallets", + "update_wallets", + "add_wallet", + "view_wallet", + "update_wallet", + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "7dfe07ab-29fe-404b-8528-fa11bf608757", + "createdTimestamp": 1652858406207, + "username": "service-account-sa-cl5-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl5-CX-Custodian": [ + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "50dfc73d-e0a1-4992-be95-75def1dadbfa", + "createdTimestamp": 1670491005383, + "username": "service-account-sa-cl6-cx-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl6-CX-DAPS": [ + "create_daps_client" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "22d4d18c-5e35-437d-8adc-4b47dca71cc2", + "createdTimestamp": 1651729631982, + "username": "service-account-sa-cl6-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-1", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "d127fde5-1645-4e8f-be89-fd3ca7ef156c", + "createdTimestamp": 1652049343884, + "username": "service-account-sa-cl6-cx-10", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-10", + "attributes": { + "bpn": [ + "BPNL00000003CML1" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl17-CX-Part": [ + "Supervisor" + ], + "technical_roles_management": [ + "App Tech User" + ], + "Cl20-CX-IRS": [ + "view_irs" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "50eadaf8-9ef9-43b0-93cd-70dbc02124bd", + "createdTimestamp": 1652049455795, + "username": "service-account-sa-cl6-cx-11", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-11", + "attributes": { + "bpn": [ + "BPNL00000003CSGV" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "a944c2da-d846-47dc-a72a-92573f450ec1", + "createdTimestamp": 1652221234622, + "username": "service-account-sa-cl6-cx-12", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-12", + "attributes": { + "bpn": [ + "BPNL00000003B2OM" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f593ea3d-111d-4b27-b081-321e6b19a844", + "createdTimestamp": 1652418651244, + "username": "service-account-sa-cl6-cx-13", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-13", + "attributes": { + "bpn": [ + "BPNL00000003AXS3" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "b74ce4aa-5936-40b5-b81b-a0326eb7e110", + "createdTimestamp": 1654844003153, + "username": "service-account-sa-cl6-cx-14", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-14", + "attributes": { + "bpn": [ + "BPNL00000003AVTH" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "9ea82701-4187-41a4-aad0-28be083d33ae", + "createdTimestamp": 1658820742562, + "username": "service-account-sa-cl6-cx-16", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-16", + "attributes": { + "bpn": [ + "BPNL00000003BR79" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "951fb175-5761-451e-9bba-a96ed9945511", + "createdTimestamp": 1659387083025, + "username": "service-account-sa-cl6-cx-17", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-17", + "attributes": { + "bpn": [ + "BPNL00000003B3NX" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "150315dd-bfbc-40eb-a539-819db115fe2d", + "createdTimestamp": 1659470433154, + "username": "service-account-sa-cl6-cx-18", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-18", + "attributes": { + "bpn": [ + "BPNL00000003CNKC" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "ebf26a6b-f24e-4d97-96ae-2aca92b4ed50", + "createdTimestamp": 1659529335924, + "username": "service-account-sa-cl6-cx-19", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-19", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "d6df2c49-804c-4b3e-afa5-b286c73d2428", + "createdTimestamp": 1651729457029, + "username": "service-account-sa-cl6-cx-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-2", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "notBefore": 0, + "groups": [] + }, + { + "id": "2cafc897-a180-4577-8dbd-6e45a86ec3e3", + "createdTimestamp": 1659609598988, + "username": "service-account-sa-cl6-cx-20", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-20", + "attributes": { + "bpn": [ + "BPNL00000000BJTL" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f52db6b1-567a-453f-9e40-1e2cf1dee59c", + "createdTimestamp": 1660194219883, + "username": "service-account-sa-cl6-cx-21", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-21", + "attributes": { + "bpn": [ + "BPNL00000003BR79" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "add_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "025bcf1a-c6b2-48b1-9d62-9699d3320f36", + "createdTimestamp": 1660242782083, + "username": "service-account-sa-cl6-cx-22", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-22", + "attributes": { + "bpn": [ + "BPNL000000002YWC" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "939b76fa-544d-417f-9de8-f87aec1a3bd1", + "createdTimestamp": 1660242891211, + "username": "service-account-sa-cl6-cx-23", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-23", + "attributes": { + "bpn": [ + "BPNL00000002HCQ9" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "da89aae0-bde8-4f01-8a4b-86a176d30ac7", + "createdTimestamp": 1660242966983, + "username": "service-account-sa-cl6-cx-24", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-24", + "attributes": { + "bpn": [ + "BPNL00000002HCQ9" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "51097613-12ba-439c-ac2c-f62f0c8f6c42", + "createdTimestamp": 1667856026656, + "username": "service-account-sa-cl6-cx-25", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-25", + "attributes": { + "bpn": [ + "BPNL00000000DFHO" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User", + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "049a47fa-e8dd-47ae-9cdb-34a8130af935", + "createdTimestamp": 1667856124971, + "username": "service-account-sa-cl6-cx-26", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-26", + "attributes": { + "bpn": [ + "BPNL00000000BSNC" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User", + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f96f772a-cc47-495d-ae00-0ecae173a850", + "createdTimestamp": 1667856184068, + "username": "service-account-sa-cl6-cx-27", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-27", + "attributes": { + "bpn": [ + "BPNL00000003AZQP" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e82b5ab1-7763-47e0-bf9a-a9103368d0a1", + "createdTimestamp": 1667856242451, + "username": "service-account-sa-cl6-cx-28", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-28", + "attributes": { + "bpn": [ + "BPNL00000003AZQP" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User", + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "431bd39d-f04d-4b99-a1ce-dc972b7f61b2", + "createdTimestamp": 1667856297338, + "username": "service-account-sa-cl6-cx-29", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-29", + "attributes": { + "bpn": [ + "BPNL000000000000" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User", + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "98d03ed3-02e2-4643-81c4-a011f0d47a6d", + "createdTimestamp": 1651729671532, + "username": "service-account-sa-cl6-cx-3", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-3", + "attributes": { + "bpn": [ + "BPNL00000003AYRE" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "eefdb17a-b59e-41c1-99db-a563c6e2a1dc", + "createdTimestamp": 1668590975255, + "username": "service-account-sa-cl6-cx-30", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-30", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "50c19120-550c-429a-b45c-fb402046d4be", + "createdTimestamp": 1651729685848, + "username": "service-account-sa-cl6-cx-4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-4", + "attributes": { + "bpn": [ + "BPNL00000003B2OM" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "6d0098ce-e569-4bff-a61e-c721dd7d5da7", + "createdTimestamp": 1651729695554, + "username": "service-account-sa-cl6-cx-5", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-5", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "330c164f-98db-4566-8135-e45e3ec1d0f3", + "createdTimestamp": 1651729708123, + "username": "service-account-sa-cl6-cx-6", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-6", + "attributes": { + "bpn": [ + "BPNL00000003B0Q0" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "b0297640-9074-4003-adb9-cbf9f23409a7", + "createdTimestamp": 1651729730658, + "username": "service-account-sa-cl6-cx-8", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-8", + "attributes": { + "bpn": [ + "BPNL00000003B5MJ" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "2c5e74e2-0561-46f9-b27e-beadb44f1f75", + "createdTimestamp": 1651613503558, + "username": "service-account-sa-cl6-cx-9", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-9", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "technical_roles_management": [ + "Connector User" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ], + "Cl20-CX-IRS": [ + "view_irs" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "b1d71881-2aa8-4a67-b8ce-c101d6290832", + "createdTimestamp": 1657541056572, + "username": "service-account-sa-cl7-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "1e60cc6d-17cd-442c-ace7-ec94067c5f85", + "createdTimestamp": 1658900179675, + "username": "service-account-sa-cl7-cx-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", + "createdTimestamp": 1664293185323, + "username": "service-account-sa-cl7-cx-3", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-3", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "add_company_data", + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", + "createdTimestamp": 1664293263973, + "username": "service-account-sa-cl7-cx-4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-4", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f014ed5d-9e05-4f29-a5c0-227c7e7b479e", + "createdTimestamp": 1670157703230, + "username": "service-account-sa-cl7-cx-5", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-5", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl16-CX-BPDMGate-Portal": [ + "view_company_data", + "view_shared_data", + "update_company_data" + ], + "Cl7-CX-BPDM": [ + "add_company_data", + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "07e82331-df27-4916-b5ef-0642aefb198a", + "createdTimestamp": 1677840583068, + "username": "service-account-sa-cl7-cx-6", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-6", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "26928428-c0db-4697-88c5-88a33971c8ec", + "createdTimestamp": 1679570125131, + "username": "service-account-sa-cl7-cx-7", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-7", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "BPDM Management", + "BPDM Partner Gate" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "dcb9a153-e1b4-4fac-bc51-7032023e9db9", + "createdTimestamp": 1675867052982, + "username": "service-account-sa-cl8-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl8-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "add_self_descriptions" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "2da67801-addd-4acb-a6b5-71a82ca050d1", + "createdTimestamp": 1651730995929, + "username": "service-account-sa-clx-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-clx-cx-1", + "attributes": { + "bpn": [ + "BPNL00000003AZQP" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "312a863c-dfa0-4445-97f8-e11fed985b0a", + "createdTimestamp": 1655449440789, + "username": "service-account-sa-clx-cx-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-clx-cx-2", + "attributes": { + "bpn": [ + "BPNL00000003AZQP" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "add_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "5a1ecaf3-ed06-42bd-8c43-25db90b5a91e", + "createdTimestamp": 1673212847656, + "username": "service-account-sap-login", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "SAP-Login", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "Cl16-CX-BPDMGate-Portal": [ + { + "client": "sa-cl7-cx-5", + "roles": [ + "update_company_data", + "view_shared_data", + "view_company_data" + ] + } + ], + "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ + { + "client": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", + "roles": [ + "EC.Buyer.Manager", + "EarthCommerce.Content.Manager", + "EarthCommerce.AdministratorRC_QAS2", + "CE.Dismantler.Leader", + "CE.Dismantler.View", + "EarthCommerce.Advanced.BuyerRC_QAS2", + "EarthCommerce.UserRC_QAS2", + "EarthCommerce.Content.ManagerRC_QAS2", + "EarthCommerce.Buyer", + "CE.Dismantler.Purchase", + "EarthCommerce.BuyerRC_QAS2", + "EC.Buyer.buy" + ] + } + ], + "Cl7-CX-BPDM": [ + { + "client": "sa-cl7-cx-5", + "roles": [ + "delete_company_data", + "add_company_data", + "view_company_data" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-1", + "roles": [ + "delete_wallets", + "update_wallets", + "view_wallets", + "add_wallets" + ] + }, + { + "client": "sa-cl5-custodian-2", + "roles": [ + "delete_wallet", + "delete_wallets", + "update_wallets", + "add_wallet", + "update_wallet", + "view_wallets", + "view_wallet", + "add_wallets" + ] + }, + { + "client": "sa-cl5-custodian-3", + "roles": [ + "delete_wallet", + "delete_wallets", + "update_wallets", + "add_wallet", + "update_wallet", + "view_wallets", + "view_wallet", + "add_wallets" + ] + }, + { + "client": "sa-cl5-custodian-4", + "roles": [ + "delete_wallet", + "delete_wallets", + "update_wallets", + "add_wallet", + "update_wallet", + "view_wallets", + "view_wallet", + "add_wallets" + ] + }, + { + "client": "sa-cl5-custodian-internaltest", + "roles": [ + "delete_wallets", + "update_wallets", + "view_wallets", + "add_wallets" + ] + } + ], + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ], + "Cl2-CX-Portal": [ + { + "client": "sa-cl2-01", + "roles": [ + "update_application_checklist_value" + ] + }, + { + "client": "sa-cl2-02", + "roles": [ + "update_application_checklist_value" + ] + }, + { + "client": "sa-cl8-cx-1", + "roles": [ + "add_self_descriptions" + ] + } + ] + }, + "clients": [ + { + "id": "60313b78-e131-4358-9817-163ee938cc59", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Central/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Central/account/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "edb1e627-426a-4593-93c0-e9b4bc45c4d6", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Central/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Central/account/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "pkce.code.challenge.method": "S256", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "62ea7826-6e5b-4200-8f5b-ff69b672d0a3", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "dc24237b-46fa-418b-a806-24d371e4385a", + "name": "idp mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "idp", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "38d072af-d85b-4b39-ad55-13ed5ce45791", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "03885031-084a-4317-aa51-de9b4acf8fa9", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b5e613bb-37a8-4e46-ae8a-64df3269dd3c", + "clientId": "Cl10-CX-BPDMShare", + "description": "BPDM Sharing Member Client for Cleanup Pipeline", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://partners-gate.dev.demo.catena-x.net/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "clientId": "Cl11-ADAC-Fleet", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "https://dtc.dev.adac.openresearch.com/*", + "https://dtc-translator.adac.openresearch.com/*", + "https://fleet.dev.adac.openresearch.com/*", + "https://fleet-management.adac.openresearch.com/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "367fc1b7-4b13-4d8e-8090-e7463b18a295", + "name": "organisation-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "organisation", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "organisation", + "jsonType.label": "String" + } + }, + { + "id": "52ef5f31-c541-45bd-b4c4-8fbf6f74e0bd", + "name": "tenant-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "tenant", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + }, + { + "id": "39b09e63-d335-42e3-a8e1-37ca2101f146", + "name": "audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl11-ADAC-Fleet", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2a82462c-5745-43bb-859c-f5a2e74611de", + "clientId": "Cl12-CX-TestManager", + "name": "Testdaten-Manager", + "description": "Testdaten Manager SSO", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", + "clientId": "Cl13-CX-Battery", + "description": "BatteryPass App - central hosted app", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://materialpass.dev.demo.catena-x.net/*", + "http://localhost:8080/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "a46ae678-a72c-4513-a5da-29aa773e058d", + "name": "Company-Role", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "aggregate.attrs": "true", + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "companyRole", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "companyRole", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0cabe6af-0943-48ef-84cf-507a5b162aab", + "clientId": "Cl15-BOSCH-AFQM", + "rootUrl": "", + "baseUrl": "https://portal-staging.afqm-services.com/postLogin", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://portal-staging.afqm-services.com/postLogin" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f864e14f-5f27-4d1d-8f91-2d2a983e163c", + "clientId": "Cl15-CX-DFT", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://dft.pen.int.demo.catena-x.net/*", + "http://localhost:3000/*", + "http://dft-dev.germanywestcentral.cloudapp.azure.com:8080/*", + "https://dft.dev.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "c6aa405c-6db3-4b1c-add9-d6d775e44b1d", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "113242f5-b582-44a5-9f83-2fd85c0772c8", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "clientId": "Cl16-CX-BPDMGate", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://partners-gate.dev.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "17cdc8bc-0081-4fbd-8d28-969881e68507", + "clientId": "Cl16-CX-BPDMGate-Portal", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://portal-gate.dev.demo.catena-x.net/", + "https://portal-gate.dev.demo.catena-x.net/" + ], + "webOrigins": [ + "*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "9767ac38-506a-4d20-aeb7-0e40cd00e908", + "clientId": "Cl16-CX-CRisk", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "https://country-risk-dashboard.dev.demo.catena-x.net/*", + "http://localhost:3000/*", + "https://vas-country-risk-backend.dev.demo.catena-x.net/swagger-ui/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3fa6ca31-a78a-4202-89ae-f09411156eb9", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "a9039faf-50e6-46d9-b697-c9154f61091e", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6493bcd5-a1ee-47f0-bec3-a1436f4d8b10", + "clientId": "Cl17-CX-Part", + "description": "Part Chain App - not 3rd Party managed, directly managed by CX", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://traceability-portal.dev.demo.catena-x.net/*", + "http://localhost:4200/*", + "https://traceability-portal-test.dev.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "c0b82ec1-f59a-4100-aa60-5b9402e05b99", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "18876433-abec-4c67-80f5-f29974c9cd82", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "77d56420-d8d8-4eab-9af0-6b6bb27de356", + "clientId": "Cl18-CX-Pal", + "description": "Palantir App Performance Monitor", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://catena-x.palantirfoundry.com/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "fde6064e-e2f6-4f09-a08d-1347ced3e34b", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "f135c8dd-5cdf-47cc-bfd4-b4c544d8b842", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "clientId": "Cl1-CX-Registration", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:3000/*", + "https://portal-rc.dev.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "71f9d485-62aa-41c2-a491-bcb47c447121", + "name": "idp mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "tenant", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + }, + { + "id": "4c180350-8f09-4eed-88f4-4b003a6b5fd1", + "name": "organisation-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "organisation", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "organisation", + "jsonType.label": "String" + } + }, + { + "id": "2b1dfde9-aff2-406b-b258-edbf574fc4dd", + "name": "audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl1-CX-Registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c154b82c-c760-4da5-8b27-7f45b39259e6", + "clientId": "Cl20-CX-IRS", + "description": "Decentral IRS Component for Traceability and CE Apps", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "clientId": "Cl21-CX-DF", + "description": "interim client, not prod relevant", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "clientId": "Cl22-CX-BPND", + "description": "interim client, bpn-discovery application (SPOC: Thomas Henn)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "clientId": "Cl2-CX-Portal", + "name": "", + "description": "", + "rootUrl": "https://portal-rc.dev.demo.catena-x.net/home", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "https://partners-pool.dev.demo.catena-x.net/*", + "https://portal-swagger.dev.demo.catena-x.net/*", + "http://localhost:3000/*", + "https://portal-rc.dev.demo.catena-x.net/*", + "https://catenax-bpdm-dev.demo.catena-x.net/*", + "https://partners-gate.dev.demo.catena-x.net/*", + "https://portal-rc.dev.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "35d0aa44-dd27-4dbd-8f3a-7047ae461fdd", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl1-CX-Registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "e97b646a-3753-4da5-b6f7-3a2860741b20", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl2-CX-Portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "clientId": "Cl3-CX-Semantic", + "rootUrl": "", + "adminUrl": "https://portal-rc.dev.demo.catena-x.net/home", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "http://localhost:3000/*", + "https://portal-rc.dev.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "1de1f28c-00d2-42b6-bc74-e57d8e73f7df", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "faf297ed-30d7-4e15-8051-40c540c14604", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0dec1120-c21e-42ad-a779-94fc36217072", + "clientId": "Cl4-CX-DigitalTwin", + "rootUrl": "", + "adminUrl": "https://portal-rc.dev.demo.catena-x.net/home", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "https://semantics.dev.demo.catena-x.net/*", + "http://localhost:3000/*", + "https://portal-rc.dev.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3974d007-3654-4798-a3dc-d22d0c98d482", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "714f381d-bc8c-47e7-aa8d-b0b357901eb0", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "clientId": "Cl5-CX-Custodian", + "name": "Cl5-CX-Custodian RC", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://managed-identity-wallets.dev.demo.catena-x.net/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "6f273a17-cf91-43dc-9dac-4ec36250d133", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "7a4001a7-aeaf-419c-ae46-6a190bc5e13f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9fd2abb2-445e-4622-a068-e3d48eb97634", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "roles" + ], + "optionalClientScopes": [] + }, + { + "id": "28273f37-cff9-44c3-9731-2a7a63025d28", + "clientId": "Cl6-CX-DAPS", + "name": "", + "description": "", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "2b2e7bb5-36bc-4987-9898-9525b66a2974", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl1-CX-Registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "bb04a584-6f4a-4172-a4ed-f0c228005689", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl2-CX-Portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "04cd6d38-674f-4588-980a-8f120bddcc44", + "clientId": "Cl7-CX-BPDM", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://partners-pool.dev.demo.catena-x.net/*", + "https://catenax-bpdm-dev.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "3fbe1a86-143d-4d52-8138-01aa23875664", + "clientId": "Cl9-CDQ-Fraud", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://fraud-dashboard.dev.demo.catena-x.net/*", + "https://keycloak.catenax-cdq.com/auth/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "clientId": "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com", + "name": "Cl10-SAP-CE", + "description": "SAP CE App - currently named as Circular Economy SAP (https://dismantler-cockpit.d13fe27.kyma.ondemand.com)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://ec-qas.d13fe27.kyma.ondemand.com/*", + "https://dismantler-cockpit.d13fe27.kyma.ondemand.com/*" + ], + "webOrigins": [ + "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", + "attributes": { + "saml.force.post.binding": "true", + "saml.multivalued.roles": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "saml.signing.certificate": "MIIDIDCCAgigAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMEcxRTBDBgNVBAMMPGh0dHBzOi8vY2F0ZW5heC1kdC1yZWMuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTAgFw0xNjAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFowRzFFMEMGA1UEAww8aHR0cHM6Ly9jYXRlbmF4LWR0LXJlYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubgGM9U3mgkLahIJ6M2LImFIcoLPXaCD+aw4hi68grZ89T5HGpqDtgxdvzVqnjJ1Qam0IUWRcu7XPACVOp6Ez3u2CzvjBlrW9gQbXbTl3urv8QTAmBDzO/F4tG0GInf5DyI6ln+HV6lgtCUEdBv9xmoGdlvM0rY1RTebmRU89kqL4NixdKDA5f7lt+geZZm+tQrxfpTapXRC5Bkg6b6TA5Hk4YhgiKfV/muuB9WJnhhovC8nqswqQEGm8+HZ9/7mPCG82x7z9I1c/XY2RR8JNxNd9UYgd87mdp3A395YZ121d2bI8gNDCEr+hirHFigH+F3oPs6Q4BwY/rvWnjVKfwIDAQABoxAwDjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAiiqpIbv8gsoPr2vnW1LSuWKp8nQHMpn6eWtqmbu3QRXKzcgNelveycWNWAT94Of0/qPsbtBTbzDSlj+wmh1sd8vBEfce5vsVAf2CfTC8djAKL8HFJSRPB1Hn49WfS+TflOo0B+8SGV51THQwJm7KdT9kNOaXJWuLgmOWY4q7JurTEbOzTke4OvWGy2Ag/uOaY6mxmoTcLLajOJQMTIXnLba+ggXLD4/4jWY1r3s5wzcwfTKcGigH2PpsPGmqjUPcM0Qh0UiD+UCiAgyAuOIRh1trpGXRJ3dBsC7y6W4hK0igU4zP4KpjLh1dLEgCnbUVI5dIlVVq0YQ6jj+TOGDBG", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml.signature.algorithm": "RSA_SHA256", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "true", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "true", + "saml_single_logout_service_url_post": "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/catenax-dt-rec.aws-live-eu10", + "saml.encrypt": "false", + "saml_assertion_consumer_url_post": "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-dt-rec.aws-live-eu10", + "saml.server.signature": "true", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding.identifier": "2ci7fiekIgS7KD2EZj7CfJjNXoY=", + "saml.artifact.binding": "false", + "saml_single_logout_service_url_redirect": "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/catenax-dt-rec.aws-live-eu10", + "saml_force_name_id_format": "false", + "saml.encryption.certificate": "MIIDIDCCAgigAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMEcxRTBDBgNVBAMMPGh0dHBzOi8vY2F0ZW5heC1kdC1yZWMuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTAgFw0xNjAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFowRzFFMEMGA1UEAww8aHR0cHM6Ly9jYXRlbmF4LWR0LXJlYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubgGM9U3mgkLahIJ6M2LImFIcoLPXaCD+aw4hi68grZ89T5HGpqDtgxdvzVqnjJ1Qam0IUWRcu7XPACVOp6Ez3u2CzvjBlrW9gQbXbTl3urv8QTAmBDzO/F4tG0GInf5DyI6ln+HV6lgtCUEdBv9xmoGdlvM0rY1RTebmRU89kqL4NixdKDA5f7lt+geZZm+tQrxfpTapXRC5Bkg6b6TA5Hk4YhgiKfV/muuB9WJnhhovC8nqswqQEGm8+HZ9/7mPCG82x7z9I1c/XY2RR8JNxNd9UYgd87mdp3A395YZ121d2bI8gNDCEr+hirHFigH+F3oPs6Q4BwY/rvWnjVKfwIDAQABoxAwDjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAiiqpIbv8gsoPr2vnW1LSuWKp8nQHMpn6eWtqmbu3QRXKzcgNelveycWNWAT94Of0/qPsbtBTbzDSlj+wmh1sd8vBEfce5vsVAf2CfTC8djAKL8HFJSRPB1Hn49WfS+TflOo0B+8SGV51THQwJm7KdT9kNOaXJWuLgmOWY4q7JurTEbOzTke4OvWGy2Ag/uOaY6mxmoTcLLajOJQMTIXnLba+ggXLD4/4jWY1r3s5wzcwfTKcGigH2PpsPGmqjUPcM0Qh0UiD+UCiAgyAuOIRh1trpGXRJ3dBsC7y6W4hK0igU4zP4KpjLh1dLEgCnbUVI5dIlVVq0YQ6jj+TOGDBG", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "true", + "display.on.consent.screen": "false", + "saml_name_id_format": "email", + "saml.onetimeuse.condition": "false", + "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "db86018e-b8d1-4b71-a377-ef3733201db7", + "name": "X500 surname", + "protocol": "saml", + "protocolMapper": "saml-user-property-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "user.attribute": "lastName", + "friendly.name": "surname", + "attribute.name": "urn:oid:2.5.4.4" + } + }, + { + "id": "4ea0328c-2a90-4202-935e-cf811d9a12aa", + "name": "X500 givenName", + "protocol": "saml", + "protocolMapper": "saml-user-property-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "user.attribute": "firstName", + "friendly.name": "givenName", + "attribute.name": "urn:oid:2.5.4.42" + } + }, + { + "id": "41421449-b7eb-42ef-8410-9b7506d4b709", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "true", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "99cd3fe6-148e-438b-8f06-1345bf6c7e62", + "name": "X500 email", + "protocol": "saml", + "protocolMapper": "saml-user-property-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "user.attribute": "email", + "friendly.name": "email", + "attribute.name": "urn:oid:1.2.840.113549.1.9.1" + } + }, + { + "id": "0ea4e3df-487f-475a-9945-3bf0849b99e1", + "name": "organisation-mapper", + "protocol": "saml", + "protocolMapper": "saml-user-attribute-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "Basic", + "user.attribute": "organisation", + "attribute.name": "organisation" + } + }, + { + "id": "5b964b1e-d4ef-4de4-a99f-0d03edd811d2", + "name": "tenant-mapper", + "protocol": "saml", + "protocolMapper": "saml-user-attribute-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "Basic", + "user.attribute": "tenant", + "attribute.name": "tenant" + } + } + ], + "defaultClientScopes": [ + "role_list" + ], + "optionalClientScopes": [] + }, + { + "id": "6a9209c2-ec16-476b-9a9f-61474610b790", + "clientId": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-dev-dismantler-s66pftcc.aws-live-eu10" + ], + "webOrigins": [ + "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", + "attributes": { + "saml.force.post.binding": "true", + "saml.multivalued.roles": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml.signature.algorithm": "RSA_SHA256", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "true", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "true", + "saml_single_logout_service_url_post": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/catenax-dev-dismantler-s66pftcc.aws-live-eu10", + "saml.encrypt": "false", + "saml_assertion_consumer_url_post": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-dev-dismantler-s66pftcc.aws-live-eu10", + "saml.server.signature": "true", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding.identifier": "ZGMZhC4yxOKbOI3azIQQxCjXbLw=", + "saml.artifact.binding": "false", + "saml_single_logout_service_url_redirect": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/catenax-dev-dismantler-s66pftcc.aws-live-eu10", + "saml_force_name_id_format": "false", + "saml.encryption.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "true", + "display.on.consent.screen": "false", + "saml_name_id_format": "email", + "saml.onetimeuse.condition": "false", + "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "d794f802-ba70-4741-b130-7c0fdbfa5d79", + "name": "role", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "true", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ], + "defaultClientScopes": [ + "role_list" + ], + "optionalClientScopes": [] + }, + { + "id": "2d1e3584-9954-4b7f-a58b-8820ca390799", + "clientId": "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com", + "description": "SAP LBN-MT App - Contact: Lukas Hudelmayer", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com/saml/SSO/alias/pt-demo-owner-1lusu8r1.aws-live-eu10" + ], + "webOrigins": [ + "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", + "attributes": { + "saml.force.post.binding": "true", + "saml.multivalued.roles": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "saml.signing.certificate": "MIIDMDCCAhigAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAME8xTTBLBgNVBAMMRGh0dHBzOi8vcHQtZGVtby1vd25lci0xbHVzdThyMS5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBPMU0wSwYDVQQDDERodHRwczovL3B0LWRlbW8tb3duZXItMWx1c3U4cjEuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIqpBnFGA0I71WMMxq5LunHwgNbgNNRHZjWy6YPNW1uJjbSbVC1TgMlgbXi36tD8T3HG7/LzHpIYqqJGj9Qd+nCP+ThGa6Q8oy3x3ddJ4FoyPjiwVMElllLvEnv+4+8hOKJFiwRZfdLl+oCQEzHFtR3SbnvSFIJsBEn7zQrITlL91OtrNmm6j1nGs6cUi2zOXet98aZWsXB1p5FiM68JQzrq2crPgqVYNNzrxTJhZay7POgWKDmlm44ck5YOP3dtfkyCIGv63QmeXW+9IT6EWODrqFbaapXKCRS70FJLk2safXN0Hgqe3L+tv/vKYHqVCvsbFztnd9OEJVfDB+1IAQECAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAUm+aIfaismCLvfNCwU1nT422c+lfYlQnY/VndsihksddXZvbTLb0WXZ0+6NBvI9q0ZOee65mr7kNGGyvR52nSDxDoDCXRhHK4yNUbl6LVJ7ZNibif3ItmK+GaHilJ1oG/mi8ucvyTT+BGBsHfvjbB+RLSVzr/t0exhhmVHy/buR54efvmolBuWFggsUa2qeP2mXWmUHW4GptmniLbIIYClGzbG0QIDutcSmxqoxwlywS2PJerwAxgdjx3gcv49ZCTnFfL+ZTp78dpu4XjXbI0BNymJXDomCj4lpQPuqWsVKWrJh99e+pptUbpSzsBaQxJQmA3V32YLFEprEqB00q0Q==", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml.signature.algorithm": "RSA_SHA256", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "true", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "true", + "saml_single_logout_service_url_post": "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/pt-demo-owner-1lusu8r1.aws-live-eu10", + "saml.encrypt": "false", + "saml_assertion_consumer_url_post": "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com/saml/SSO/alias/pt-demo-owner-1lusu8r1.aws-live-eu10", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding.identifier": "r91TMnkHpA3L0JRpDA+YsBpF+fg=", + "saml.artifact.binding": "false", + "saml_single_logout_service_url_redirect": "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/pt-demo-owner-1lusu8r1.aws-live-eu10", + "saml_force_name_id_format": "false", + "saml.encryption.certificate": "MIIDMDCCAhigAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAME8xTTBLBgNVBAMMRGh0dHBzOi8vcHQtZGVtby1vd25lci0xbHVzdThyMS5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBPMU0wSwYDVQQDDERodHRwczovL3B0LWRlbW8tb3duZXItMWx1c3U4cjEuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIqpBnFGA0I71WMMxq5LunHwgNbgNNRHZjWy6YPNW1uJjbSbVC1TgMlgbXi36tD8T3HG7/LzHpIYqqJGj9Qd+nCP+ThGa6Q8oy3x3ddJ4FoyPjiwVMElllLvEnv+4+8hOKJFiwRZfdLl+oCQEzHFtR3SbnvSFIJsBEn7zQrITlL91OtrNmm6j1nGs6cUi2zOXet98aZWsXB1p5FiM68JQzrq2crPgqVYNNzrxTJhZay7POgWKDmlm44ck5YOP3dtfkyCIGv63QmeXW+9IT6EWODrqFbaapXKCRS70FJLk2safXN0Hgqe3L+tv/vKYHqVCvsbFztnd9OEJVfDB+1IAQECAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAUm+aIfaismCLvfNCwU1nT422c+lfYlQnY/VndsihksddXZvbTLb0WXZ0+6NBvI9q0ZOee65mr7kNGGyvR52nSDxDoDCXRhHK4yNUbl6LVJ7ZNibif3ItmK+GaHilJ1oG/mi8ucvyTT+BGBsHfvjbB+RLSVzr/t0exhhmVHy/buR54efvmolBuWFggsUa2qeP2mXWmUHW4GptmniLbIIYClGzbG0QIDutcSmxqoxwlywS2PJerwAxgdjx3gcv49ZCTnFfL+ZTp78dpu4XjXbI0BNymJXDomCj4lpQPuqWsVKWrJh99e+pptUbpSzsBaQxJQmA3V32YLFEprEqB00q0Q==", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "true", + "display.on.consent.screen": "false", + "saml_name_id_format": "email", + "saml.onetimeuse.condition": "false", + "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "06a1dc24-c230-4298-b24f-7b509c16b585", + "name": "role", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "true", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ], + "defaultClientScopes": [ + "role_list" + ], + "optionalClientScopes": [] + }, + { + "id": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "35134e77-f548-4b87-970c-cc0626496fcd", + "clientId": "sa-beta-cx1", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "07f8b416-f24d-4cba-91f8-fd3ae0af4657", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "72681be8-4baf-475d-a9b9-47dee5326981", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "2ac54aee-ac44-4a48-ae4a-bbdb5288c7f9", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "7cb8edc7-02f4-4c7c-84b4-b91cbac2d5e4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b9ee94c4-f8de-40ba-8ea0-36d3ca28d3b5", + "clientId": "sa-beta-cx2", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "296af6dd-9c38-41f4-b485-5f5eea375ccc", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "e00b42b8-8bcc-4b18-9999-86212378c5b1", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "24194317-3f62-417a-8442-62009cbf029e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "ab7d3b61-de21-4527-b021-7b2d75182fee", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "624a56df-7370-46f6-b00f-44791184bb28", + "clientId": "sa-beta-cx3", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "09c3a032-eab0-4f2c-96df-b7c1b13d3634", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "62d698d8-24d6-4b3a-b533-c4bffdb65db1", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "2a1ab4a4-c250-49e0-9676-86564dea3062", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "f5071021-acc5-42be-98e1-8bccd62e8f1b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fb3deae9-5f34-4e9d-9a33-376f083f03c4", + "clientId": "sa-beta-cx4", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "daf63cfb-4e69-43f3-9c4e-7c9f91131364", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "53742f0f-0df2-4f2f-b6bd-e407d4bd0894", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "343fe132-c419-484d-a7f7-a2316f855cec", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "15332471-4d69-48fa-9bab-e51218faa13d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "8b05ebaa-0fa1-45fc-bc5c-8d75e2fa8166", + "clientId": "sa-beta-cx5", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "4c831a50-2f22-407f-ac33-3b5bc19d824b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "764d1b6f-ecc1-46b7-8feb-e962fe8facd5", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "df7255f2-200f-4ebb-94bb-7edf96e2e127", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "b421ee98-98c8-41e2-8594-646b9ac40c67", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "062617f4-5efb-4f85-932f-26193737321e", + "clientId": "sa-beta-cx6", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "86a03690-8af2-4c80-ba47-94d05fc1cc47", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "8657ab97-ddb1-4775-8d44-a3ccbfea213f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "6543b216-4e97-4dd9-a855-021de0d8b316", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b167ce59-73d8-4f6c-a175-5cc742526628", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2b1424ac-3e67-42c7-be77-69aa57fe0834", + "clientId": "sa-beta-cx7", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "965eb625-e855-49f4-bb55-c0d73666d410", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "581a3217-3127-4484-a4c7-1491371a7b48", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "cf552528-6cb5-43a5-91c9-aac399e96730", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ba208341-0e41-4dea-8397-619376833c3a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c33cfdab-5838-4c38-bd84-15b63502d604", + "clientId": "sa-cl10-cx-1", + "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "429be913-0d7c-4bb1-b429-ed7b18822645", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "d13abc34-92f7-4b7f-8684-f923f5798627", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", + "clientId": "sa-cl16-cx-1", + "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "2722c105-eb0a-4af2-85c6-13499e443d99", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", + "clientId": "sa-cl1-cx-1", + "description": "Service Account for Invicti DAST scan", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4f3b52ca-14c2-453e-87ac-4c97c4c4af5a", + "clientId": "sa-cl2-03", + "description": "Technical User AutoSetup trigger (Portal to Vendor Autosetup)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f57ed439-7c35-4a6c-a097-aa750249c442", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ea42e697-8fa8-4359-b342-715683a67a15", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "743f3d13-5eb1-4fd7-a092-019c052f5db0", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f1f03a93-d654-41fd-b92b-68c6373e7467", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "9a79ca1f-42b4-493c-9e1a-68ccd05ad9ac", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technische User CX Intern - communication GitHub and Semantic Hub (Contact: Sven Erik, Bosch)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + }, + { + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d5a29608-9579-4af4-b895-458ff5b03276", + "clientId": "sa-cl3-cx-2", + "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", + "clientId": "sa-cl5-custodian-1", + "description": "Technical User for SD Hub Call to Custodian for SD signature (SPOC: Dmitrii)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "30897db9-574e-49ee-b968-ede77a6baf67", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "00879247-75ce-491f-abed-52a6a810f685", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.checklistworker.custodian.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "0dfcbe31-2482-46d7-bb09-0722b0e1c4f9", + "clientId": "sa-cl5-custodian-3", + "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3e1df311-abd2-4878-9f0a-426fd1a50c0d", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "17a2ea60-79e2-4d57-8db7-9931b0e1a674", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "d6203b9c-6b72-44d0-8609-83077dd6a2e0", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "1db97b73-9663-4eb5-99ed-d103c4bda113", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "BPN", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "7612bab1-3617-485e-8461-f1d2a7a6a92e", + "clientId": "sa-cl5-custodian-4", + "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "783956fc-c81e-4da3-871c-436eec1fa555", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "f230563b-4e92-47e6-94d4-5d7ac8eef916", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "BPN", + "jsonType.label": "String" + } + }, + { + "id": "45b77e95-5844-48c4-ba44-6c883bed55b8", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "653db152-0505-4fcc-8d9e-51eee203610b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "6ebce422-4b91-47a5-8e6b-5fca5de8a1bb", + "clientId": "sa-cl5-custodian-internaltest", + "description": "Technical User for custodian internal test", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "02022dbd-1259-45e8-8168-f05fae84fce8", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "38696859-c042-4a34-8c03-a5fad8eb1297", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c6952af9-ed53-4482-a1c9-784d8c32e01f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "c07768b6-f49a-4c5c-bdda-4fdc81f46e49", + "clientId": "sa-cl5-cx-1", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "463c2183-69f8-4676-bad6-4eeaeff3512d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "836cf4e6-7654-4c84-b7f5-d07819543024", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c7a8afdf-bb7b-41b7-a0bb-b561ef266923", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1a7d3f02-66cf-495b-af96-ad095e6219b4", + "clientId": "sa-cl6-cx-01", + "name": "sa-cl6-cx-01", + "description": "Technical user for portal to daps connector registration call (portal helm chart: backend.administration.daps.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "57e23174-fb41-4bcd-a3eb-5d665effa10d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "f6589350-5c92-4365-90d7-c84906f450c0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "dede7a5c-6db0-44f3-949c-8c28b0045eb2", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "a7ae2ac2-1800-40f2-92b0-889cb93d3ebe", + "clientId": "sa-cl6-cx-1", + "description": "This is a technical user for aas-registry-internal (internal tests by Digital Twin / Semantic Hub)-", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "8d0debee-6ced-4bbd-8211-d0813569ea9c", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "3ecec5dd-48fe-46d0-9489-76e768eab321", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "1f111fb8-0011-4d5c-b05f-6b5857cc4b60", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "f3850b8a-0a33-4053-96d4-04a48f055275", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1e8b03d3-d4f3-4b29-949a-4260def85751", + "clientId": "sa-cl6-cx-10", + "description": "Technical user for AAI Registry connection to Trace-X App and API Testing (Thomas Braun)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "21d28aaf-1921-455d-a55b-c028fa7ba5ea", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "5883fd2a-d5f3-45a5-a437-9c1af976fa2e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "afb750f1-6cee-4f52-93ac-5c6229fd14b9", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "4f91941a-e8b1-4406-825c-1005a33043f0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d3d0eea1-db73-427c-b262-829fb36e9878", + "clientId": "sa-cl6-cx-11", + "description": "Technical user for AAI Registry connection to MaaS (Contact: Daniel Metz)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "e3d70828-60d8-4b0a-9615-309ace82baf8", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9a8b676a-11f2-44ec-8c30-c1e07357f220", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b54be54a-246f-4c25-9279-764e590824a3", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "3041d139-bff6-40d2-99ea-7fab2ae323db", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e25aa042-6318-4fff-a939-328d0d7ba386", + "clientId": "sa-cl6-cx-12", + "description": "Technical user for AAI Registry connection to EDC (Florian Rusch, Christian Holder ZF; Tier A)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "93714788-bd2b-4311-991b-cd373c05d024", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "29fbd341-94df-4144-944a-d80a9f2f3afb", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "52118695-f560-483f-aca5-e4a2ed5cdaf6", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "54d74fe3-9a56-4d27-97c8-3e4a16a0fe74", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2d7e9b76-8bd9-41b2-8823-5b7f5ec3cec6", + "clientId": "sa-cl6-cx-13", + "description": "Technical user for AAI Registry connection to Traceability (Proshanta, Henkel)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7b0e4794-0126-4b40-a1fa-fe00e524e054", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "610758ad-472d-4926-98b7-e6ba871879f5", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "0adc9695-f521-4036-9028-38cfd0e3115d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "bffb6e01-d697-4091-9ec8-0e7fa435c2b7", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4edc36e6-2a7d-4991-a7b0-b246860015ad", + "clientId": "sa-cl6-cx-14", + "description": "Technical user created for tests traceability Mercedes (Contact: Basar Tharan)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "91c55508-f002-4463-804a-4c22cec6a88d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "acd775d6-5d9b-4229-a271-2aebc013f99d", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "adab4c59-47b6-4855-9996-0267e040cf7f", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "9ea83750-3462-403a-9bb6-472ca73d6b9f", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "18204844-8439-4298-8053-ff1414f819a4", + "clientId": "sa-cl6-cx-16", + "description": "Technical user for AAI Registry connection to Siemens (Kiryl Batsiukov, Siemens; Vasileios Karagiannis, Siemens)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "a401ac75-e155-46fa-ac0c-ea9dcdbcac1b", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "2a7a1a2a-b3d9-4ea3-89b3-e654636f7002", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "cd0547f5-3bbf-4ed5-a490-cb4c86a22aa3", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "f99b8082-ee0f-4d59-8a9e-b0da6c2188b2", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2685ce31-a3ab-4c23-9ccf-90f721690e81", + "clientId": "sa-cl6-cx-17", + "description": "Technical User for AAI Registry connection to EDC (Florian Rusch, Christian Holder ZF - Sub Tier A)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "e76b4367-7ff9-4844-a446-727fa4bb55b6", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "6c23d5a1-2ea4-4101-a0c3-bba9bb822695", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "dcc3fbce-713e-4d49-a0cc-413c893ee17d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "7b736a39-00d7-4fe5-ba07-c16ecc6a788f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0fd16c0e-afa1-4256-89cc-503d70d1eea5", + "clientId": "sa-cl6-cx-18", + "description": "2nd Technical user for AAI Registry connection to Trace-X App (Thomas Braun)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f130bff5-3c7c-4f31-9a56-a1395403a895", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "509b41c6-e05a-4ee8-b2dc-814c83730735", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "6f3623a1-1d05-4ed2-88c9-d77f761702aa", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "560cce4b-974c-4a87-b4c2-74233cd998a4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f693b3d8-6aa2-4d96-8857-8cf1edf181c7", + "clientId": "sa-cl6-cx-19", + "description": "Only a test account for Christian Kabelin as READ User for prep of test data", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "9abf90f4-7887-449c-94ec-95f8bcd3182a", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "5baef81b-caab-4679-a688-a5cd0bb6f9d0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "c66bdc4d-dc6f-49e9-9d9c-ec840b858026", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "a8a91c21-fa03-478f-a57f-f534d046b4b9", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fae37447-4174-429b-91d2-b696b68287d7", + "clientId": "sa-cl6-cx-2", + "name": "", + "description": "This is a technical user for Semantic Hub", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://catenaxintakssrv.germanywestcentral.cloudapp.azure.com/*", + "http://localhost" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "deb3611f-4206-451c-b8e0-d1d6ddc7caa0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "eb5c6815-8d64-4495-93ea-1fc6b430b1b8", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "54ed3d77-0ca8-4a2c-8652-5865948ac1d6", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "e5b57306-c07a-4ebb-bede-5d220880d405", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e1e38aa7-4105-4d29-881e-b1224796d59d", + "clientId": "sa-cl6-cx-20", + "description": "Technical User for Siemens - AAS Connection (SPOC: Kai Lohmann, Trusted Traceability)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "1cd020e8-8f51-4565-ba65-0030d14c6509", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "acf67e71-d559-477c-804b-faf56ee8989f", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "73a0cbc7-70e5-46d4-9c27-43f6e19217f4", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "afe8c9c6-c10c-4e45-a531-e75e5517b91a", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "cbc24c55-5452-4a31-a8f1-862ea0ccc082", + "clientId": "sa-cl6-cx-21", + "description": "Technical user for AAI Registry connection with EDC (Kiryl Batsiukov, Siemens; Vasileios Karagiannis, Siemens)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7ae5c6ac-f435-4ae4-905d-ed47a098bd9c", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "7502bfe4-2bff-4164-92ac-21fa4a6d9f2b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "1660be60-ad4b-43e9-ae21-9d04c362be47", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "f5200744-0f8e-4310-a836-4de1d0eb5e6a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "feee7b77-71bf-4f95-9276-38dccfa73edb", + "clientId": "sa-cl6-cx-22", + "description": "Technical User for AAI Registry connection to EDC (Dirk Dennin, in action of DLR)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "12c71551-9da8-40aa-82b2-d7c9b57ec205", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "5d77e17f-b370-45b7-b76e-81b27f0aacd9", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9888c544-10bf-4cc6-8b7e-95fc6bc4b26e", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "1cff3035-0b3e-45e9-9b38-7bc05f5e5697", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "977edf04-7d5a-489c-a057-b00863fdd27a", + "clientId": "sa-cl6-cx-23", + "description": "Technical User for AAI Registry connection to ADAC Fleet (Dirk Dennin & Asdren)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "5a7c0ea2-8575-4f80-bfe7-8d87dae2016a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "711201e5-7add-401b-a8a2-8e7f3c922ea2", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "5fd60367-8180-4465-90f3-d6260cbbe73e", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "dfb7305d-a492-47c5-aeab-8c926935e792", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "97bcbd36-39fe-4553-923f-0be2b7c3967d", + "clientId": "sa-cl6-cx-24", + "description": "Technical User for AAI Registry connection to ADAC DTC (Dirk Dennin, Asdren Kuci)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "b5889d7b-1120-4499-88dc-b27b84cb7fcf", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "9ac6261a-1314-4c86-aaf1-43b8a10ef6f9", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "e86a433f-26ec-41a1-9b35-e294b95e6699", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "1fa30aa0-afac-40ce-86f3-0fff0be1c4bc", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1db8b620-0b9a-4f21-9a04-431d9e5d72a9", + "clientId": "sa-cl6-cx-25", + "description": "Technical User for AAI Registry connection to Siemens CO2 (Werner Eberling)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "61a35863-4cbd-4249-b67c-edb37d0be2ed", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "5496020a-c216-49b9-b1bd-fe3b11d7a790", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "76c44288-43c4-4fde-a205-ade6e044ee3d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "22eae628-8360-472f-86a7-98be9771e688", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0a902ec2-33d4-4f5c-9aa7-d51af2252044", + "clientId": "sa-cl6-cx-26", + "description": "Technical User for AAI Registry connection to Siemens CO2 (Werner Eberling)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7c7a382d-dcdb-40bb-b2ac-77c9541e59f7", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "1782d640-81ba-4215-8dcb-557d73a2c1e5", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "c5be708e-59d1-4ca9-ab82-2519b0a8215e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "8bcd5dce-f859-4a83-88c9-8c60efec6355", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dc1eb8bd-d579-4dd8-bc66-6222d881566a", + "clientId": "sa-cl6-cx-27", + "description": "Technical User (READ) GreenToken for EDC integration scenario (Contact: David Rauch, SAP)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "2cbb47fc-8864-4963-a274-42f15ffd19a6", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + }, + { + "id": "101d5a0e-2eab-42ea-adaa-75482df0ff44", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "8ac8e285-8089-4789-bf38-9d310edb2300", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "c4abf7f7-c84a-4c98-8a67-f3f7d68f2031", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1cf8af37-ac23-47e2-8e48-ebf904585f0f", + "clientId": "sa-cl6-cx-28", + "description": "Technical User (WRITE) GreenToken for EDC integration scenario (Contact: David Rauch, SAP)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "372ddd3c-7aa4-485a-b333-e1fed1e0ec4f", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ee9af151-5cd4-4ac1-be87-4f9145fab0ec", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c70e9a49-a871-4bfc-810f-8f85a49f847e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "2e0e393c-99b1-481d-bd9a-cc10465cae68", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "acb29a18-6306-44c0-ac94-8548df74b315", + "clientId": "sa-cl6-cx-29", + "description": "Technical User (WRITE) CX Battery for EDC integration scenario (Contact: Jochen Braun, CGI)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://materialpass.dev.demo.catena-x.net/*", + "http://localhost:8080/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "db29a54d-b840-435c-a3c2-5a0286cbd8de", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + }, + { + "id": "a445a212-c5da-4bf9-b093-19c5b9abf618", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "d359aa48-a5ef-469d-a2b8-47bc90507ba4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "21f0a51e-bec2-4caa-9bfd-be20164ea15a", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "7c87b118-63d5-4f72-9772-1f4632a1b3fc", + "clientId": "sa-cl6-cx-3", + "description": "Technical user for AAI Registry connection to BMW data pipeline", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "426b3802-567e-4235-94cb-5cf4c1f1f748", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "0b17c9ff-d20c-4425-8c63-36fabe5802f6", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "c6eaa3fd-bf8f-4ef4-8a6f-1629004b80c3", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "e08c09db-18ce-4b61-94cf-1e152c996136", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e81223c0-59b1-4788-a8d9-5022f13cc4b3", + "clientId": "sa-cl6-cx-30", + "description": "Technical User (READ) CX Battery for EDC integration scenario (Contact: Jochen Braun, CGI)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://materialpass.dev.demo.catena-x.net/*", + "http://localhost:8080/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "75a1c382-0549-45e4-876e-1e412ebdbb48", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "00c147fc-29c1-4d94-b998-d7c8ce3a720e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "eb00dd9a-5ee6-4e79-86ca-e46e39ee1fc0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0ce4a2fa-c85a-4bd1-b571-5afe6a79ca6d", + "clientId": "sa-cl6-cx-4", + "description": "Technical user created for postman tests for traceability (Contact: Markus kreuz)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "8c334961-82eb-4784-b7bf-05ebda7edc1c", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "bd34d354-2e82-4987-803b-0e8209a8cc1b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "46cd680e-ee4e-4511-ac76-a95851657ced", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "741c0ba1-543f-4dea-83df-b1735b2ed0e2", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c3e0182e-abb2-4451-8180-51538eaeb93a", + "clientId": "sa-cl6-cx-5", + "description": "Technical user created for postman tests for traceability (Contact: Clemens Braband)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "531faee9-5a4b-451a-909f-b9f603f48fc2", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "6bff54b5-ed16-4ef3-9e94-73bfc39da7c4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "ee566510-db23-4569-ad1a-7691f0f12355", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "5eae602e-0242-4539-9728-fb16df138252", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "674ba68c-891f-4df6-9d11-1c48600f986f", + "clientId": "sa-cl6-cx-6", + "description": "Technical user for AAI Registry connection to BASF Data Service (Gabriele Eckhardt)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "8932692f-4aac-4874-8019-0325a487e78b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "2cb46242-7053-4bb7-a40c-2f107d0ffb2e", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "07557d98-31c4-48cc-ba12-93ac7938cad4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "d8eff86d-fbe2-468f-a4a0-2ced8d0993e0", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fdaa99b6-c8e9-4521-a70c-4d535a1e573e", + "clientId": "sa-cl6-cx-8", + "description": "Technical user for AAI Registry connection to Traceability (Matthias Binzer) - testdata2edc", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3aca6d5d-f95f-448a-a60f-daa2aed09d04", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "0ba4d9a3-bb4b-4667-afe4-3fd1c7638a97", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "eed9f43e-4464-40f3-a2fd-07a003ba93b2", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "29a0fd3f-c2b9-4ff8-8cb9-046bbfb02d98", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c3af980d-b1f6-447a-ba96-5dacd52a7adf", + "clientId": "sa-cl6-cx-9", + "description": "Technical user for AAI Registry connection to IRS (Johannes Zahn)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "e3dfef3a-abae-4bee-a6ff-2c6b0f91e22c", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "621a15c8-77ce-402e-95e3-85165f90ed81", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ad8fd51a-8262-4345-aa98-2892edbb52e7", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "9d65811a-6f05-4bc8-9dd3-ec664ed87f42", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6e2f3a74-9277-4265-a0bd-8f8f41ba0530", + "clientId": "sa-cl7-cx-1", + "description": "Technical user created for BPDM / CDQ connect (SPOC: Peter Schenkel)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "33ef0160-e559-4fde-8faa-657140437026", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "61c367f1-dcd7-4190-9d63-97c0b3ae5afc", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "1c8aad27-8158-498b-bf99-e6de92799b6d", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d1c857fb-0c7d-4b6d-b6e8-34bf4de76d6d", + "clientId": "sa-cl7-cx-2", + "description": "Technical user for BPDM connection to Fraud App (Michael Wirth & CGI: Fabio)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "23db4b23-856e-4f3b-a1e2-f935d2373d0d", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "5db07b78-2eb9-405d-a0eb-9ab0e94a1e4d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "b01e802a-984a-4c95-a5f7-db4f3fd4b16b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "09b70efe-f7e1-4880-a375-de44e2e1b38a", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f6627ae5-54ac-4e53-871d-875de8879e51", + "clientId": "sa-cl7-cx-3", + "description": "Technical user created for BPDM Pen integration with Invicti, WRITE (SPOC: Patrick Zeller)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7876f4d9-faa0-4386-af39-3681b0b4295b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "b2b9d6c3-842c-4ce3-b984-a7cfc2464e1f", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "03b778d8-3f51-4d37-9e25-5899fb4c1099", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "12b94ca3-d6cb-4806-a288-7efa3ea919e9", + "clientId": "sa-cl7-cx-4", + "description": "Technical user created for BPDM Pen integration with Invicti, READ (SPOC: Patrick Zeller)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "82e2b111-a709-470f-98c6-7b5cc845eb97", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "83fca7bf-051a-4a8e-a84b-251f9a68c9d1", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "7b4eb789-46a5-42db-904b-a90feddd91a4", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "183aae87-c9cf-4d70-934b-629aa6974c54", + "clientId": "sa-cl7-cx-5", + "description": "User for Portal to access BPDM for Company Address publishing into the BPDM (portal helm chart: backend.checklistworker.bpdm.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "08dbaf87-e25e-489c-bec9-f062af3de2df", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "2420c9fc-2c5a-4e54-b6c1-3d72e4eb9e85", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "fb8aa3d7-44dd-4348-9a43-a48fadb0a858", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "ccc8006a-71d2-4fd8-b945-d1d3bd716cef", + "clientId": "sa-cl7-cx-6", + "description": "User for Data Quality Service BPDM, (SPOC: Tim Gerlicher)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "d070c22c-fd82-4d6b-b68c-5e92dad965ca", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "edff7e10-bc1c-48ed-9e6e-1718b9b3d3ae", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "2e8aa311-8e28-4af0-9d69-0819e4716f47", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "04981b7f-5a0c-49c0-8d7e-ec57c185922b", + "clientId": "sa-cl7-cx-7", + "description": "User for API Testing BPDM Pool and Gate (SPOC: Nico Koprowski)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3d9fd1fe-9a5e-4706-b007-12cb42220dd3", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "16008a03-3528-4212-aa68-c860f6ea5073", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "6f5a1ef2-5827-4d0f-bbf3-c938dfe2f25e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c2bdc736-ca35-43c4-8e18-27e7425df9f0", + "clientId": "sa-cl8-cx-1", + "description": "Technical User for Portal to SD (portal helm chart: backend.checklistworker.sdfactory.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "5049595f-673e-4ce2-9ce2-90e11c0fc6e9", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b8086ec0-3da2-4f98-a7fd-19d007709e6f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "55da2734-a7e2-4d89-b210-7cb0a24fced4", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "f69006e1-e4a6-4237-b73b-89711c0934c2", + "clientId": "sa-clx-cx-1", + "description": "Technical User für SAP (Felix Ruecker) um auf BPN und Registry zuzugreifen", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "eb5ed933-696d-4b51-a5e0-534da33028a3", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "ace07ce7-da41-4a76-b6a0-8535eab2cc4a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "4be32837-1566-4215-a712-f8af835fa0c1", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "9ea6f463-9346-4650-8ecd-39298823c513", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d6b6e09c-d92d-4915-a7de-29488b0597b4", + "clientId": "sa-clx-cx-2", + "description": "Technical User für SAP (Felix Ruecker) um auf BPN und Registry zuzugreifen", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "6758fb03-3059-48b7-ad73-5b506e52f1b2", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "ddf2bba9-11a9-4329-8418-aa1cd6f9a050", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "0ef7dcfa-86a7-4280-803e-e394d2515c36", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "54a933f7-f652-47e5-a3e7-a1f23f50034b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "66e16962-df76-4829-95f2-91e0577c3c92", + "clientId": "SAP-Login", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://amjx8gvyp.accounts.ondemand.com/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "47b7bb2b-b544-4f54-9a37-f6c5f87f7f94", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "b1b3c279-a5c0-44dd-bda6-b43cc9a904ac", + "name": "Sub_to_email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "sub", + "jsonType.label": "String" + } + }, + { + "id": "aa31d5d5-cb28-400d-b45e-46b09dd591f9", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "748e5a80-a12e-432c-898b-0af1f34355bc", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "c2793b11-a96e-4ca4-be82-d58b500450bb", + "name": "Groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "Groups", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "Groups", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d5265cd8-d128-4dc9-8602-d49d1df0a86c", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/CX-Central/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/CX-Central/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "12d9df9a-241b-4ec2-bafa-3f26ccaa1890", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6df310ed-500e-43d5-b510-fa4668e939ee", + "clientId": "technical_roles_management", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2486e439-4fbd-4f53-bc02-aff9d0699e07", + "clientId": "urn:uuid:7bd86018-d0a2-421b-9e00-b77bab0838b1", + "name": "CPM App", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://impact.bmw.cloud/multipass/api/collectors/7bd86018-d0a2-421b-9e00-b77bab0838b1/saml/SSO" + ], + "webOrigins": [ + "https://impact.bmw.cloud" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", + "attributes": { + "saml.force.post.binding": "true", + "saml.multivalued.roles": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "saml.signing.certificate": "MIIE0zCCArugAwIBAgIEWSwjGzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDDBBpbXBhY3QuYm13LmNsb3VkMB4XDTIxMTEyNTEzMTkzMloXDTMxMTEyMzEzMjkzMlowGzEZMBcGA1UEAwwQaW1wYWN0LmJtdy5jbG91ZDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJr3kQjeWOd9bPBTGAlQpbrh4kDmweESAeu2kXPqtQkEaHjdIHbgQAE/J1BAxme0hB0RzeAV1h4rdg8m1UUx2jaZ/QPvwgggFaGcdykM2Ja/f/dnnm5P9Xi8DYRWR+UJy9Sa9gJwPfgCPWNwcXNKC2+xW/fubvjfEE8K040KqhPFrT5wOA6mbDohYBrGa4xcXrnNsts2dnU6ecXnlrgjYpYHL0cIxVRvtxJ49VgJRuWXCIDLqkogqm/FdHIcwMcy11GfM0O3JTRl+oNGyTYBHaFrwLOWmv3LggcBoAPIIz4tlsr0bMG29IW2snVIPL4x3NptehODwfcOiagfd+QNjAungmCugpoPYM78bxkKT/24LTg3lFYSqC/CGSkz4OQLEbwYUV/qrcNo2r3tQsD3JahCppH2zhvJSoko0XijVRyQ8Xh8hWWaj3ana89rCg7DztSQJmrM0YjYNngTnQgdsK0NVljy5tL7nLHpV/DQ0OmzW84C7uNtDDmwysGof89H6VeoovLhWbsqPhhcEapw0v7atpRWSge2Mc0Wh3kiHxmhHQ4tBDa37g/8U8Dhr+w+DmAzQPmRg6/joir/fpgF89ox7J+iONKV9M6JMtIlpIFKWdxL+NMeB1aC3D7cYW9+YSHmkqxX1xFWDs4JbFKqIZYaMkzEqpIz4CgVk+MYfdyFAgMBAAGjHzAdMBsGA1UdEQQUMBKCEGltcGFjdC5ibXcuY2xvdWQwDQYJKoZIhvcNAQELBQADggIBAFCOGx89nkHj2t0PbGuxmnYI5tCEtRuud4/hwZ4Z8kDS23c+2yO4VaQQhn2tYumHMm6mSeImQVUOQQtp+ltaP9k8va8qto3zfhBc6CPrent8Lxw6xn7j/G0EWryvtLy/G0/nDcb5z4+Yilfi49uJdNw1LftX4RvesVSaWqIhTkBbqly5oEysYgGDf7+eW9Af8febKAMbnvzO2yuKXa7XN2xNuVtvF+bBa2gbgIjyPp3mTMm2SGqacqlrTeGj1nFcvVRm03XKAd1IzPhhjGFCjS3lM37qNSrwG7QVTh0fEtStObspEc/rMuAG2huURYEVFsKTEOP3n9Mn4p3veqxVK751jdqxUCmsa942e/P+5JbijHROAmRUyNX/E5ZQh0bf9IGMPrLgVHz+NYddchNmMXa7eMHJZSHnkVvj+K7cXhUS4vN6GuP/WYpbPGCRO3jiVGnZ61ckT5IVUPs5t35k/btQDw+MIc3dJ2UGbuofmmdZ+BiNw3cmICkSTdVIRJvQUG7rsCGHWQ3TjsS/MXDmfmfu5wLD6uY7xOarirCPKwbqto0tICNcV6CFta1VO6Yj8tMaRpdG9MrGHmXNz+ms3H2fd4HyFaL/sxwv2uHW+f8R7YldYnVebTwjtoITSYgZHdJ8yDicKWEFsU1RRlFTbkdvuysyz0+GXKnJbwdpFnBY", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml.signature.algorithm": "RSA_SHA256", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "true", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "true", + "saml_single_logout_service_url_post": "https://impact.bmw.cloud/multipass/api/collectors/7bd86018-d0a2-421b-9e00-b77bab0838b1/saml/SingleLogout", + "saml.encrypt": "true", + "saml_assertion_consumer_url_post": "https://impact.bmw.cloud/multipass/api/collectors/7bd86018-d0a2-421b-9e00-b77bab0838b1/saml/SSO", + "saml.server.signature": "true", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding.identifier": "/ewlwAsHsIG1PkTPfKmGSGYGJio=", + "saml.artifact.binding": "false", + "saml_single_logout_service_url_redirect": "https://impact.bmw.cloud/multipass/api/collectors/7bd86018-d0a2-421b-9e00-b77bab0838b1/saml/SingleLogout", + "saml_force_name_id_format": "false", + "saml.encryption.certificate": "MIIE0zCCArugAwIBAgIEWSwjGzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDDBBpbXBhY3QuYm13LmNsb3VkMB4XDTIxMTEyNTEzMTkzMloXDTMxMTEyMzEzMjkzMlowGzEZMBcGA1UEAwwQaW1wYWN0LmJtdy5jbG91ZDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJr3kQjeWOd9bPBTGAlQpbrh4kDmweESAeu2kXPqtQkEaHjdIHbgQAE/J1BAxme0hB0RzeAV1h4rdg8m1UUx2jaZ/QPvwgggFaGcdykM2Ja/f/dnnm5P9Xi8DYRWR+UJy9Sa9gJwPfgCPWNwcXNKC2+xW/fubvjfEE8K040KqhPFrT5wOA6mbDohYBrGa4xcXrnNsts2dnU6ecXnlrgjYpYHL0cIxVRvtxJ49VgJRuWXCIDLqkogqm/FdHIcwMcy11GfM0O3JTRl+oNGyTYBHaFrwLOWmv3LggcBoAPIIz4tlsr0bMG29IW2snVIPL4x3NptehODwfcOiagfd+QNjAungmCugpoPYM78bxkKT/24LTg3lFYSqC/CGSkz4OQLEbwYUV/qrcNo2r3tQsD3JahCppH2zhvJSoko0XijVRyQ8Xh8hWWaj3ana89rCg7DztSQJmrM0YjYNngTnQgdsK0NVljy5tL7nLHpV/DQ0OmzW84C7uNtDDmwysGof89H6VeoovLhWbsqPhhcEapw0v7atpRWSge2Mc0Wh3kiHxmhHQ4tBDa37g/8U8Dhr+w+DmAzQPmRg6/joir/fpgF89ox7J+iONKV9M6JMtIlpIFKWdxL+NMeB1aC3D7cYW9+YSHmkqxX1xFWDs4JbFKqIZYaMkzEqpIz4CgVk+MYfdyFAgMBAAGjHzAdMBsGA1UdEQQUMBKCEGltcGFjdC5ibXcuY2xvdWQwDQYJKoZIhvcNAQELBQADggIBAFCOGx89nkHj2t0PbGuxmnYI5tCEtRuud4/hwZ4Z8kDS23c+2yO4VaQQhn2tYumHMm6mSeImQVUOQQtp+ltaP9k8va8qto3zfhBc6CPrent8Lxw6xn7j/G0EWryvtLy/G0/nDcb5z4+Yilfi49uJdNw1LftX4RvesVSaWqIhTkBbqly5oEysYgGDf7+eW9Af8febKAMbnvzO2yuKXa7XN2xNuVtvF+bBa2gbgIjyPp3mTMm2SGqacqlrTeGj1nFcvVRm03XKAd1IzPhhjGFCjS3lM37qNSrwG7QVTh0fEtStObspEc/rMuAG2huURYEVFsKTEOP3n9Mn4p3veqxVK751jdqxUCmsa942e/P+5JbijHROAmRUyNX/E5ZQh0bf9IGMPrLgVHz+NYddchNmMXa7eMHJZSHnkVvj+K7cXhUS4vN6GuP/WYpbPGCRO3jiVGnZ61ckT5IVUPs5t35k/btQDw+MIc3dJ2UGbuofmmdZ+BiNw3cmICkSTdVIRJvQUG7rsCGHWQ3TjsS/MXDmfmfu5wLD6uY7xOarirCPKwbqto0tICNcV6CFta1VO6Yj8tMaRpdG9MrGHmXNz+ms3H2fd4HyFaL/sxwv2uHW+f8R7YldYnVebTwjtoITSYgZHdJ8yDicKWEFsU1RRlFTbkdvuysyz0+GXKnJbwdpFnBY", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "true", + "display.on.consent.screen": "false", + "saml_name_id_format": "email", + "saml.onetimeuse.condition": "false", + "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "role_list" + ], + "optionalClientScopes": [] + } + ], + "clientScopes": [ + { + "id": "32795711-2e76-43f9-8138-3ce5b9eae1a2", + "name": "catena", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "748924d3-243b-4d66-9708-89e258dffb2c", + "name": "tenant-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "tenant", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + }, + { + "id": "b3dd05cc-7289-4a87-9625-af60b859d748", + "name": "organisation-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "organisation", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "organisation", + "jsonType.label": "String" + } + }, + { + "id": "1d94ee73-6981-486c-a2d8-2e2f857cd125", + "name": "bpn-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "13834c57-9211-4e3e-b892-0632a3c15225", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "6c0bfbc5-e3d7-45f9-a0bc-61e30225e22b", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "8868b283-df78-4c9a-b78e-1c29e4b9b61c", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "23e5acb7-2d8c-4bca-8565-36fb57ee7ee0", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "0adf14b5-a345-4d20-83cc-2a353c686161", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "fc35a8f5-fedd-4b66-b3fa-9427e3947dc5", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "73a111cf-271c-4b9f-abca-e4894e29229d", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "c06270fe-f203-4c9b-92a8-ff716b81127a", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "8e22da0e-f450-444a-80b4-824a69532949", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "09dc23a3-1b9f-4b9d-aa87-e875f0f20655", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "0543fff7-3732-433b-8a24-d2784bba1501", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "34a2f332-9752-4a7f-9d61-b4dbd40946b4", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "955c2cb6-3abb-44d1-a3eb-9ebec0cf6094", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "48b4aa99-383c-4178-b966-c0ae710d8c21", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "e24a7d06-7406-4b2f-854e-a5653f8b964f", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "987e5408-e6ef-4cd2-a51f-451fb7c0dc4e", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "1a9bd37a-377a-48ae-9b95-a1c0c5f3fa08", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "dca5ee31-87cb-407b-aba6-d6c846e6a6b4", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "6af98429-3234-4f57-95c0-7df4209cb349", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "b7e70ea0-1b54-469b-b818-dcb7d4657d9b", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "02aff4ea-454c-41cf-8bf6-1bea1e933812", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "438a5f2c-727b-4ba2-82de-d5cf4b8d4daa", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "70bf1855-c34a-4bd3-a06d-f3d62d91693b", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "0c9106a1-9c93-47bd-85b3-8607ba8485c2", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "4386dc68-8dd3-4439-8c63-eabcdb92fd76", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "78be8eb6-ca31-434c-8441-6abbfe553a22", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "fb918735-48a7-4f96-8830-606815788dfb", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "6e4e8483-7c58-4539-98d1-4b02ff5dc6f5", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "58e59849-6457-4c8b-b713-2c5a008461c6", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "99ca536c-58c2-432f-904e-10926bbc207b", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "8a14f08a-0ba9-44ae-83bd-5a65b9d0fe8c", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "2c452702-a301-4cc7-b76c-619b23f44fa0", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "1e6f0566-fc33-4e1f-bf4e-686676fcde70", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "2629904c-d708-4072-9fe4-98e4a30c7dde", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "07ab75f1-40a3-4b2c-ae83-94dac6e529e2", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "email", + "roles", + "web-origins", + "profile" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "port": "587", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-central", + "eventsEnabled": true, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [ + "UPDATE_CONSENT_ERROR", + "SEND_RESET_PASSWORD", + "GRANT_CONSENT", + "VERIFY_PROFILE_ERROR", + "UPDATE_TOTP", + "REMOVE_TOTP", + "REVOKE_GRANT", + "LOGIN_ERROR", + "CLIENT_LOGIN", + "RESET_PASSWORD_ERROR", + "IMPERSONATE_ERROR", + "CODE_TO_TOKEN_ERROR", + "CUSTOM_REQUIRED_ACTION", + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", + "RESTART_AUTHENTICATION", + "UPDATE_PROFILE_ERROR", + "IMPERSONATE", + "LOGIN", + "UPDATE_PASSWORD_ERROR", + "OAUTH2_DEVICE_VERIFY_USER_CODE", + "CLIENT_INITIATED_ACCOUNT_LINKING", + "TOKEN_EXCHANGE", + "REGISTER", + "LOGOUT", + "AUTHREQID_TO_TOKEN", + "DELETE_ACCOUNT_ERROR", + "CLIENT_REGISTER", + "IDENTITY_PROVIDER_LINK_ACCOUNT", + "UPDATE_PASSWORD", + "DELETE_ACCOUNT", + "FEDERATED_IDENTITY_LINK_ERROR", + "CLIENT_DELETE", + "IDENTITY_PROVIDER_FIRST_LOGIN", + "VERIFY_EMAIL", + "CLIENT_DELETE_ERROR", + "CLIENT_LOGIN_ERROR", + "RESTART_AUTHENTICATION_ERROR", + "REMOVE_FEDERATED_IDENTITY_ERROR", + "EXECUTE_ACTIONS", + "TOKEN_EXCHANGE_ERROR", + "PERMISSION_TOKEN", + "SEND_IDENTITY_PROVIDER_LINK_ERROR", + "EXECUTE_ACTION_TOKEN_ERROR", + "SEND_VERIFY_EMAIL", + "OAUTH2_DEVICE_AUTH", + "EXECUTE_ACTIONS_ERROR", + "REMOVE_FEDERATED_IDENTITY", + "OAUTH2_DEVICE_CODE_TO_TOKEN", + "IDENTITY_PROVIDER_POST_LOGIN", + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", + "UPDATE_EMAIL", + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", + "REGISTER_ERROR", + "REVOKE_GRANT_ERROR", + "LOGOUT_ERROR", + "UPDATE_EMAIL_ERROR", + "EXECUTE_ACTION_TOKEN", + "CLIENT_UPDATE_ERROR", + "UPDATE_PROFILE", + "AUTHREQID_TO_TOKEN_ERROR", + "FEDERATED_IDENTITY_LINK", + "CLIENT_REGISTER_ERROR", + "SEND_IDENTITY_PROVIDER_LINK", + "SEND_VERIFY_EMAIL_ERROR", + "RESET_PASSWORD", + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", + "OAUTH2_DEVICE_AUTH_ERROR", + "UPDATE_CONSENT", + "REMOVE_TOTP_ERROR", + "VERIFY_EMAIL_ERROR", + "SEND_RESET_PASSWORD_ERROR", + "CLIENT_UPDATE", + "IDENTITY_PROVIDER_POST_LOGIN_ERROR", + "CUSTOM_REQUIRED_ACTION_ERROR", + "UPDATE_TOTP_ERROR", + "CODE_TO_TOKEN", + "VERIFY_PROFILE", + "GRANT_CONSENT_ERROR", + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" + ], + "adminEventsEnabled": true, + "adminEventsDetailsEnabled": true, + "identityProviders": [ + { + "alias": "CX-Test-Access", + "internalId": "60e5d38d-c0e2-4ad0-b8b7-0ac98d56d6a7", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "validateSignature": "true", + "userInfoUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/userinfo", + "tokenUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/token", + "clientId": "Central-IdP", + "jwksUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/certs", + "issuer": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Test-Access", + "useJwksUrl": "true", + "authorizationUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/logout", + "syncMode": "IMPORT", + "clientAssertionSigningAlg": "RS256" + } + }, + { + "alias": "Company-1", + "internalId": "90455c53-7a98-48c1-bf51-c84763087ebb", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "validateSignature": "true", + "userInfoUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/userinfo", + "tokenUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/token", + "clientId": "Central-IdP", + "jwksUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/certs", + "issuer": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-1", + "useJwksUrl": "true", + "authorizationUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/logout", + "syncMode": "IMPORT", + "clientAssertionSigningAlg": "RS256" + } + }, + { + "alias": "Company-2", + "internalId": "ab9d4e1e-023a-4877-9747-336d68ef71b6", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "validateSignature": "true", + "userInfoUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/userinfo", + "tokenUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/token", + "clientId": "Central-IdP", + "jwksUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/certs", + "issuer": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-2", + "useJwksUrl": "true", + "authorizationUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/logout", + "syncMode": "IMPORT", + "clientAssertionSigningAlg": "RS256" + } + }, + { + "alias": "Security-Company", + "internalId": "5503ea02-cc4b-41ca-9598-88b718b8a500", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "validateSignature": "true", + "userInfoUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/userinfo", + "tokenUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/token", + "clientId": "Central-IdP", + "jwksUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/certs", + "issuer": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Security-Company", + "useJwksUrl": "true", + "authorizationUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/logout", + "syncMode": "IMPORT", + "clientAssertionSigningAlg": "RS256" + } + }, + { + "alias": "Service-Provider", + "displayName": "Service-Provider", + "internalId": "94318a98-b4e7-4a0a-8742-4e8fdfcbd626", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "hideOnLoginPage": "false", + "validateSignature": "true", + "clientId": "central-idp", + "tokenUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Service-Provider/protocol/openid-connect/token", + "authorizationUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Service-Provider/protocol/openid-connect/auth", + "jwksUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Service-Provider/protocol/openid-connect/certs", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/Service-Provider/protocol/openid-connect/logout", + "clientAssertionSigningAlg": "RS256", + "syncMode": "FORCE", + "useJwksUrl": "true" + } + }, + { + "alias": "App-Provider", + "displayName": "App-Provider", + "internalId": "fc91ae64-319e-4b29-ae2a-599da7a53f3e", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "hideOnLoginPage": "false", + "validateSignature": "true", + "clientId": "central-idp", + "tokenUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/App-Provider/protocol/openid-connect/token", + "authorizationUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/App-Provider/protocol/openid-connect/auth", + "jwksUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/App-Provider/protocol/openid-connect/certs", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/App-Provider/protocol/openid-connect/logout", + "clientAssertionSigningAlg": "RS256", + "syncMode": "FORCE", + "useJwksUrl": "true" + } + }, + { + "alias": "CX-Operator", + "displayName": "CX-Operator", + "internalId": "fbc571fd-cd44-4cec-a36e-4eba647fe712", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "hideOnLoginPage": "false", + "validateSignature": "true", + "clientId": "central-idp", + "tokenUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Operator/protocol/openid-connect/token", + "authorizationUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Operator/protocol/openid-connect/auth", + "jwksUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Operator/protocol/openid-connect/certs", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.dev.demo.catena-x.net/auth/realms/CX-Operator/protocol/openid-connect/logout", + "clientAssertionSigningAlg": "RS256", + "syncMode": "FORCE", + "useJwksUrl": "true" + } + } + ], + "identityProviderMappers": [ + { + "id": "5b93fea1-a44f-40a0-a2fb-d7dabcaf03c3", + "name": "organisation-mapper", + "identityProviderAlias": "CX-Operator", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "CX-Operator", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "7b9c62fb-f583-4969-85a4-c99893d77cb4", + "name": "username-mapper", + "identityProviderAlias": "CX-Operator", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "2e87ecff-b1b6-4c08-93f2-b64065b28591", + "name": "organisation-mapper", + "identityProviderAlias": "App-Provider", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "App-Provider", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "3ac435ac-1bce-4527-b76b-d04ac0d01edc", + "name": "organisation-mapper", + "identityProviderAlias": "CX-Test-Access", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "CX-Test-Access", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "ec3605b2-427b-4385-aeed-a76437441ec6", + "name": "username mapper", + "identityProviderAlias": "CX-Test-Access", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "83f7a7bb-a89a-48b0-80bd-1828ba5fcddf", + "name": "username-mapper", + "identityProviderAlias": "Company-2", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "be6510c5-8ba8-4fba-a3ca-7fff4fe832ce", + "name": "organisation-mapper", + "identityProviderAlias": "Company-2", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "company-2", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "af0a3c39-9e5f-4fda-83fa-e47642c503cd", + "name": "username mapper", + "identityProviderAlias": "Security-Company", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "e47bafcc-c821-48bc-be42-d4190880054b", + "name": "organisation-mapper", + "identityProviderAlias": "Company-1", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "company-1", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "f8178cf1-85a1-4a49-8d61-d7e8f02cb3a4", + "name": "username-mapper", + "identityProviderAlias": "Service-Provider", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "ce26f893-29d4-4f3c-b76b-ebb7f4699329", + "name": "organisation-mapper", + "identityProviderAlias": "Service-Provider", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "Service-Provider", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "a66d8e43-18cd-4d81-a26f-b9db7cccbf3a", + "name": "username-mapper", + "identityProviderAlias": "App-Provider", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "cc2f5796-be47-4d57-8c54-d5fd771a461a", + "name": "organisation-mapper", + "identityProviderAlias": "Security-Company", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "security-company", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "c40e0a6a-5074-418a-9b51-7182c354fe71", + "name": "username-mapper", + "identityProviderAlias": "Company-1", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + } + ], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "ab25cbe7-60bc-49ed-aa4a-707f84a70893", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "277b586e-0b26-40e9-90d1-e76305d69a10", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "552bd2e5-c656-4796-8d61-b87c3508aab5", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "de1bbb33-9e18-4fc1-9ea3-1fd8ad22eae9", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper", + "saml-user-property-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper" + ] + } + }, + { + "id": "b521525f-30e3-4b93-b42b-8c0dd53fc3af", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "a4df1d6a-2c46-44f4-9d06-62eb9b754bab", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-sha256-pairwise-sub-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-property-mapper", + "oidc-address-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper", + "saml-user-attribute-mapper" + ] + } + }, + { + "id": "f7e25fe0-dfe5-451a-8f54-ceea0cf201b4", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "d15d2dae-9c9c-4c7d-83f3-726f29194489", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + } + ], + "org.keycloak.userprofile.UserProfileProvider": [ + { + "id": "80d93c16-6221-4f9f-b8af-20c313ae6c04", + "providerId": "declarative-user-profile", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "2bd55ad0-2f32-40f3-9749-c2d422fb697d", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "676a20ad-a79d-4175-998a-672bf4826e92", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "50220023-09bf-443a-a8b3-f306279cbb5b", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "a510d16e-c3f7-4a88-b853-625a2cd357b4", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "0fac6700-45f9-47f5-8ffc-1149d37d2c60", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "6077b6e8-243d-47da-9aff-57f3e356d260", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "6ff98fd1-dd2d-45e6-a250-414a15678691", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "bd4fa278-5e88-4363-9375-7f25a9ca4ee0", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "e5160140-36c6-41ae-88ee-e13e335ba471", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c45b6e5c-af4f-4b20-9b3c-bbf4a3998c55", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "89c10454-1927-4292-8fd0-8bfef40efeba", + "alias": "Login without auto user creation", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Login without auto user creation User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "758343b7-60e3-4876-abd1-c814277bba16", + "alias": "Login without auto user creation Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Login without auto user creation Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "be18e1d3-a03a-439a-96ae-0fca8cdcf4e3", + "alias": "Login without auto user creation First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "07163690-c59e-4cfe-ba62-0a2ec23f535c", + "alias": "Login without auto user creation Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Login without auto user creation Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b55b2257-0125-4c07-9e8e-250a33d2f4c7", + "alias": "Login without auto user creation User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Login without auto user creation Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ede7951b-99d8-4ca6-8ad7-69055c2d2324", + "alias": "Login without auto user creation Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Login without auto user creation First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "0e9b34dd-6b01-4a83-a3d5-ecb94ccd9044", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a5134b6c-38a0-41eb-88eb-a54881580704", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7136bd9f-0b59-4a35-89d1-45265e31c8bb", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d002e886-5fe9-4175-8df1-11ea7fb6d1f9", + "alias": "WebAuth Browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "WebAuth Browser forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ffce857c-c600-4a8c-9000-0ab90cccb0de", + "alias": "WebAuth Browser Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "webauthn-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 21, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "9428c695-44a4-4d25-bfa0-264e6205920d", + "alias": "WebAuth Browser forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "WebAuth Browser Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a5803e20-ca48-4507-8af2-e2f9f777597d", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "cf41aea4-131c-4e9c-b3b1-2ad5e49ee0d5", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "66cf57f8-e5c1-48ac-92f0-0449c414c491", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d3801254-af32-4114-9a25-28430ea48f14", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "61f0a690-1d6f-4c8a-8060-48c43776df32", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "f36ad2df-82dc-4030-b3f2-b1f6fe9090b7", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "46b5c0be-6b4a-4b68-badf-959e11eafab5", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "3a268c73-954d-473f-ad1a-d6dbe358373d", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "1de70ee4-9f36-480d-abea-aef9e6b52d95", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "102f2aa1-43db-4ba7-bc6d-d1d6655ad4ea", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ae5f0aea-98df-492a-8154-0d481faaa2d8", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "b0f91ad8-dd8b-43b6-a5aa-59a71fc1b9b5", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "f3e58a9a-49e4-4f8f-8b32-811a2b901130", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "userProfileEnabled": "false", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-central/stable/CX-Central-realm.json b/import/realm-config/consortia/catenax-central/stable/CX-Central-realm.json new file mode 100644 index 00000000..583b1f7f --- /dev/null +++ b/import/realm-config/consortia/catenax-central/stable/CX-Central-realm.json @@ -0,0 +1,17224 @@ +{ + "id": "CX-Central", + "realm": "CX-Central", + "displayName": "Catena-X Central", + "notBefore": 1660280763, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": true, + "refreshTokenMaxReuse": 1, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": false, + "duplicateEmailsAllowed": true, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "9ed742fe-ac2e-462c-ab1f-09895db556b6", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "fd7248cf-7b65-4dbf-ae84-7a967e8ec7c2", + "name": "user", + "description": "basic user", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "4c19f2aa-f9b9-473e-ba5c-46c2f4e52c8b", + "name": "default-roles-catena-x realm", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "realm-management": [ + "manage-users", + "view-clients" + ], + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + }, + { + "id": "1ec798aa-cd95-43bd-9494-b1883e451fbb", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "CX-Central", + "attributes": {} + } + ], + "client": { + "sa-cl6-cx-10": [], + "sa-cl3-cx-2": [], + "sa-cl6-cx-11": [], + "sa-cl6-cx-12": [], + "sa-cl6-cx-13": [], + "sa-cl6-cx-14": [], + "SAP-Login": [], + "sa-cl3-cx-1": [], + "sa-cl6-cx-16": [], + "sa-cl6-cx-17": [], + "sa-cl10-cx-1": [], + "Cl16-CX-BPDMGate-Portal": [ + { + "id": "94d85051-81d3-4c48-99de-7a808376ff32", + "name": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "17cdc8bc-0081-4fbd-8d28-969881e68507", + "attributes": {} + }, + { + "id": "b37b3f91-126f-4908-a0cd-56d5eebf25d1", + "name": "view_shared_data", + "composite": false, + "clientRole": true, + "containerId": "17cdc8bc-0081-4fbd-8d28-969881e68507", + "attributes": {} + }, + { + "id": "7c22a374-987c-4360-abc0-38d9efb7a137", + "name": "update_company_data", + "composite": false, + "clientRole": true, + "containerId": "17cdc8bc-0081-4fbd-8d28-969881e68507", + "attributes": {} + } + ], + "sa-cl6-cx-21": [], + "sa-cl6-cx-22": [], + "realm-management": [ + { + "id": "aafa6845-0920-4013-a283-594c9dc7ac32", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "08811aa8-7a05-489d-9f5e-bd51fd39fbc3", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "172dbf29-cc79-438f-9f56-24d0941f04ea", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "6ecdc37e-e84c-4b2f-b7f8-950ad361b831", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "3bc03769-6258-4202-9f83-2f9f33821ccb", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "93db5b47-913a-4c45-a227-33f0b5c90701", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "8cce49c4-c187-4573-ad0d-fddabc764ab3", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "a2621233-2118-44ef-aa5b-c1c75854e395", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "fa001419-f155-4709-af5a-7753fa0d5798", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "257abe39-01cd-44d1-96c3-e179d83effb6", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "ad4b404c-de7f-4224-bb64-fc132a6c54c1", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-realm", + "manage-realm", + "impersonation", + "manage-events", + "view-users", + "create-client", + "view-events", + "query-clients", + "view-identity-providers", + "manage-users", + "query-realms", + "manage-identity-providers", + "view-authorization", + "view-clients", + "manage-authorization", + "query-users", + "manage-clients", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "13ba5952-cd79-4aea-9511-0741b2578980", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "9842d196-88db-4df8-9c99-e383fa2e1b95", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "14d19c59-046b-4772-8c2d-9dc1ccc82f46", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "01feddbc-f742-42a9-ba3c-64f8ac2d5ba3", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "f36cf8ec-3f54-4df5-80e6-36b44c0b1803", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "b0c29452-6401-4f9d-a808-25b861c19006", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "acf55e28-5dad-462b-abf5-51f598a7b8e8", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + }, + { + "id": "08547466-edfb-4676-9fb5-e4f4a6ee7363", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "attributes": {} + } + ], + "sa-cl6-cx-23": [], + "sa-cl6-cx-24": [], + "sa-cl6-cx-25": [], + "sa-cl6-cx-26": [], + "sa-cl6-cx-27": [], + "sa-cl6-cx-28": [], + "sa-cl1-cx-1": [], + "sa-cl6-cx-20": [], + "sa-cl6-cx-18": [], + "sa-cl6-cx-19": [], + "Cl13-CX-Battery": [ + { + "id": "663693ff-4509-4b04-a260-635a66f421d9", + "name": "Dismantler", + "composite": false, + "clientRole": true, + "containerId": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", + "attributes": {} + }, + { + "id": "0137339a-51f8-408c-adbe-5df3ab6f72e2", + "name": "Recycler", + "composite": false, + "clientRole": true, + "containerId": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", + "attributes": {} + }, + { + "id": "450eb8ef-4407-445c-8808-f2cc8a6982ee", + "name": "OEM", + "composite": false, + "clientRole": true, + "containerId": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", + "attributes": {} + } + ], + "sa-cl2-02": [], + "sa-cl2-01": [], + "Cl10-CX-BPDMShare": [], + "sa-cl2-03": [], + "account-console": [], + "Cl17-CX-Part": [ + { + "id": "98e9e3cd-6b11-440a-8405-126971c54244", + "name": "Supervisor", + "composite": false, + "clientRole": true, + "containerId": "6493bcd5-a1ee-47f0-bec3-a1436f4d8b10", + "attributes": {} + }, + { + "id": "3435cb3e-588f-4415-ba72-200638ec893d", + "name": "Admin", + "composite": false, + "clientRole": true, + "containerId": "6493bcd5-a1ee-47f0-bec3-a1436f4d8b10", + "attributes": {} + }, + { + "id": "5a1480ee-c555-43fb-b380-fd172af0f5f3", + "name": "User", + "composite": false, + "clientRole": true, + "containerId": "6493bcd5-a1ee-47f0-bec3-a1436f4d8b10", + "attributes": {} + } + ], + "Cl15-CX-DFT": [ + { + "id": "628c82c5-aac7-413c-8257-547687785a2a", + "name": "User", + "composite": false, + "clientRole": true, + "containerId": "f864e14f-5f27-4d1d-8f91-2d2a983e163c", + "attributes": {} + } + ], + "technical_roles_management": [ + { + "id": "4ab4e352-bb16-47d3-a9cf-44730df6737b", + "name": "Connector User", + "composite": true, + "composites": { + "client": { + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", + "name": "BPDM Management", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "delete_company_data", + "add_company_data", + "view_company_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "20f2c41a-dacd-4505-877a-bb899066a767", + "name": "BPDM Pool", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", + "composite": false, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", + "name": "BPDM Partner Gate", + "composite": true, + "composites": { + "client": { + "Cl16-CX-BPDMGate": [ + "view_company_data", + "update_company_data", + "view_shared_data" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "08604187-8eef-435a-8116-ccc187b8e897", + "name": "App Tech User", + "composite": true, + "composites": { + "client": { + "Cl6-CX-DAPS": [ + "create_daps_client" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ], + "Cl2-CX-Portal": [ + "view_membership", + "view_connectors" + ], + "Cl20-CX-IRS": [ + "view_irs" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "01cbe8bf-7957-4b9f-ae79-66a068c2c7d9", + "name": "Service Management", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "add_service_offering", + "add_connectors", + "activate_subscription" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", + "composite": true, + "composites": { + "client": { + "Cl2-CX-Portal": [ + "view_connectors" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + } + ], + "sa-beta-cx7": [], + "sa-beta-cx6": [], + "sa-beta-cx5": [], + "sa-beta-cx4": [], + "sa-beta-cx3": [], + "sa-cl5-cx-1": [], + "sa-beta-cx2": [], + "sa-beta-cx1": [], + "sa-cl6-cx-01": [], + "Cl1-CX-Registration": [ + { + "id": "3c7b8dec-3ef8-4665-82a3-2d8aeed059d8", + "name": "view_documents", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "21fce69f-e42a-4f03-a47f-74441f5719c7", + "name": "view_company_roles", + "description": "View Company Roles and Descriptions", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "9fe7f83e-c5af-408f-9e02-66ca6d318d9b", + "name": "delete_documents", + "description": "delete_documents", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "009c93b3-8cb7-4961-9492-9d2fc9574583", + "name": "upload_documents", + "description": "User is able to upload documents in the registration service", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "9607136e-9daf-4057-9274-767d4de473ab", + "name": "add_company_data", + "description": "User is able to add / edit company data under the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "b1b1e25d-0e14-4fc0-882a-126f3f6cbbc0", + "name": "view_registration", + "description": "Permission to access & view the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "fd523149-5499-412d-82b0-d8aeccbb5c5e", + "name": "Company Admin", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "e5f03bf6-0b3c-4539-8873-d146bd18e504", + "name": "CX Admin", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "086cf0b0-7181-4a8a-89d3-137fd02e0847", + "name": "submit_registration", + "description": "User is able to submit the registration to Catena-X", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "87ecd7bb-039a-4e0a-a1a8-ca17b32d7891", + "name": "Signing Manager", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "e12709ce-c1fc-454a-a095-4088cab26539", + "name": "sign_consent", + "description": "User is able to confirm Terms & Conditions", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "461ea134-91cd-4482-a0cb-6f8406846807", + "name": "Legal Manager", + "composite": true, + "composites": { + "client": { + "Cl1-CX-Registration": [ + "add_company_data", + "view_registration", + "view_documents", + "view_company_roles", + "submit_registration", + "sign_consent", + "delete_documents", + "upload_documents", + "invite_user" + ] + } + }, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + }, + { + "id": "44d50090-3343-48d8-9843-7eeb15276869", + "name": "invite_user", + "description": "User is able to add additional users to the registration process", + "composite": false, + "clientRole": true, + "containerId": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "attributes": {} + } + ], + "broker": [ + { + "id": "d1330d07-b783-43ad-b545-85a230060023", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "03885031-084a-4317-aa51-de9b4acf8fa9", + "attributes": {} + } + ], + "sa-clx-cx-2": [], + "sa-clx-cx-1": [], + "Cl3-CX-Semantic": [ + { + "id": "beef62b1-2e1c-4fc2-8813-7f3981ebfde2", + "name": "view_semantic_model", + "description": "View existing data models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "fa8261a8-fe09-4867-a558-438737917185", + "name": "delete_semantic_model", + "description": "User can delete existing semantic models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "a46242a3-26db-4b86-b836-bf0339168c56", + "name": "add_semantic_model", + "description": "Add semantic model", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + }, + { + "id": "f7d88948-b75d-4ed0-851d-b4c645ae27ca", + "name": "update_semantic_model", + "description": "User can update existing semantic models", + "composite": false, + "clientRole": true, + "containerId": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "attributes": {} + } + ], + "sa-cl1-reg-2": [], + "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ + { + "id": "af4e22d2-94c8-48cb-9c5e-fa8b47d74538", + "name": "EarthCommerce.Buyer", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "13510549-38f2-45bb-9e55-9477e35951b7", + "name": "CE.Dismantler.Purchase", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "5c63dd30-fc5c-439a-ad15-c04006cf9727", + "name": "EarthCommerce.UserRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "8b14d5c3-2722-48d9-b24d-1195a8d3b7da", + "name": "EC.Buyer.Manager", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "48503f8d-b755-4aba-a7d6-52cd2cb90058", + "name": "EarthCommerce.BuyerRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "50f5d4d7-63d4-4447-addb-02771ac093c5", + "name": "CE.Dismantler.Leader", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "f4840cd9-6d46-4743-be4a-88039df5c84a", + "name": "EarthCommerce.Advanced.BuyerRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "7e9c6415-776c-4fe5-86d2-3999c7e7078e", + "name": "CE.Dismantler.View", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "8de07354-c022-4724-aa41-2f3aee66f0db", + "name": "EarthCommerce.Content.Manager", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "eeb80e52-00f1-461c-bfd3-960a91f56fe8", + "name": "EarthCommerce.AdministratorRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "d838e0d7-2c9f-41dd-8989-23ef2051c39f", + "name": "EarthCommerce.Content.ManagerRC_QAS2", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + }, + { + "id": "77edbd2b-d31d-428b-8f52-dc356e36c27f", + "name": "EC.Buyer.buy", + "composite": false, + "clientRole": true, + "containerId": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "attributes": {} + } + ], + "Cl6-CX-DAPS": [ + { + "id": "96c93605-67d4-4944-af56-30ca028e9b09", + "name": "create_daps_client", + "composite": false, + "clientRole": true, + "containerId": "28273f37-cff9-44c3-9731-2a7a63025d28", + "attributes": {} + } + ], + "security-admin-console": [], + "sa-cl16-cx-1": [], + "Cl2-CX-Portal": [ + { + "id": "39ff444c-888a-4bf6-b8e1-343b66f8a067", + "name": "decline_new_partner", + "description": "User can decline a partner application", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "46905bb9-8d3b-4666-891f-a67e8f963b3b", + "name": "view_documents", + "description": "User can view/download documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0769d6ca-3056-42da-84cd-35f2d535d79e", + "name": "delete_connectors", + "description": "Delete company connectors", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "54bd7ad1-0773-4c9e-b1be-5cf41faa1c05", + "name": "update_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d566bb6c-e621-4517-9322-26093231b77c", + "name": "Service Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "view_submitted_applications", + "delete_connectors", + "update_service_offering", + "view_technical_setup", + "view_tech_user_management", + "view_service_marketplace", + "CX User", + "view_service_offering", + "add_connectors", + "upload_documents", + "view_own_user_account", + "view_use_cases", + "view_idp", + "view_services", + "add_tech_user_management", + "view_membership", + "update_own_user_account", + "add_service_offering", + "view_service_subscriptions", + "activate_subscription", + "view_tech_roles", + "view_notifications", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "view_subscription", + "delete_notifications", + "view_connectors", + "view_partner_network" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4d1ca50b-8a6e-47ee-9a9b-ed5a919bc0d5", + "name": "invite_new_partner", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", + "name": "setup_client", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "34742e28-1497-4222-ad1f-93ab9feac92e", + "name": "view_app_subscription", + "description": "view app subscriptions in pending, active and inactive", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d41dd839-6562-4be4-8364-de787c367458", + "name": "delete_documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8cceb06a-fa9d-4251-a336-9173d268c6d3", + "name": "app_management", + "description": "can manage apps", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "1290996a-0229-49b8-8aa4-732f4d27f5fa", + "name": "view_company_data", + "description": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "ff9d65f5-dbdf-4971-8042-f36bb23cc52c", + "name": "approve_app_release", + "description": "User can approve apps to get released on the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "27521792-5070-4dd9-93ed-d4fea69877e2", + "name": "view_app_language", + "description": "View available app language", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c41486f4-86d3-4b9b-9fb0-ceeaaf718268", + "name": "modify_user_account", + "description": "Users with this right can modify users related to their company", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "03490917-fd0d-4893-b901-3a426d3958db", + "name": "App Developer", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "view_app_language", + "technical_roles_management", + "CX User", + "view_technical_setup", + "view_tech_user_management", + "edit_apps", + "app_management", + "view_use_cases", + "view_apps", + "view_tech_roles" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5c0d11f9-a90d-4960-9917-450b70b419f2", + "name": "Business Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "modify_user_account", + "view_dataspaces", + "add_user_account", + "filter_apps", + "view_apps", + "view_notifications", + "subscribe_apps", + "view_services", + "view_partner_network" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", + "name": "add_connectors", + "description": "Add new connector (registration and self-description)", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9f7a5a51-6a38-4d53-816a-6db01ef52111", + "name": "view_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "1d12d087-bcaf-4ad5-b21f-77fdce13b423", + "name": "view_user_management", + "description": "Users with this right can access the user management in CX", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "bcfd6c59-c999-440a-91ac-396a2b0322d4", + "name": "view_idp", + "description": "User can view IdP details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0cf91728-4ab6-413c-af72-4d8aee959c51", + "name": "add_apps", + "description": "Users with this role can publish new apps in the Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "146c2388-2e26-4505-b85d-6824a4f80a2e", + "name": "add_tech_user_management", + "description": "Create / request technical users for my org", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "15bd8123-3469-4505-93ff-a5bd3b929495", + "name": "subscribe_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0d41349d-30a8-42c1-9e1c-2b67d69fba30", + "name": "update_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b584419b-1973-4c80-b5f9-0d5989263bd4", + "name": "add_self_descriptions", + "description": "add self descriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f42c35ab-9a75-4be8-9c7d-3ca39a156eba", + "name": "view_user_account", + "description": "Users with this role can view the user account of others", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "e5267609-478c-40b6-bf96-6495bba42cd5", + "name": "view_service_subscriptions", + "description": "User is able to view service subscription under own service", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "065e25ce-29db-41f2-87aa-f4003d62df62", + "name": "activate_subscription", + "description": "Activation of subscriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "0de2c803-1130-4ebf-9dfb-5016aadb9ca2", + "name": "setup_idp", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", + "name": "view_tech_roles", + "description": "View technical user roles", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", + "name": "view_client_roles", + "description": "Users with this right can view the client roles of an app", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9c81a6b2-737b-477c-9836-479605350a5f", + "name": "subscribe_service", + "description": "subscribe_service", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", + "name": "delete_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c78c4b1f-5578-4b31-8be4-c386fd58c55c", + "name": "view_subscription", + "description": "View my company subscriptions", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f4eca60a-55c3-4b53-b3ee-f93a73d497f1", + "name": "delete_notifications", + "description": "User can delete notifications", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "cbf9e4ee-77f1-4310-b461-67995552324e", + "name": "view_submitted_applications", + "description": "Users with this right can view submitted applications and the respective application status", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c6e35f9f-f7c0-4899-9ce6-7cce7ea79304", + "name": "approve_new_partner", + "description": "User with this right can let new partners access the portal by approving the company registration request inside the admin board", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "67ac93fa-6616-466a-b1db-5293b13c15bb", + "name": "view_technical_setup", + "description": "Users with this right can setup EDC /IDP/etc.", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a34170d5-779d-489b-b2bb-e1b99b88b638", + "name": "view_tech_user_management", + "description": "View technical users", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5998f67b-b190-443d-ab9b-3e76bbd73cab", + "name": "add_user_account", + "description": "Users with this right can add user accounts under their CX company", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5654ef02-0b23-422e-8eb3-7bd95778db8f", + "name": "IT Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin", + "add_digital_twin" + ], + "Cl2-CX-Portal": [ + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "view_company_data", + "modify_user_account", + "disable_idp", + "add_connectors", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_tech_user_management", + "add_idp", + "delete_idp", + "view_membership", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "setup_idp", + "view_notifications", + "view_client_roles", + "delete_tech_user_management", + "my_user_account", + "view_apps", + "view_subscription", + "delete_notifications", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "add_semantic_model", + "update_semantic_model", + "view_semantic_model", + "delete_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f70ac54f-c8fa-4d87-b7a6-e5a8c028cafe", + "name": "Sales Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "subscribe_service", + "CX User", + "view_service_offering", + "view_service_subscriptions", + "activate_subscription", + "subscribe_apps", + "view_services" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", + "name": "delete_apps", + "description": "User with this role can delete apps published in the Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "5bcbf360-c331-4fbf-b1d2-b16b1a1ec25a", + "name": "approve_service_release", + "description": "approve_service_release", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", + "name": "view_service_marketplace", + "description": "view_service_marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4581b083-0c1e-42a2-bb4c-85dfd14cfa23", + "name": "Company Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl2-CX-Portal": [ + "view_documents", + "delete_connectors", + "setup_client", + "view_app_subscription", + "delete_documents", + "view_company_data", + "view_app_language", + "modify_user_account", + "add_connectors", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_tech_user_management", + "subscribe_service_offering", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "setup_idp", + "view_tech_roles", + "view_client_roles", + "subscribe_service", + "delete_user_account", + "view_subscription", + "delete_notifications", + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "view_service_marketplace", + "view_service_offering", + "disable_idp", + "upload_documents", + "view_use_cases", + "subscribe_apps", + "view_services", + "add_idp", + "delete_idp", + "view_membership", + "view_dataspaces", + "filter_apps", + "view_notifications", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "view_apps", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "496ae7df-fabd-4977-bb81-d6eb96ad81ed", + "name": "CX User", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl2-CX-Portal": [ + "view_documents", + "view_membership", + "view_dataspaces", + "update_own_user_account", + "filter_apps", + "view_company_data", + "view_notifications", + "view_service_marketplace", + "view_service_offering", + "delete_own_user_account", + "my_user_account", + "view_own_user_account", + "view_apps", + "view_user_management", + "view_subscription", + "delete_notifications", + "view_services", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a1bc8bb5-03bb-465e-8795-c68e3920c51d", + "name": "view_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "d9609443-abd1-462f-8881-3e7d8213d785", + "name": "disable_idp", + "description": "disable an assigned idp", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "a5492307-2072-4c5d-9de3-f507f3d3302e", + "name": "App Manager", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "add_apps", + "CX User", + "App Developer", + "add_user_account", + "edit_apps", + "activate_subscription", + "delete_apps", + "view_user_management" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "39c00d2f-491f-4658-96ef-9f47920afea6", + "name": "upload_documents", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", + "name": "view_use_cases", + "description": "Users can view available use cases in the network", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "51e6dede-686f-43d5-925a-693784f8a661", + "name": "subscribe_apps", + "description": "User is able to start the app subscription process", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", + "name": "view_services", + "description": "view service marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", + "name": "update_application_checklist_value", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9b440b50-0ddd-4a6f-9a22-24073aea801e", + "name": "add_idp", + "description": "User can create a new idp under his organisation", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "c190da2a-aad4-4a02-9904-88207ba322a6", + "name": "delete_idp", + "description": "User can delete company idps", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8cebb227-d72c-428e-92fd-6b4c01cbb899", + "name": "view_membership", + "description": "view_membership", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "ee373634-1eb3-4702-a269-774f36f54453", + "name": "decline_service_release", + "description": "decline_service_release", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", + "name": "view_dataspaces", + "description": "View dataspace marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "b06c2999-6008-4fb6-a22f-93fdac150656", + "name": "decline_app_release", + "description": "User can decline apps to not get released on the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "3a3af42c-c564-44ca-b83c-6d5c3bbd6087", + "name": "add_service_offering", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", + "name": "filter_apps", + "description": "Users with this role can filter apps in the App Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "765bced5-b422-4f91-b35f-19d648595e6a", + "name": "Purchaser", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl2-CX-Portal": [ + "subscribe_service_offering", + "CX User", + "view_app_subscription", + "subscribe_apps" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f9ec0166-c20b-4f1f-9f0d-11349fec657c", + "name": "view_notifications", + "description": "User can view notification details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "7b816094-20e7-44fb-a45f-3ecb9d9d7157", + "name": "CX Admin", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "delete_company_data", + "add_company_data", + "view_company_data" + ], + "Cl5-CX-Custodian": [ + "delete_wallet", + "add_wallet", + "view_wallet", + "update_wallet" + ], + "Cl1-CX-Registration": [ + "view_registration" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin", + "add_digital_twin" + ], + "Cl2-CX-Portal": [ + "decline_new_partner", + "view_documents", + "delete_connectors", + "update_service_offering", + "invite_new_partner", + "setup_client", + "view_app_subscription", + "delete_documents", + "app_management", + "view_company_data", + "approve_app_release", + "view_app_language", + "modify_user_account", + "add_connectors", + "view_own_user_account", + "view_user_management", + "view_idp", + "add_apps", + "add_tech_user_management", + "subscribe_service_offering", + "update_own_user_account", + "add_self_descriptions", + "view_user_account", + "view_service_subscriptions", + "activate_subscription", + "setup_idp", + "view_tech_roles", + "view_client_roles", + "subscribe_service", + "delete_user_account", + "view_subscription", + "delete_notifications", + "view_submitted_applications", + "approve_new_partner", + "view_technical_setup", + "view_tech_user_management", + "add_user_account", + "delete_apps", + "approve_service_release", + "view_service_marketplace", + "view_service_offering", + "disable_idp", + "upload_documents", + "view_use_cases", + "subscribe_apps", + "view_services", + "add_idp", + "delete_idp", + "view_membership", + "decline_service_release", + "view_dataspaces", + "decline_app_release", + "add_service_offering", + "filter_apps", + "view_notifications", + "technical_roles_management", + "delete_tech_user_management", + "delete_own_user_account", + "my_user_account", + "create_notifications", + "edit_apps", + "view_apps", + "view_connectors", + "view_partner_network" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + } + }, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "92b5a061-8e54-4562-a86c-94c0bacef12d", + "name": "technical_roles_management", + "description": "technical roles management", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "4ac0c3dc-1401-4ed6-a5f8-d8e08e2f5c78", + "name": "delete_tech_user_management", + "description": "Delete a technical user", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", + "name": "my_user_account", + "description": "view my own user account details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "22b05ced-cd8e-4769-a368-b8266bf967ef", + "name": "create_notifications", + "description": "User can create notifications (ONLY FOR TEST REASONS)", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "13fe64aa-6de6-4b94-9e3d-af9b2c7f2917", + "name": "edit_apps", + "description": "Users with this role can edit apps which are published in the marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "817fa189-808e-465c-b75d-838336ab7a84", + "name": "view_apps", + "description": "Users with this role can view apps in the App Marketplace", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "e5ec6a66-8fad-4066-bcdd-92041f894831", + "name": "view_connectors", + "description": "Look up company connectors and their details", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, + { + "id": "104c094b-eaf5-4b0e-9758-f14dedf925da", + "name": "view_partner_network", + "description": "Partner Network view", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + } + ], + "Cl21-CX-DF": [ + { + "id": "44a9692a-6d97-4ce0-9d1c-bcdd273792a9", + "name": "view_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + }, + { + "id": "3bb6b58e-b10b-4705-aef9-56f359e46111", + "name": "delete_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + }, + { + "id": "518d41c9-c7c7-4ab4-be2b-2b467977ecc9", + "name": "add_discovery_endpoint", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "attributes": {} + } + ], + "sa-cl8-cx-1": [], + "Cl11-ADAC-Fleet": [ + { + "id": "95cea93b-ea55-4582-b70e-efc722ee462b", + "name": "customer", + "composite": false, + "clientRole": true, + "containerId": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "attributes": {} + }, + { + "id": "95b0f5d0-5ce8-4324-b8bc-76888fe1addf", + "name": "Admin", + "composite": true, + "composites": { + "client": { + "Cl11-ADAC-Fleet": [ + "admin" + ] + } + }, + "clientRole": true, + "containerId": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "attributes": {} + }, + { + "id": "4559a892-ff7f-48aa-a4d7-792a00c8937f", + "name": "oem", + "composite": false, + "clientRole": true, + "containerId": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "attributes": {} + }, + { + "id": "37c2f367-f03f-4808-ab73-4c470f178625", + "name": "admin", + "composite": false, + "clientRole": true, + "containerId": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "attributes": {} + } + ], + "Cl7-CX-BPDM": [ + { + "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", + "name": "delete_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", + "name": "add_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", + "name": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + } + ], + "admin-cli": [], + "Cl16-CX-BPDMGate": [ + { + "id": "891e715a-7fdb-4dbe-a177-998a383ee836", + "name": "view_company_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", + "name": "update_company_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", + "name": "view_shared_data", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + } + ], + "sa-cl7-cx-1": [], + "sa-cl5-custodian-internaltest": [], + "sa-cl7-cx-2": [], + "sa-cl7-cx-3": [], + "sa-cl7-cx-4": [], + "sa-cl21-01": [], + "sa-cl7-cx-5": [], + "sa-cl7-cx-6": [], + "sa-cl7-cx-7": [], + "sa-cl5-custodian-3": [], + "Cl15-BOSCH-AFQM": [ + { + "id": "07e4c7f0-f7c1-420a-8788-81eb42b5a8cd", + "name": "AFQM_USER", + "composite": false, + "clientRole": true, + "containerId": "0cabe6af-0943-48ef-84cf-507a5b162aab", + "attributes": {} + } + ], + "sa-cl5-custodian-4": [], + "sa-cl5-custodian-1": [], + "sa-cl5-custodian-2": [], + "https://catenax--stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com": [], + "urn:uuid:7bd86018-d0a2-421b-9e00-b77bab0838b1": [], + "sa-cl6-cx-4": [], + "sa-cl6-cx-3": [], + "sa-cl6-cx-2": [], + "sa-cl6-cx-1": [], + "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com": [ + { + "id": "9252617c-aed9-4ab3-9fe5-a2193fdcad65", + "name": "app_CatenaXUser", + "composite": false, + "clientRole": true, + "containerId": "2d1e3584-9954-4b7f-a58b-8820ca390799", + "attributes": {} + } + ], + "sa-cl6-cx-8": [], + "sa-cl6-cx-6": [], + "sa-cl6-cx-5": [], + "sa-cl22-01": [], + "Cl18-CX-Pal": [ + { + "id": "09a0aceb-f0e5-40de-a718-3d2f532183c8", + "name": "Viewer", + "composite": false, + "clientRole": true, + "containerId": "77d56420-d8d8-4eab-9af0-6b6bb27de356", + "attributes": {} + } + ], + "sa-cl6-cx-30": [], + "Cl22-CX-BPND": [ + { + "id": "798bcaf7-fec5-414f-91ef-352967bfd72a", + "name": "add_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + }, + { + "id": "07c35188-e159-4f5b-b05e-a393c5b8c115", + "name": "delete_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + }, + { + "id": "05bc014a-ce02-4965-bdea-34d5b206e0e5", + "name": "view_bpn_discovery", + "composite": false, + "clientRole": true, + "containerId": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "attributes": {} + } + ], + "Cl12-CX-TestManager": [], + "sa-cl6-cx-29": [], + "Cl20-CX-IRS": [ + { + "id": "ee61636e-de19-41cb-be70-ec4c730c474c", + "name": "view_irs", + "description": "view_irs", + "composite": false, + "clientRole": true, + "containerId": "c154b82c-c760-4da5-8b27-7f45b39259e6", + "attributes": {} + } + ], + "Cl16-CX-CRisk": [ + { + "id": "3fc6e7e8-9115-4d0f-a0ab-3f950321af11", + "name": "Company Admin", + "description": "Company Admin", + "composite": false, + "clientRole": true, + "containerId": "9767ac38-506a-4d20-aeb7-0e40cd00e908", + "attributes": {} + }, + { + "id": "a8acd905-7c26-49fe-9910-11a0239bb39b", + "name": "User", + "composite": false, + "clientRole": true, + "containerId": "9767ac38-506a-4d20-aeb7-0e40cd00e908", + "attributes": {} + } + ], + "Cl5-CX-Custodian": [ + { + "id": "11c06d7d-8cab-42e8-b8bb-599940c61f2b", + "name": "delete_wallet", + "description": "User can delete his wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "7cbf7bf7-be0b-4372-9b5d-56bfcfad4ef7", + "name": "add_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "4e985f0a-4d33-409c-93a2-8d1b1de000e6", + "name": "delete_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "823ef0fd-ad22-4817-b31b-4638139b435c", + "name": "update_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "191ff80d-5525-4dc5-a761-80783a4d8c04", + "name": "add_wallet", + "description": "Add a new wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "d6521ed5-9154-49a8-9ac4-c0a12573b201", + "name": "view_wallet", + "description": "Can view own wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "dbdb11f0-f21a-4012-9610-43934407c309", + "name": "update_wallet", + "description": "Change existing wallet", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + }, + { + "id": "82b61160-ff26-4dd0-abf5-33d6ec57cdc7", + "name": "view_wallets", + "composite": false, + "clientRole": true, + "containerId": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "attributes": {} + } + ], + "Cl9-CDQ-Fraud": [ + { + "id": "9f5d6884-a643-4846-bddc-39adeda9aef2", + "name": "fraud_app_manager", + "composite": false, + "clientRole": true, + "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", + "attributes": {} + }, + { + "id": "2d7ea02b-114a-40d6-9c2c-ef57cc7eef67", + "name": "fraud_app_user", + "composite": false, + "clientRole": true, + "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", + "attributes": {} + } + ], + "Cl4-CX-DigitalTwin": [ + { + "id": "6188b8f4-5d2c-41c7-a841-83fb8328f1ba", + "name": "add_digital_twin", + "description": "Users with this role can add digital twins in the digital twin registry", + "composite": false, + "clientRole": true, + "containerId": "0dec1120-c21e-42ad-a779-94fc36217072", + "attributes": {} + }, + { + "id": "7da8c3a4-faed-429e-945c-52ba37dbf9c7", + "name": "view_digital_twin", + "description": "Users with this role can view the digital twin registry in the Portal", + "composite": false, + "clientRole": true, + "containerId": "0dec1120-c21e-42ad-a779-94fc36217072", + "attributes": {} + }, + { + "id": "ecef749d-a16e-4bf3-914d-76a3f10fd892", + "name": "delete_digital_twin", + "description": "Users with this role can delete digital twins in the digital twin registry", + "composite": false, + "clientRole": true, + "containerId": "0dec1120-c21e-42ad-a779-94fc36217072", + "attributes": {} + }, + { + "id": "8543775d-2359-41cf-8bfe-cc78c12ba841", + "name": "update_digital_twin", + "description": "Users with this role can update digital twins in the digital twin registry", + "composite": false, + "clientRole": true, + "containerId": "0dec1120-c21e-42ad-a779-94fc36217072", + "attributes": {} + } + ], + "sa-cl6-cx-9": [], + "account": [ + { + "id": "9a1e745f-e0b5-4efc-9336-3ba403a79cb8", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "93070949-280d-4183-9761-94792722cc1d", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "20d5e725-3d3b-4bfe-9a62-5e650ae55b53", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "d0312a58-8fba-4fea-9a07-bd5e1515f9d8", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "1bc65f13-4eda-4954-9944-6699ec3913b3", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "8b60326c-d508-4563-a41f-7973383d7501", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + }, + { + "id": "ef74a99a-0297-43c7-ae30-109c08a5aa69", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "60313b78-e131-4358-9817-163ee938cc59", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "4c19f2aa-f9b9-473e-ba5c-46c2f4e52c8b", + "name": "default-roles-catena-x realm", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "CX-Central" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "users": [ + { + "id" : "6529834b-a4c1-4b11-a200-d77e5fe7443f", + "createdTimestamp" : 1651814956235, + "username" : "app-provider.aa4b2a5d-2dc7-419c-a8ce-72886e0e32e9", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "App Provider", + "email" : "app-provider@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CSLL" ], + "organisation" : [ "App-Provider" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "App-Provider", + "userId" : "aa4b2a5d-2dc7-419c-a8ce-72886e0e32e9", + "userName" : "app-provider@cx.com" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "4a23930a-30b6-461c-9ad4-58d3e761a0b5", + "createdTimestamp" : 1652788390200, + "username" : "company-1.03b7feab-cc55-48cd-882a-0d8db03a8c8c", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "Company Admin", + "email" : "company.admin@cx.com", + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Company-1", + "userId" : "03b7feab-cc55-48cd-882a-0d8db03a8c8c", + "userName" : "company admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "ee93d4e6-2088-4352-b6e4-21f3fa7f390e", + "createdTimestamp" : 1652788086549, + "username" : "company-2.a81a425e-bdb4-482b-8535-a02c313c25af", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "Company Admin", + "email" : "companyadmin@cx.com", + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Company-2", + "userId" : "a81a425e-bdb4-482b-8535-a02c313c25af", + "userName" : "company admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "502dabcf-01c7-47d9-a88e-0be4279097b5", + "createdTimestamp" : 1651814956235, + "username" : "cx-operator.656e8a94-188b-4a3e-9eec-b45d8efd8347", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "CX Operator", + "email" : "cx-operator@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHL" ], + "organisation" : [ "CX-Operator" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Operator", + "userId" : "656e8a94-188b-4a3e-9eec-b45d8efd8347", + "userName" : "cx-operator@cx.com" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "93a03e4c-8ba5-4d81-93f9-4b065b005b33", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.08132c4c-146d-41ee-938a-09759783eea1", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "user", + "lastName" : "company 2", + "email" : "company2@user.de", + "attributes" : { + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "08132c4c-146d-41ee-938a-09759783eea1", + "userName" : "company 2 user" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl13-CX-Battery" : [ "Recycler" ], + "Cl3-CX-Semantic" : [ "view_semantic_model" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "623770c5-cf38-4b9f-9a35-f8b9ae972e2d", + "createdTimestamp" : 1652269150847, + "username" : "cx-test-access.0f3abd37-9b87-421c-81e7-14a612bab68c", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "CX User", + "email" : "cxuser@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001", "BPNL00000003CRHK" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "0f3abd37-9b87-421c-81e7-14a612bab68c", + "userName" : "cx user" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl15-CX-DFT" : [ "User" ], + "Cl9-CDQ-Fraud" : [ "fraud_app_user" ], + "Cl1-CX-Registration" : [ "CX Admin", "Company Admin" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "2772f485-b0e8-4fab-b5a8-3ed517c5c766", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.311963ed-9c58-44a6-8103-0b689cebaeaa", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "PartChain Three", + "email" : "partchain.three@cx.de", + "attributes" : { + "bpn" : [ "BPNL00000003CML1" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "311963ed-9c58-44a6-8103-0b689cebaeaa", + "userName" : "partchain.three@cx.de" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl17-CX-Part" : [ "Admin" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "e193b73c-f4ec-46c2-b686-5c77fe49135e", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.3d0f5663-2de1-4a08-a394-22d1d4248efc", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "PartChain One", + "email" : "partchain.one@cx.de", + "attributes" : { + "bpn" : [ "BPNL00000003CML1" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "3d0f5663-2de1-4a08-a394-22d1d4248efc", + "userName" : "partchain.one@cx.de" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl17-CX-Part" : [ "User" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "3d8142f1-860b-48aa-8c2b-1ccb18699f65", + "createdTimestamp" : 1652788477397, + "username" : "cx-test-access.6f25fc27-a5ec-4ad8-bd89-e05ca462c741", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "CX Admin", + "email" : "cxadmin@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHK" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "6f25fc27-a5ec-4ad8-bd89-e05ca462c741", + "userName" : "cx admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl16-CX-CRisk" : [ "Company Admin", "User" ], + "Cl9-CDQ-Fraud" : [ "fraud_app_manager", "fraud_app_user" ], + "technical_roles_management" : [ "BPDM Management" ], + "Cl1-CX-Registration" : [ "CX Admin" ], + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "cd863f9a-5a04-44d6-bf8e-9d76e37139b2", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.98715874-e65c-4780-95ad-fb4e8eb917a8", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "user", + "lastName" : "company 1", + "email" : "company1@user.de", + "attributes" : { + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "98715874-e65c-4780-95ad-fb4e8eb917a8", + "userName" : "company 1 user" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl13-CX-Battery" : [ "Dismantler" ], + "Cl3-CX-Semantic" : [ "view_semantic_model" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "47ea7f1f-f10d-4cb2-acaf-b77323ef25b3", + "createdTimestamp" : 1652269178374, + "username" : "cx-test-access.a0661e13-c74c-4b86-8151-ed1c348d0e69", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "Company Admin", + "email" : "companyadmin@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "a0661e13-c74c-4b86-8151-ed1c348d0e69", + "userName" : "company admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "def0d51e-0a78-4774-ab51-b19a0cbe9d94", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.f3d5e0c6-bb7b-4bb2-963f-3daffc90328d", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Tester", + "lastName" : "PartChain Two", + "email" : "partchain.two@cx.de", + "attributes" : { + "bpn" : [ "BPNL00000003CML1" ], + "organisation" : [ "CX-Test-Access" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "f3d5e0c6-bb7b-4bb2-963f-3daffc90328d", + "userName" : "partchain.two@cx.de" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl17-CX-Part" : [ "Supervisor" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "070e2c20-4b09-4670-84c8-af882589e7ea", + "createdTimestamp" : 1651814956235, + "username" : "cx-test-access.f58e4a43-c560-443d-9b1e-fcb182682bcb", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "IT Admin", + "email" : "itadmin@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "keycloak-oidc" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "CX-Test-Access", + "userId" : "f58e4a43-c560-443d-9b1e-fcb182682bcb", + "userName" : "it admin" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "IT Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "18f1a488-06e9-4dc4-ad43-cfb9c9a0c7da", + "createdTimestamp" : 1652269150847, + "username" : "security-company.18f1a488-06e9-4dc4-ad43-cfb9c9a0c7db", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 1", + "lastName" : "CX User 1", + "email" : "cxuser-1@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001", "BPNL00000003CRHK" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "18f1a488-06e9-4dc4-ad43-cfb9c9a0c7db", + "userName" : "cx-user-1" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "22b92584-895a-442f-afe9-ed10fe997d94", + "createdTimestamp" : 1652269178374, + "username" : "security-company.22b92584-895a-442f-afe9-ed10fe997d95", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 1", + "lastName" : "Company Admin 1", + "email" : "companyadmin-1@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "22b92584-895a-442f-afe9-ed10fe997d95", + "userName" : "company-admin-1" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "3d064630-3736-477e-80e2-148faf1cd210", + "createdTimestamp" : 1651814956235, + "username" : "security-company.3d064630-3736-477e-80e2-148faf1cd211", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 1", + "lastName" : "IT Admin 1", + "email" : "itadmin-1@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "keycloak-oidc" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "3d064630-3736-477e-80e2-148faf1cd211", + "userName" : "it-admin-1" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "IT Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "4746cff4-7a64-4be8-a70e-cf762a7011b7", + "createdTimestamp" : 1651814956235, + "username" : "security-company.4746cff4-7a64-4be8-a70e-cf762a7011b8", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 2", + "lastName" : "IT Admin 2", + "email" : "itadmin-2@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "keycloak-oidc" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "4746cff4-7a64-4be8-a70e-cf762a7011b8", + "userName" : "it-admin-2" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "IT Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "555b0b81-6ead-4d3d-8d5d-41c07bb8cfbb", + "createdTimestamp" : 1652788477397, + "username" : "security-company.555b0b81-6ead-4d3d-8d5d-41c07bb8cfbc", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 1", + "lastName" : "CX Admin 1", + "email" : "cxadmin-1@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHK" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "555b0b81-6ead-4d3d-8d5d-41c07bb8cfbc", + "userName" : "cx-admin-1" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "CX Admin" ], + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "8b747479-5e22-4e9c-a0a4-a940e8ec0535", + "createdTimestamp" : 1652269150847, + "username" : "security-company.8b747479-5e22-4e9c-a0a4-a940e8ec0536", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 2", + "lastName" : "CX User 2", + "email" : "cxuser-2@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001", "BPNL00000003CRHK" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "8b747479-5e22-4e9c-a0a4-a940e8ec0536", + "userName" : "cx-user-2" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ], + "Cl2-CX-Portal" : [ "CX User" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "cc860ece-ede3-4c03-86f9-28e23978b104", + "createdTimestamp" : 1652788477397, + "username" : "security-company.cc860ece-ede3-4c03-86f9-28e23978b105", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 2", + "lastName" : "CX Admin 2", + "email" : "cxadmin-2@cx.com", + "attributes" : { + "bpn" : [ "BPNL00000003CRHK" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "cc860ece-ede3-4c03-86f9-28e23978b105", + "userName" : "cx-admin-2" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "CX Admin" ], + "Cl2-CX-Portal" : [ "CX Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "e5e403d5-3bd9-48f6-8931-7c0c717c3f40", + "createdTimestamp" : 1652269178374, + "username" : "security-company.e5e403d5-3bd9-48f6-8931-7c0c717c3f41", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User 2", + "lastName" : "Company Admin 2", + "email" : "companyadmin-2@cx.com", + "attributes" : { + "bpn" : [ "BPNL000000000001" ], + "organisation" : [ "Security-Company" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Security-Company", + "userId" : "e5e403d5-3bd9-48f6-8931-7c0c717c3f41", + "userName" : "company-admin-2" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl1-CX-Registration" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, { + "id" : "8be5ee49-4b9c-4008-b641-138305430cc4", + "createdTimestamp" : 1651814956235, + "username" : "service-provider.dc438ad3-8bcf-49cc-beb0-437be2745720", + "enabled" : true, + "totp" : false, + "emailVerified" : false, + "firstName" : "Test User", + "lastName" : "Service Provider", + "email" : "service-provider@cx.com", + "attributes" : { + "bpn" : [ "BPNL07800HZ01643" ], + "organisation" : [ "Service-Provider" ] + }, + "credentials" : [ ], + "disableableCredentialTypes" : [ ], + "requiredActions" : [ ], + "federatedIdentities" : [ { + "identityProvider" : "Service-Provider", + "userId" : "dc438ad3-8bcf-49cc-beb0-437be2745720", + "userName" : "service-provider@cx.com" + } ], + "realmRoles" : [ "default-roles-catena-x realm" ], + "clientRoles" : { + "Cl2-CX-Portal" : [ "Company Admin" ] + }, + "notBefore" : 0, + "groups" : [ ] + }, + { + "id": "02b171de-8b88-4d6e-a474-83d88cc743a0", + "createdTimestamp": 1668614896844, + "username": "service-account-sa-beta-cx1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx1", + "attributes": { + "bpn": [ + "BPNL0000000004WK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "1e749bed-5182-47c9-a4a3-d32b4dbc7db9", + "createdTimestamp": 1668615036611, + "username": "service-account-sa-beta-cx2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx2", + "attributes": { + "bpn": [ + "BPNL0000000002XY" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "82a42b46-912e-4be7-8983-84e04a920c5a", + "createdTimestamp": 1668615166988, + "username": "service-account-sa-beta-cx3", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx3", + "attributes": { + "bpn": [ + "BPNL0000000005VV" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "9680ddce-a38e-41a7-9d63-cf25fe11730e", + "createdTimestamp": 1668615267089, + "username": "service-account-sa-beta-cx4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx4", + "attributes": { + "bpn": [ + "BPNL0000000006V6" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "c323b0bd-ea82-42f8-84b8-83744dcd8db6", + "createdTimestamp": 1668615612880, + "username": "service-account-sa-beta-cx5", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx5", + "attributes": { + "bpn": [ + "BPNL0000000003X9" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "540c10ba-ed83-4ee6-8d7d-09e7a281c0b4", + "createdTimestamp": 1668615711719, + "username": "service-account-sa-beta-cx6", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx6", + "attributes": { + "bpn": [ + "BPNL0000000008TS" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "38c96e0e-8ccf-455d-8534-7fcbd5be98d9", + "createdTimestamp": 1668615800408, + "username": "service-account-sa-beta-cx7", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-beta-cx7", + "attributes": { + "bpn": [ + "BPNL0000000007UH" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "5d1c5051-d9d9-4558-9c3c-78db197b2cdd", + "createdTimestamp": 1668499979859, + "username": "service-account-sa-cl10-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl10-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "BPDM Partner Gate" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "db62cbba-6237-435a-8a87-042ffbb79fd4", + "createdTimestamp": 1668499118676, + "username": "service-account-sa-cl16-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl16-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "BPDM Partner Gate" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "a6b48ac7-a4cb-4527-a5d3-4f52e9175e7a", + "createdTimestamp": 1663675052539, + "username": "service-account-sa-cl1-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl1-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl1-CX-Registration": [ + "Company Admin" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e69c1397-eee8-434a-b83b-dc7944bb9bdd", + "createdTimestamp": 1651730911692, + "username": "service-account-sa-cl1-reg-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl1-reg-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "realm-management": [ + "manage-identity-providers", + "manage-clients" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f0c69a64-dfbe-46e4-92db-75f6f4670909", + "createdTimestamp": 1676572155414, + "username": "service-account-sa-cl2-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_checklist_value" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "18c3a6b3-ecfe-4572-bbb4-af0c1823f206", + "createdTimestamp": 1676572207640, + "username": "service-account-sa-cl2-02", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-02", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_checklist_value" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "84db695c-ddb2-485e-bab1-0789de724037", + "createdTimestamp": 1681380138448, + "username": "service-account-sa-cl2-03", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-03", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "notBefore": 0, + "groups": [] + }, + { + "id": "56cab9c5-5f0f-44a1-8b4c-ecac09cb6d42", + "createdTimestamp": 1681915810810, + "username": "service-account-sa-cl21-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl21-01", + "attributes": { + "bpn": [ + "BPNL000560TEST01" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl21-CX-DF": [ + "view_discovery_endpoint", + "delete_discovery_endpoint", + "add_discovery_endpoint" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "d40538c7-e1e5-4ac0-89e3-0854fac31f40", + "createdTimestamp": 1681915925763, + "username": "service-account-sa-cl22-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl22-01", + "attributes": { + "bpn": [ + "BPNL00000007OP2K" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", + "createdTimestamp": 1658347753956, + "username": "service-account-sa-cl3-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl3-cx-1", + "attributes": { + "bpn": [ + "CAX0000000000001" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl3-CX-Semantic": [ + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "24be7ee7-0948-435e-84fe-dab3da395831", + "createdTimestamp": 1668612874208, + "username": "service-account-sa-cl3-cx-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl3-cx-2", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", + "createdTimestamp": 1651615151516, + "username": "service-account-sa-cl5-custodian-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "update_wallets", + "view_wallet", + "update_wallet", + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", + "createdTimestamp": 1657558751239, + "username": "service-account-sa-cl5-custodian-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "add_wallets", + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "0e1028a6-99c2-46ad-a323-9917ebe7346b", + "createdTimestamp": 1657571043337, + "username": "service-account-sa-cl5-custodian-3", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-3", + "attributes": { + "bpn": [ + "BPNL00000003BX33" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "300de02c-e667-4528-ac99-a3749c214bd2", + "createdTimestamp": 1657571107848, + "username": "service-account-sa-cl5-custodian-4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-4", + "attributes": { + "bpn": [ + "BPNL00000003AYRE" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "8b7b0192-b24f-41b3-b7b7-b49efcc49e34", + "createdTimestamp": 1654613733324, + "username": "service-account-sa-cl5-custodian-internaltest", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-custodian-internaltest", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl5-CX-Custodian": [ + "delete_wallet", + "add_wallets", + "delete_wallets", + "update_wallets", + "add_wallet", + "view_wallet", + "update_wallet", + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "7dfe07ab-29fe-404b-8528-fa11bf608757", + "createdTimestamp": 1652858406207, + "username": "service-account-sa-cl5-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl5-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl5-CX-Custodian": [ + "view_wallets" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "50dfc73d-e0a1-4992-be95-75def1dadbfa", + "createdTimestamp": 1670491005383, + "username": "service-account-sa-cl6-cx-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl6-CX-DAPS": [ + "create_daps_client" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "22d4d18c-5e35-437d-8adc-4b47dca71cc2", + "createdTimestamp": 1651729631982, + "username": "service-account-sa-cl6-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-1", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "d127fde5-1645-4e8f-be89-fd3ca7ef156c", + "createdTimestamp": 1652049343884, + "username": "service-account-sa-cl6-cx-10", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-10", + "attributes": { + "bpn": [ + "BPNL00000003CML1" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl17-CX-Part": [ + "Supervisor" + ], + "technical_roles_management": [ + "App Tech User" + ], + "Cl20-CX-IRS": [ + "view_irs" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "50eadaf8-9ef9-43b0-93cd-70dbc02124bd", + "createdTimestamp": 1652049455795, + "username": "service-account-sa-cl6-cx-11", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-11", + "attributes": { + "bpn": [ + "BPNL00000003CSGV" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "a944c2da-d846-47dc-a72a-92573f450ec1", + "createdTimestamp": 1652221234622, + "username": "service-account-sa-cl6-cx-12", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-12", + "attributes": { + "bpn": [ + "BPNL00000003B2OM" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f593ea3d-111d-4b27-b081-321e6b19a844", + "createdTimestamp": 1652418651244, + "username": "service-account-sa-cl6-cx-13", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-13", + "attributes": { + "bpn": [ + "BPNL00000003AXS3" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "b74ce4aa-5936-40b5-b81b-a0326eb7e110", + "createdTimestamp": 1654844003153, + "username": "service-account-sa-cl6-cx-14", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-14", + "attributes": { + "bpn": [ + "BPNL00000003AVTH" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "9ea82701-4187-41a4-aad0-28be083d33ae", + "createdTimestamp": 1658820742562, + "username": "service-account-sa-cl6-cx-16", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-16", + "attributes": { + "bpn": [ + "BPNL00000003BR79" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "951fb175-5761-451e-9bba-a96ed9945511", + "createdTimestamp": 1659387083025, + "username": "service-account-sa-cl6-cx-17", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-17", + "attributes": { + "bpn": [ + "BPNL00000003B3NX" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "150315dd-bfbc-40eb-a539-819db115fe2d", + "createdTimestamp": 1659470433154, + "username": "service-account-sa-cl6-cx-18", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-18", + "attributes": { + "bpn": [ + "BPNL00000003CNKC" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "ebf26a6b-f24e-4d97-96ae-2aca92b4ed50", + "createdTimestamp": 1659529335924, + "username": "service-account-sa-cl6-cx-19", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-19", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "d6df2c49-804c-4b3e-afa5-b286c73d2428", + "createdTimestamp": 1651729457029, + "username": "service-account-sa-cl6-cx-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-2", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "notBefore": 0, + "groups": [] + }, + { + "id": "2cafc897-a180-4577-8dbd-6e45a86ec3e3", + "createdTimestamp": 1659609598988, + "username": "service-account-sa-cl6-cx-20", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-20", + "attributes": { + "bpn": [ + "BPNL00000000BJTL" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f52db6b1-567a-453f-9e40-1e2cf1dee59c", + "createdTimestamp": 1660194219883, + "username": "service-account-sa-cl6-cx-21", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-21", + "attributes": { + "bpn": [ + "BPNL00000003BR79" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "delete_digital_twin", + "update_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "add_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "025bcf1a-c6b2-48b1-9d62-9699d3320f36", + "createdTimestamp": 1660242782083, + "username": "service-account-sa-cl6-cx-22", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-22", + "attributes": { + "bpn": [ + "BPNL000000002YWC" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "939b76fa-544d-417f-9de8-f87aec1a3bd1", + "createdTimestamp": 1660242891211, + "username": "service-account-sa-cl6-cx-23", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-23", + "attributes": { + "bpn": [ + "BPNL00000002HCQ9" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "da89aae0-bde8-4f01-8a4b-86a176d30ac7", + "createdTimestamp": 1660242966983, + "username": "service-account-sa-cl6-cx-24", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-24", + "attributes": { + "bpn": [ + "BPNL00000002HCQ9" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "51097613-12ba-439c-ac2c-f62f0c8f6c42", + "createdTimestamp": 1667856026656, + "username": "service-account-sa-cl6-cx-25", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-25", + "attributes": { + "bpn": [ + "BPNL00000000DFHO" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User", + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "049a47fa-e8dd-47ae-9cdb-34a8130af935", + "createdTimestamp": 1667856124971, + "username": "service-account-sa-cl6-cx-26", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-26", + "attributes": { + "bpn": [ + "BPNL00000000BSNC" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User", + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f96f772a-cc47-495d-ae00-0ecae173a850", + "createdTimestamp": 1667856184068, + "username": "service-account-sa-cl6-cx-27", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-27", + "attributes": { + "bpn": [ + "BPNL00000003AZQP" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e82b5ab1-7763-47e0-bf9a-a9103368d0a1", + "createdTimestamp": 1667856242451, + "username": "service-account-sa-cl6-cx-28", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-28", + "attributes": { + "bpn": [ + "BPNL00000003AZQP" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User", + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "431bd39d-f04d-4b99-a1ce-dc972b7f61b2", + "createdTimestamp": 1667856297338, + "username": "service-account-sa-cl6-cx-29", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-29", + "attributes": { + "bpn": [ + "BPNL000000000000" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User", + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "98d03ed3-02e2-4643-81c4-a011f0d47a6d", + "createdTimestamp": 1651729671532, + "username": "service-account-sa-cl6-cx-3", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-3", + "attributes": { + "bpn": [ + "BPNL00000003AYRE" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "eefdb17a-b59e-41c1-99db-a563c6e2a1dc", + "createdTimestamp": 1668590975255, + "username": "service-account-sa-cl6-cx-30", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-30", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "50c19120-550c-429a-b45c-fb402046d4be", + "createdTimestamp": 1651729685848, + "username": "service-account-sa-cl6-cx-4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-4", + "attributes": { + "bpn": [ + "BPNL00000003B2OM" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "6d0098ce-e569-4bff-a61e-c721dd7d5da7", + "createdTimestamp": 1651729695554, + "username": "service-account-sa-cl6-cx-5", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-5", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "330c164f-98db-4566-8135-e45e3ec1d0f3", + "createdTimestamp": 1651729708123, + "username": "service-account-sa-cl6-cx-6", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-6", + "attributes": { + "bpn": [ + "BPNL00000003B0Q0" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "b0297640-9074-4003-adb9-cbf9f23409a7", + "createdTimestamp": 1651729730658, + "username": "service-account-sa-cl6-cx-8", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-8", + "attributes": { + "bpn": [ + "BPNL00000003B5MJ" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "Connector User" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "2c5e74e2-0561-46f9-b27e-beadb44f1f75", + "createdTimestamp": 1651613503558, + "username": "service-account-sa-cl6-cx-9", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl6-cx-9", + "attributes": { + "bpn": [ + "BPNL00000003CRHK" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ], + "technical_roles_management": [ + "Connector User" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ], + "Cl20-CX-IRS": [ + "view_irs" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "b1d71881-2aa8-4a67-b8ce-c101d6290832", + "createdTimestamp": 1657541056572, + "username": "service-account-sa-cl7-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "1e60cc6d-17cd-442c-ace7-ec94067c5f85", + "createdTimestamp": 1658900179675, + "username": "service-account-sa-cl7-cx-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", + "createdTimestamp": 1664293185323, + "username": "service-account-sa-cl7-cx-3", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-3", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "add_company_data", + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", + "createdTimestamp": 1664293263973, + "username": "service-account-sa-cl7-cx-4", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-4", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f014ed5d-9e05-4f29-a5c0-227c7e7b479e", + "createdTimestamp": 1670157703230, + "username": "service-account-sa-cl7-cx-5", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-5", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl16-CX-BPDMGate-Portal": [ + "view_company_data", + "view_shared_data", + "update_company_data" + ], + "Cl7-CX-BPDM": [ + "add_company_data", + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "07e82331-df27-4916-b5ef-0642aefb198a", + "createdTimestamp": 1677840583068, + "username": "service-account-sa-cl7-cx-6", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-6", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl7-CX-BPDM": [ + "view_company_data" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "26928428-c0db-4697-88c5-88a33971c8ec", + "createdTimestamp": 1679570125131, + "username": "service-account-sa-cl7-cx-7", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl7-cx-7", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "BPDM Management", + "BPDM Partner Gate" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "dcb9a153-e1b4-4fac-bc51-7032023e9db9", + "createdTimestamp": 1675867052982, + "username": "service-account-sa-cl8-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl8-cx-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "add_self_descriptions" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "2da67801-addd-4acb-a6b5-71a82ca050d1", + "createdTimestamp": 1651730995929, + "username": "service-account-sa-clx-cx-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-clx-cx-1", + "attributes": { + "bpn": [ + "BPNL00000003AZQP" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "view_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "312a863c-dfa0-4445-97f8-e11fed985b0a", + "createdTimestamp": 1655449440789, + "username": "service-account-sa-clx-cx-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-clx-cx-2", + "attributes": { + "bpn": [ + "BPNL00000003AZQP" + ] + }, + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "technical_roles_management": [ + "App Tech User" + ], + "Cl4-CX-DigitalTwin": [ + "add_digital_twin", + "view_digital_twin", + "update_digital_twin", + "delete_digital_twin" + ], + "Cl3-CX-Semantic": [ + "view_semantic_model", + "add_semantic_model" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "5a1ecaf3-ed06-42bd-8c43-25db90b5a91e", + "createdTimestamp": 1673212847656, + "username": "service-account-sap-login", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "SAP-Login", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "Cl16-CX-BPDMGate-Portal": [ + { + "client": "sa-cl7-cx-5", + "roles": [ + "update_company_data", + "view_shared_data", + "view_company_data" + ] + } + ], + "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ + { + "client": "https://catenax--stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", + "roles": [ + "EC.Buyer.Manager", + "EarthCommerce.Content.Manager", + "EarthCommerce.AdministratorRC_QAS2", + "CE.Dismantler.Leader", + "CE.Dismantler.View", + "EarthCommerce.Advanced.BuyerRC_QAS2", + "EarthCommerce.UserRC_QAS2", + "EarthCommerce.Content.ManagerRC_QAS2", + "EarthCommerce.Buyer", + "CE.Dismantler.Purchase", + "EarthCommerce.BuyerRC_QAS2", + "EC.Buyer.buy" + ] + } + ], + "Cl7-CX-BPDM": [ + { + "client": "sa-cl7-cx-5", + "roles": [ + "delete_company_data", + "add_company_data", + "view_company_data" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-1", + "roles": [ + "delete_wallets", + "update_wallets", + "view_wallets", + "add_wallets" + ] + }, + { + "client": "sa-cl5-custodian-2", + "roles": [ + "delete_wallet", + "delete_wallets", + "update_wallets", + "add_wallet", + "update_wallet", + "view_wallets", + "view_wallet", + "add_wallets" + ] + }, + { + "client": "sa-cl5-custodian-3", + "roles": [ + "delete_wallet", + "delete_wallets", + "update_wallets", + "add_wallet", + "update_wallet", + "view_wallets", + "view_wallet", + "add_wallets" + ] + }, + { + "client": "sa-cl5-custodian-4", + "roles": [ + "delete_wallet", + "delete_wallets", + "update_wallets", + "add_wallet", + "update_wallet", + "view_wallets", + "view_wallet", + "add_wallets" + ] + }, + { + "client": "sa-cl5-custodian-internaltest", + "roles": [ + "delete_wallets", + "update_wallets", + "view_wallets", + "add_wallets" + ] + } + ], + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ], + "Cl2-CX-Portal": [ + { + "client": "sa-cl2-01", + "roles": [ + "update_application_checklist_value" + ] + }, + { + "client": "sa-cl2-02", + "roles": [ + "update_application_checklist_value" + ] + }, + { + "client": "sa-cl8-cx-1", + "roles": [ + "add_self_descriptions" + ] + } + ] + }, + "clients": [ + { + "id": "60313b78-e131-4358-9817-163ee938cc59", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Central/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Central/account/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "edb1e627-426a-4593-93c0-e9b4bc45c4d6", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Central/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Central/account/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "pkce.code.challenge.method": "S256", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "62ea7826-6e5b-4200-8f5b-ff69b672d0a3", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "dc24237b-46fa-418b-a806-24d371e4385a", + "name": "idp mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "idp", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "38d072af-d85b-4b39-ad55-13ed5ce45791", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "03885031-084a-4317-aa51-de9b4acf8fa9", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b5e613bb-37a8-4e46-ae8a-64df3269dd3c", + "clientId": "Cl10-CX-BPDMShare", + "description": "BPDM Sharing Member Client for Cleanup Pipeline", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://partners-gate.stable.demo.catena-x.net/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e07fd69c-48ad-44d3-adb3-c42221a4921a", + "clientId": "Cl11-ADAC-Fleet", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "https://dtc.stable.adac.openresearch.com/*", + "https://dtc-translator.adac.openresearch.com/*", + "https://fleet.stable.adac.openresearch.com/*", + "https://fleet-management.adac.openresearch.com/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "367fc1b7-4b13-4d8e-8090-e7463b18a295", + "name": "organisation-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "organisation", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "organisation", + "jsonType.label": "String" + } + }, + { + "id": "52ef5f31-c541-45bd-b4c4-8fbf6f74e0bd", + "name": "tenant-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "tenant", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + }, + { + "id": "39b09e63-d335-42e3-a8e1-37ca2101f146", + "name": "audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl11-ADAC-Fleet", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2a82462c-5745-43bb-859c-f5a2e74611de", + "clientId": "Cl12-CX-TestManager", + "name": "Testdaten-Manager", + "description": "Testdaten Manager SSO", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", + "clientId": "Cl13-CX-Battery", + "description": "BatteryPass App - central hosted app", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://materialpass.stable.demo.catena-x.net/*", + "http://localhost:8080/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "a46ae678-a72c-4513-a5da-29aa773e058d", + "name": "Company-Role", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "aggregate.attrs": "true", + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "companyRole", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "companyRole", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0cabe6af-0943-48ef-84cf-507a5b162aab", + "clientId": "Cl15-BOSCH-AFQM", + "rootUrl": "", + "baseUrl": "https://portal-staging.afqm-services.com/postLogin", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://portal-staging.afqm-services.com/postLogin" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f864e14f-5f27-4d1d-8f91-2d2a983e163c", + "clientId": "Cl15-CX-DFT", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://dft.pen.int.demo.catena-x.net/*", + "http://localhost:3000/*", + "http://dft--stable.germanywestcentral.cloudapp.azure.com:8080/*", + "https://dft.stable.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "c6aa405c-6db3-4b1c-add9-d6d775e44b1d", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "113242f5-b582-44a5-9f83-2fd85c0772c8", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "clientId": "Cl16-CX-BPDMGate", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://partners-gate.stable.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "17cdc8bc-0081-4fbd-8d28-969881e68507", + "clientId": "Cl16-CX-BPDMGate-Portal", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://portal-gate.stable.demo.catena-x.net/", + "https://portal-gate.stable.demo.catena-x.net/" + ], + "webOrigins": [ + "*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "9767ac38-506a-4d20-aeb7-0e40cd00e908", + "clientId": "Cl16-CX-CRisk", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "https://country-risk-dashboard.stable.demo.catena-x.net/*", + "http://localhost:3000/*", + "https://vas-country-risk-backend.stable.demo.catena-x.net/swagger-ui/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3fa6ca31-a78a-4202-89ae-f09411156eb9", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "a9039faf-50e6-46d9-b697-c9154f61091e", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6493bcd5-a1ee-47f0-bec3-a1436f4d8b10", + "clientId": "Cl17-CX-Part", + "description": "Part Chain App - not 3rd Party managed, directly managed by CX", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://traceability-portal.stable.demo.catena-x.net/*", + "http://localhost:4200/*", + "https://traceability-portal-test.stable.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "c0b82ec1-f59a-4100-aa60-5b9402e05b99", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "18876433-abec-4c67-80f5-f29974c9cd82", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "77d56420-d8d8-4eab-9af0-6b6bb27de356", + "clientId": "Cl18-CX-Pal", + "description": "Palantir App Performance Monitor", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://catena-x.palantirfoundry.com/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "fde6064e-e2f6-4f09-a08d-1347ced3e34b", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "f135c8dd-5cdf-47cc-bfd4-b4c544d8b842", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fcc06fed-6259-4a49-8e1b-e7eae940145e", + "clientId": "Cl1-CX-Registration", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:3000/*", + "https://portal-rc.stable.demo.catena-x.net/*", + "https://portal.stable.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "71f9d485-62aa-41c2-a491-bcb47c447121", + "name": "idp mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "tenant", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + }, + { + "id": "4c180350-8f09-4eed-88f4-4b003a6b5fd1", + "name": "organisation-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "organisation", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "organisation", + "jsonType.label": "String" + } + }, + { + "id": "2b1dfde9-aff2-406b-b258-edbf574fc4dd", + "name": "audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl1-CX-Registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c154b82c-c760-4da5-8b27-7f45b39259e6", + "clientId": "Cl20-CX-IRS", + "description": "Decentral IRS Component for Traceability and CE Apps", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "bf1cfe3e-3950-4fdc-8a58-13b73cec6740", + "clientId": "Cl21-CX-DF", + "description": "interim client, not prod relevant", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "48fc6e9e-a736-4b0b-9fea-59ad847b02e0", + "clientId": "Cl22-CX-BPND", + "description": "interim client, bpn-discovery application (SPOC: Thomas Henn)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "clientId": "Cl2-CX-Portal", + "name": "", + "description": "", + "rootUrl": "https://portal.stable.demo.catena-x.net/home", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "https://partners-pool.stable.demo.catena-x.net/*", + "https://portal-swagger.stable.demo.catena-x.net/*", + "http://localhost:3000/*", + "https://portal-rc.stable.demo.catena-x.net/*", + "https://catenax-bpdm--stable.demo.catena-x.net/*", + "https://partners-gate.stable.demo.catena-x.net/*", + "https://portal.stable.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "35d0aa44-dd27-4dbd-8f3a-7047ae461fdd", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl1-CX-Registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "e97b646a-3753-4da5-b6f7-3a2860741b20", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl2-CX-Portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "36e2745d-f331-4fa5-bbfa-90947d7f1dc4", + "clientId": "Cl3-CX-Semantic", + "rootUrl": "", + "adminUrl": "https://portal.stable.demo.catena-x.net/home", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "http://localhost:3000/*", + "https://portal.stable.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "1de1f28c-00d2-42b6-bc74-e57d8e73f7df", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "faf297ed-30d7-4e15-8051-40c540c14604", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0dec1120-c21e-42ad-a779-94fc36217072", + "clientId": "Cl4-CX-DigitalTwin", + "rootUrl": "", + "adminUrl": "https://portal.stable.demo.catena-x.net/home", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "http://localhost:8080/*", + "https://semantics.stable.demo.catena-x.net/*", + "http://localhost:3000/*", + "https://portal.stable.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3974d007-3654-4798-a3dc-d22d0c98d482", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "714f381d-bc8c-47e7-aa8d-b0b357901eb0", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "catenax-portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e6ab12bb-3b26-472c-ad0b-3d871bd1461b", + "clientId": "Cl5-CX-Custodian", + "name": "Cl5-CX-Custodian STABLE", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://managed-identity-wallets.stable.demo.catena-x.net/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "6f273a17-cf91-43dc-9dac-4ec36250d133", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "7a4001a7-aeaf-419c-ae46-6a190bc5e13f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9fd2abb2-445e-4622-a068-e3d48eb97634", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "roles" + ], + "optionalClientScopes": [] + }, + { + "id": "28273f37-cff9-44c3-9731-2a7a63025d28", + "clientId": "Cl6-CX-DAPS", + "name": "", + "description": "", + "rootUrl": "", + "adminUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "2b2e7bb5-36bc-4987-9898-9525b66a2974", + "name": "catenax-registration audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl1-CX-Registration", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "bb04a584-6f4a-4172-a4ed-f0c228005689", + "name": "catenax-portal audience-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-mapper", + "consentRequired": false, + "config": { + "included.client.audience": "Cl2-CX-Portal", + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "catena", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "04cd6d38-674f-4588-980a-8f120bddcc44", + "clientId": "Cl7-CX-BPDM", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://partners-pool.stable.demo.catena-x.net/*", + "https://catenax-bpdm--stable.demo.catena-x.net/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "3fbe1a86-143d-4d52-8138-01aa23875664", + "clientId": "Cl9-CDQ-Fraud", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "https://fraud-dashboard.stable.demo.catena-x.net/*", + "https://keycloak.catenax-cdq.com/auth/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c6386f0a-e946-4f09-9b9b-d6686c50195b", + "clientId": "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com", + "name": "Cl10-SAP-CE", + "description": "SAP CE App - currently named as Circular Economy SAP (https://dismantler-cockpit.d13fe27.kyma.ondemand.com)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://ec-qas.d13fe27.kyma.ondemand.com/*", + "https://dismantler-cockpit.d13fe27.kyma.ondemand.com/*" + ], + "webOrigins": [ + "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", + "attributes": { + "saml.force.post.binding": "true", + "saml.multivalued.roles": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "saml.signing.certificate": "MIIDIDCCAgigAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMEcxRTBDBgNVBAMMPGh0dHBzOi8vY2F0ZW5heC1kdC1yZWMuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTAgFw0xNjAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFowRzFFMEMGA1UEAww8aHR0cHM6Ly9jYXRlbmF4LWR0LXJlYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubgGM9U3mgkLahIJ6M2LImFIcoLPXaCD+aw4hi68grZ89T5HGpqDtgxdvzVqnjJ1Qam0IUWRcu7XPACVOp6Ez3u2CzvjBlrW9gQbXbTl3urv8QTAmBDzO/F4tG0GInf5DyI6ln+HV6lgtCUEdBv9xmoGdlvM0rY1RTebmRU89kqL4NixdKDA5f7lt+geZZm+tQrxfpTapXRC5Bkg6b6TA5Hk4YhgiKfV/muuB9WJnhhovC8nqswqQEGm8+HZ9/7mPCG82x7z9I1c/XY2RR8JNxNd9UYgd87mdp3A395YZ121d2bI8gNDCEr+hirHFigH+F3oPs6Q4BwY/rvWnjVKfwIDAQABoxAwDjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAiiqpIbv8gsoPr2vnW1LSuWKp8nQHMpn6eWtqmbu3QRXKzcgNelveycWNWAT94Of0/qPsbtBTbzDSlj+wmh1sd8vBEfce5vsVAf2CfTC8djAKL8HFJSRPB1Hn49WfS+TflOo0B+8SGV51THQwJm7KdT9kNOaXJWuLgmOWY4q7JurTEbOzTke4OvWGy2Ag/uOaY6mxmoTcLLajOJQMTIXnLba+ggXLD4/4jWY1r3s5wzcwfTKcGigH2PpsPGmqjUPcM0Qh0UiD+UCiAgyAuOIRh1trpGXRJ3dBsC7y6W4hK0igU4zP4KpjLh1dLEgCnbUVI5dIlVVq0YQ6jj+TOGDBG", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml.signature.algorithm": "RSA_SHA256", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "true", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "true", + "saml_single_logout_service_url_post": "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/catenax-dt-rec.aws-live-eu10", + "saml.encrypt": "false", + "saml_assertion_consumer_url_post": "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-dt-rec.aws-live-eu10", + "saml.server.signature": "true", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding.identifier": "2ci7fiekIgS7KD2EZj7CfJjNXoY=", + "saml.artifact.binding": "false", + "saml_single_logout_service_url_redirect": "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/catenax-dt-rec.aws-live-eu10", + "saml_force_name_id_format": "false", + "saml.encryption.certificate": "MIIDIDCCAgigAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMEcxRTBDBgNVBAMMPGh0dHBzOi8vY2F0ZW5heC1kdC1yZWMuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTAgFw0xNjAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFowRzFFMEMGA1UEAww8aHR0cHM6Ly9jYXRlbmF4LWR0LXJlYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubgGM9U3mgkLahIJ6M2LImFIcoLPXaCD+aw4hi68grZ89T5HGpqDtgxdvzVqnjJ1Qam0IUWRcu7XPACVOp6Ez3u2CzvjBlrW9gQbXbTl3urv8QTAmBDzO/F4tG0GInf5DyI6ln+HV6lgtCUEdBv9xmoGdlvM0rY1RTebmRU89kqL4NixdKDA5f7lt+geZZm+tQrxfpTapXRC5Bkg6b6TA5Hk4YhgiKfV/muuB9WJnhhovC8nqswqQEGm8+HZ9/7mPCG82x7z9I1c/XY2RR8JNxNd9UYgd87mdp3A395YZ121d2bI8gNDCEr+hirHFigH+F3oPs6Q4BwY/rvWnjVKfwIDAQABoxAwDjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAiiqpIbv8gsoPr2vnW1LSuWKp8nQHMpn6eWtqmbu3QRXKzcgNelveycWNWAT94Of0/qPsbtBTbzDSlj+wmh1sd8vBEfce5vsVAf2CfTC8djAKL8HFJSRPB1Hn49WfS+TflOo0B+8SGV51THQwJm7KdT9kNOaXJWuLgmOWY4q7JurTEbOzTke4OvWGy2Ag/uOaY6mxmoTcLLajOJQMTIXnLba+ggXLD4/4jWY1r3s5wzcwfTKcGigH2PpsPGmqjUPcM0Qh0UiD+UCiAgyAuOIRh1trpGXRJ3dBsC7y6W4hK0igU4zP4KpjLh1dLEgCnbUVI5dIlVVq0YQ6jj+TOGDBG", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "true", + "display.on.consent.screen": "false", + "saml_name_id_format": "email", + "saml.onetimeuse.condition": "false", + "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "db86018e-b8d1-4b71-a377-ef3733201db7", + "name": "X500 surname", + "protocol": "saml", + "protocolMapper": "saml-user-property-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "user.attribute": "lastName", + "friendly.name": "surname", + "attribute.name": "urn:oid:2.5.4.4" + } + }, + { + "id": "4ea0328c-2a90-4202-935e-cf811d9a12aa", + "name": "X500 givenName", + "protocol": "saml", + "protocolMapper": "saml-user-property-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "user.attribute": "firstName", + "friendly.name": "givenName", + "attribute.name": "urn:oid:2.5.4.42" + } + }, + { + "id": "41421449-b7eb-42ef-8410-9b7506d4b709", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "true", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "99cd3fe6-148e-438b-8f06-1345bf6c7e62", + "name": "X500 email", + "protocol": "saml", + "protocolMapper": "saml-user-property-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "user.attribute": "email", + "friendly.name": "email", + "attribute.name": "urn:oid:1.2.840.113549.1.9.1" + } + }, + { + "id": "0ea4e3df-487f-475a-9945-3bf0849b99e1", + "name": "organisation-mapper", + "protocol": "saml", + "protocolMapper": "saml-user-attribute-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "Basic", + "user.attribute": "organisation", + "attribute.name": "organisation" + } + }, + { + "id": "5b964b1e-d4ef-4de4-a99f-0d03edd811d2", + "name": "tenant-mapper", + "protocol": "saml", + "protocolMapper": "saml-user-attribute-mapper", + "consentRequired": false, + "config": { + "attribute.nameformat": "Basic", + "user.attribute": "tenant", + "attribute.name": "tenant" + } + } + ], + "defaultClientScopes": [ + "role_list" + ], + "optionalClientScopes": [] + }, + { + "id": "6a9209c2-ec16-476b-9a9f-61474610b790", + "clientId": "https://catenax--stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://catenax--stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax--stable-dismantler-s66pftcc.aws-live-eu10" + ], + "webOrigins": [ + "https://catenax--stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", + "attributes": { + "saml.force.post.binding": "true", + "saml.multivalued.roles": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml.signature.algorithm": "RSA_SHA256", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "true", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "true", + "saml_single_logout_service_url_post": "https://catenax--stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/catenax--stable-dismantler-s66pftcc.aws-live-eu10", + "saml.encrypt": "false", + "saml_assertion_consumer_url_post": "https://catenax--stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax--stable-dismantler-s66pftcc.aws-live-eu10", + "saml.server.signature": "true", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding.identifier": "ZGMZhC4yxOKbOI3azIQQxCjXbLw=", + "saml.artifact.binding": "false", + "saml_single_logout_service_url_redirect": "https://catenax--stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/catenax--stable-dismantler-s66pftcc.aws-live-eu10", + "saml_force_name_id_format": "false", + "saml.encryption.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "true", + "display.on.consent.screen": "false", + "saml_name_id_format": "email", + "saml.onetimeuse.condition": "false", + "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "d794f802-ba70-4741-b130-7c0fdbfa5d79", + "name": "role", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "true", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ], + "defaultClientScopes": [ + "role_list" + ], + "optionalClientScopes": [] + }, + { + "id": "2d1e3584-9954-4b7f-a58b-8820ca390799", + "clientId": "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com", + "description": "SAP LBN-MT App - Contact: Lukas Hudelmayer", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com/saml/SSO/alias/pt-demo-owner-1lusu8r1.aws-live-eu10" + ], + "webOrigins": [ + "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", + "attributes": { + "saml.force.post.binding": "true", + "saml.multivalued.roles": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "saml.signing.certificate": "MIIDMDCCAhigAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAME8xTTBLBgNVBAMMRGh0dHBzOi8vcHQtZGVtby1vd25lci0xbHVzdThyMS5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBPMU0wSwYDVQQDDERodHRwczovL3B0LWRlbW8tb3duZXItMWx1c3U4cjEuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIqpBnFGA0I71WMMxq5LunHwgNbgNNRHZjWy6YPNW1uJjbSbVC1TgMlgbXi36tD8T3HG7/LzHpIYqqJGj9Qd+nCP+ThGa6Q8oy3x3ddJ4FoyPjiwVMElllLvEnv+4+8hOKJFiwRZfdLl+oCQEzHFtR3SbnvSFIJsBEn7zQrITlL91OtrNmm6j1nGs6cUi2zOXet98aZWsXB1p5FiM68JQzrq2crPgqVYNNzrxTJhZay7POgWKDmlm44ck5YOP3dtfkyCIGv63QmeXW+9IT6EWODrqFbaapXKCRS70FJLk2safXN0Hgqe3L+tv/vKYHqVCvsbFztnd9OEJVfDB+1IAQECAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAUm+aIfaismCLvfNCwU1nT422c+lfYlQnY/VndsihksddXZvbTLb0WXZ0+6NBvI9q0ZOee65mr7kNGGyvR52nSDxDoDCXRhHK4yNUbl6LVJ7ZNibif3ItmK+GaHilJ1oG/mi8ucvyTT+BGBsHfvjbB+RLSVzr/t0exhhmVHy/buR54efvmolBuWFggsUa2qeP2mXWmUHW4GptmniLbIIYClGzbG0QIDutcSmxqoxwlywS2PJerwAxgdjx3gcv49ZCTnFfL+ZTp78dpu4XjXbI0BNymJXDomCj4lpQPuqWsVKWrJh99e+pptUbpSzsBaQxJQmA3V32YLFEprEqB00q0Q==", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml.signature.algorithm": "RSA_SHA256", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "true", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "true", + "saml_single_logout_service_url_post": "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/pt-demo-owner-1lusu8r1.aws-live-eu10", + "saml.encrypt": "false", + "saml_assertion_consumer_url_post": "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com/saml/SSO/alias/pt-demo-owner-1lusu8r1.aws-live-eu10", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding.identifier": "r91TMnkHpA3L0JRpDA+YsBpF+fg=", + "saml.artifact.binding": "false", + "saml_single_logout_service_url_redirect": "https://pt-demo-owner-1lusu8r1.authentication.eu10.hana.ondemand.com/saml/SingleLogout/alias/pt-demo-owner-1lusu8r1.aws-live-eu10", + "saml_force_name_id_format": "false", + "saml.encryption.certificate": "MIIDMDCCAhigAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAME8xTTBLBgNVBAMMRGh0dHBzOi8vcHQtZGVtby1vd25lci0xbHVzdThyMS5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBPMU0wSwYDVQQDDERodHRwczovL3B0LWRlbW8tb3duZXItMWx1c3U4cjEuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIqpBnFGA0I71WMMxq5LunHwgNbgNNRHZjWy6YPNW1uJjbSbVC1TgMlgbXi36tD8T3HG7/LzHpIYqqJGj9Qd+nCP+ThGa6Q8oy3x3ddJ4FoyPjiwVMElllLvEnv+4+8hOKJFiwRZfdLl+oCQEzHFtR3SbnvSFIJsBEn7zQrITlL91OtrNmm6j1nGs6cUi2zOXet98aZWsXB1p5FiM68JQzrq2crPgqVYNNzrxTJhZay7POgWKDmlm44ck5YOP3dtfkyCIGv63QmeXW+9IT6EWODrqFbaapXKCRS70FJLk2safXN0Hgqe3L+tv/vKYHqVCvsbFztnd9OEJVfDB+1IAQECAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAUm+aIfaismCLvfNCwU1nT422c+lfYlQnY/VndsihksddXZvbTLb0WXZ0+6NBvI9q0ZOee65mr7kNGGyvR52nSDxDoDCXRhHK4yNUbl6LVJ7ZNibif3ItmK+GaHilJ1oG/mi8ucvyTT+BGBsHfvjbB+RLSVzr/t0exhhmVHy/buR54efvmolBuWFggsUa2qeP2mXWmUHW4GptmniLbIIYClGzbG0QIDutcSmxqoxwlywS2PJerwAxgdjx3gcv49ZCTnFfL+ZTp78dpu4XjXbI0BNymJXDomCj4lpQPuqWsVKWrJh99e+pptUbpSzsBaQxJQmA3V32YLFEprEqB00q0Q==", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "true", + "display.on.consent.screen": "false", + "saml_name_id_format": "email", + "saml.onetimeuse.condition": "false", + "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "06a1dc24-c230-4298-b24f-7b509c16b585", + "name": "role", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "true", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ], + "defaultClientScopes": [ + "role_list" + ], + "optionalClientScopes": [] + }, + { + "id": "213ea3ce-b036-405f-8abd-3ee08ff72857", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "35134e77-f548-4b87-970c-cc0626496fcd", + "clientId": "sa-beta-cx1", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "07f8b416-f24d-4cba-91f8-fd3ae0af4657", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "72681be8-4baf-475d-a9b9-47dee5326981", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "2ac54aee-ac44-4a48-ae4a-bbdb5288c7f9", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "7cb8edc7-02f4-4c7c-84b4-b91cbac2d5e4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b9ee94c4-f8de-40ba-8ea0-36d3ca28d3b5", + "clientId": "sa-beta-cx2", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "296af6dd-9c38-41f4-b485-5f5eea375ccc", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "e00b42b8-8bcc-4b18-9999-86212378c5b1", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "24194317-3f62-417a-8442-62009cbf029e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "ab7d3b61-de21-4527-b021-7b2d75182fee", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "624a56df-7370-46f6-b00f-44791184bb28", + "clientId": "sa-beta-cx3", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "09c3a032-eab0-4f2c-96df-b7c1b13d3634", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "62d698d8-24d6-4b3a-b533-c4bffdb65db1", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "2a1ab4a4-c250-49e0-9676-86564dea3062", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "f5071021-acc5-42be-98e1-8bccd62e8f1b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fb3deae9-5f34-4e9d-9a33-376f083f03c4", + "clientId": "sa-beta-cx4", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "daf63cfb-4e69-43f3-9c4e-7c9f91131364", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "53742f0f-0df2-4f2f-b6bd-e407d4bd0894", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "343fe132-c419-484d-a7f7-a2316f855cec", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "15332471-4d69-48fa-9bab-e51218faa13d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "8b05ebaa-0fa1-45fc-bc5c-8d75e2fa8166", + "clientId": "sa-beta-cx5", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "4c831a50-2f22-407f-ac33-3b5bc19d824b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "764d1b6f-ecc1-46b7-8feb-e962fe8facd5", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "df7255f2-200f-4ebb-94bb-7edf96e2e127", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "b421ee98-98c8-41e2-8594-646b9ac40c67", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "062617f4-5efb-4f85-932f-26193737321e", + "clientId": "sa-beta-cx6", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "86a03690-8af2-4c80-ba47-94d05fc1cc47", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "8657ab97-ddb1-4775-8d44-a3ccbfea213f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "6543b216-4e97-4dd9-a855-021de0d8b316", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b167ce59-73d8-4f6c-a175-5cc742526628", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2b1424ac-3e67-42c7-be77-69aa57fe0834", + "clientId": "sa-beta-cx7", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "965eb625-e855-49f4-bb55-c0d73666d410", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "581a3217-3127-4484-a4c7-1491371a7b48", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "cf552528-6cb5-43a5-91c9-aac399e96730", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ba208341-0e41-4dea-8397-619376833c3a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c33cfdab-5838-4c38-bd84-15b63502d604", + "clientId": "sa-cl10-cx-1", + "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "429be913-0d7c-4bb1-b429-ed7b18822645", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "d13abc34-92f7-4b7f-8684-f923f5798627", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", + "clientId": "sa-cl16-cx-1", + "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "2722c105-eb0a-4af2-85c6-13499e443d99", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", + "clientId": "sa-cl1-cx-1", + "description": "Service Account for Invicti DAST scan", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4f3b52ca-14c2-453e-87ac-4c97c4c4af5a", + "clientId": "sa-cl2-03", + "description": "Technical User AutoSetup trigger (Portal to Vendor Autosetup)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f57ed439-7c35-4a6c-a097-aa750249c442", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ea42e697-8fa8-4359-b342-715683a67a15", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "743f3d13-5eb1-4fd7-a092-019c052f5db0", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f1f03a93-d654-41fd-b92b-68c6373e7467", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "9a79ca1f-42b4-493c-9e1a-68ccd05ad9ac", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technische User CX Intern - communication GitHub and Semantic Hub (Contact: Sven Erik, Bosch)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + }, + { + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d5a29608-9579-4af4-b895-458ff5b03276", + "clientId": "sa-cl3-cx-2", + "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", + "clientId": "sa-cl5-custodian-1", + "description": "Technical User for SD Hub Call to Custodian for SD signature (SPOC: Dmitrii)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "30897db9-574e-49ee-b968-ede77a6baf67", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "00879247-75ce-491f-abed-52a6a810f685", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.checklistworker.custodian.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "0dfcbe31-2482-46d7-bb09-0722b0e1c4f9", + "clientId": "sa-cl5-custodian-3", + "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3e1df311-abd2-4878-9f0a-426fd1a50c0d", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "17a2ea60-79e2-4d57-8db7-9931b0e1a674", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "d6203b9c-6b72-44d0-8609-83077dd6a2e0", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "1db97b73-9663-4eb5-99ed-d103c4bda113", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "BPN", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "7612bab1-3617-485e-8461-f1d2a7a6a92e", + "clientId": "sa-cl5-custodian-4", + "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "783956fc-c81e-4da3-871c-436eec1fa555", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "f230563b-4e92-47e6-94d4-5d7ac8eef916", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "BPN", + "jsonType.label": "String" + } + }, + { + "id": "45b77e95-5844-48c4-ba44-6c883bed55b8", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "653db152-0505-4fcc-8d9e-51eee203610b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "6ebce422-4b91-47a5-8e6b-5fca5de8a1bb", + "clientId": "sa-cl5-custodian-internaltest", + "description": "Technical User for custodian internal test", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "02022dbd-1259-45e8-8168-f05fae84fce8", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "38696859-c042-4a34-8c03-a5fad8eb1297", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c6952af9-ed53-4482-a1c9-784d8c32e01f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "c07768b6-f49a-4c5c-bdda-4fdc81f46e49", + "clientId": "sa-cl5-cx-1", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "463c2183-69f8-4676-bad6-4eeaeff3512d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "836cf4e6-7654-4c84-b7f5-d07819543024", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c7a8afdf-bb7b-41b7-a0bb-b561ef266923", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1a7d3f02-66cf-495b-af96-ad095e6219b4", + "clientId": "sa-cl6-cx-01", + "name": "sa-cl6-cx-01", + "description": "Technical user for portal to daps connector registration call (portal helm chart: backend.administration.daps.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "57e23174-fb41-4bcd-a3eb-5d665effa10d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "f6589350-5c92-4365-90d7-c84906f450c0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "dede7a5c-6db0-44f3-949c-8c28b0045eb2", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "a7ae2ac2-1800-40f2-92b0-889cb93d3ebe", + "clientId": "sa-cl6-cx-1", + "description": "This is a technical user for aas-registry-internal (internal tests by Digital Twin / Semantic Hub)-", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "8d0debee-6ced-4bbd-8211-d0813569ea9c", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "3ecec5dd-48fe-46d0-9489-76e768eab321", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "1f111fb8-0011-4d5c-b05f-6b5857cc4b60", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "f3850b8a-0a33-4053-96d4-04a48f055275", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1e8b03d3-d4f3-4b29-949a-4260def85751", + "clientId": "sa-cl6-cx-10", + "description": "Technical user for AAI Registry connection to Trace-X App and API Testing (Thomas Braun)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "21d28aaf-1921-455d-a55b-c028fa7ba5ea", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "5883fd2a-d5f3-45a5-a437-9c1af976fa2e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "afb750f1-6cee-4f52-93ac-5c6229fd14b9", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "4f91941a-e8b1-4406-825c-1005a33043f0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d3d0eea1-db73-427c-b262-829fb36e9878", + "clientId": "sa-cl6-cx-11", + "description": "Technical user for AAI Registry connection to MaaS (Contact: Daniel Metz)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "e3d70828-60d8-4b0a-9615-309ace82baf8", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9a8b676a-11f2-44ec-8c30-c1e07357f220", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b54be54a-246f-4c25-9279-764e590824a3", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "3041d139-bff6-40d2-99ea-7fab2ae323db", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e25aa042-6318-4fff-a939-328d0d7ba386", + "clientId": "sa-cl6-cx-12", + "description": "Technical user for AAI Registry connection to EDC (Florian Rusch, Christian Holder ZF; Tier A)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "93714788-bd2b-4311-991b-cd373c05d024", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "29fbd341-94df-4144-944a-d80a9f2f3afb", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "52118695-f560-483f-aca5-e4a2ed5cdaf6", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "54d74fe3-9a56-4d27-97c8-3e4a16a0fe74", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2d7e9b76-8bd9-41b2-8823-5b7f5ec3cec6", + "clientId": "sa-cl6-cx-13", + "description": "Technical user for AAI Registry connection to Traceability (Proshanta, Henkel)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7b0e4794-0126-4b40-a1fa-fe00e524e054", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "610758ad-472d-4926-98b7-e6ba871879f5", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "0adc9695-f521-4036-9028-38cfd0e3115d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "bffb6e01-d697-4091-9ec8-0e7fa435c2b7", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4edc36e6-2a7d-4991-a7b0-b246860015ad", + "clientId": "sa-cl6-cx-14", + "description": "Technical user created for tests traceability Mercedes (Contact: Basar Tharan)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "91c55508-f002-4463-804a-4c22cec6a88d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "acd775d6-5d9b-4229-a271-2aebc013f99d", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "adab4c59-47b6-4855-9996-0267e040cf7f", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "9ea83750-3462-403a-9bb6-472ca73d6b9f", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "18204844-8439-4298-8053-ff1414f819a4", + "clientId": "sa-cl6-cx-16", + "description": "Technical user for AAI Registry connection to Siemens (Kiryl Batsiukov, Siemens; Vasileios Karagiannis, Siemens)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "a401ac75-e155-46fa-ac0c-ea9dcdbcac1b", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "2a7a1a2a-b3d9-4ea3-89b3-e654636f7002", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "cd0547f5-3bbf-4ed5-a490-cb4c86a22aa3", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "f99b8082-ee0f-4d59-8a9e-b0da6c2188b2", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2685ce31-a3ab-4c23-9ccf-90f721690e81", + "clientId": "sa-cl6-cx-17", + "description": "Technical User for AAI Registry connection to EDC (Florian Rusch, Christian Holder ZF - Sub Tier A)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "e76b4367-7ff9-4844-a446-727fa4bb55b6", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "6c23d5a1-2ea4-4101-a0c3-bba9bb822695", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "dcc3fbce-713e-4d49-a0cc-413c893ee17d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "7b736a39-00d7-4fe5-ba07-c16ecc6a788f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0fd16c0e-afa1-4256-89cc-503d70d1eea5", + "clientId": "sa-cl6-cx-18", + "description": "2nd Technical user for AAI Registry connection to Trace-X App (Thomas Braun)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f130bff5-3c7c-4f31-9a56-a1395403a895", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "509b41c6-e05a-4ee8-b2dc-814c83730735", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "6f3623a1-1d05-4ed2-88c9-d77f761702aa", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "560cce4b-974c-4a87-b4c2-74233cd998a4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f693b3d8-6aa2-4d96-8857-8cf1edf181c7", + "clientId": "sa-cl6-cx-19", + "description": "Only a test account for Christian Kabelin as READ User for prep of test data", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "9abf90f4-7887-449c-94ec-95f8bcd3182a", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "5baef81b-caab-4679-a688-a5cd0bb6f9d0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "c66bdc4d-dc6f-49e9-9d9c-ec840b858026", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "a8a91c21-fa03-478f-a57f-f534d046b4b9", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fae37447-4174-429b-91d2-b696b68287d7", + "clientId": "sa-cl6-cx-2", + "name": "", + "description": "This is a technical user for Semantic Hub", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://catenaxintakssrv.germanywestcentral.cloudapp.azure.com/*", + "http://localhost" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "deb3611f-4206-451c-b8e0-d1d6ddc7caa0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "eb5c6815-8d64-4495-93ea-1fc6b430b1b8", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "54ed3d77-0ca8-4a2c-8652-5865948ac1d6", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "e5b57306-c07a-4ebb-bede-5d220880d405", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e1e38aa7-4105-4d29-881e-b1224796d59d", + "clientId": "sa-cl6-cx-20", + "description": "Technical User for Siemens - AAS Connection (SPOC: Kai Lohmann, Trusted Traceability)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "1cd020e8-8f51-4565-ba65-0030d14c6509", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "acf67e71-d559-477c-804b-faf56ee8989f", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "73a0cbc7-70e5-46d4-9c27-43f6e19217f4", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "afe8c9c6-c10c-4e45-a531-e75e5517b91a", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "cbc24c55-5452-4a31-a8f1-862ea0ccc082", + "clientId": "sa-cl6-cx-21", + "description": "Technical user for AAI Registry connection with EDC (Kiryl Batsiukov, Siemens; Vasileios Karagiannis, Siemens)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7ae5c6ac-f435-4ae4-905d-ed47a098bd9c", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "7502bfe4-2bff-4164-92ac-21fa4a6d9f2b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "1660be60-ad4b-43e9-ae21-9d04c362be47", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "f5200744-0f8e-4310-a836-4de1d0eb5e6a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "feee7b77-71bf-4f95-9276-38dccfa73edb", + "clientId": "sa-cl6-cx-22", + "description": "Technical User for AAI Registry connection to EDC (Dirk Dennin, in action of DLR)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "12c71551-9da8-40aa-82b2-d7c9b57ec205", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "5d77e17f-b370-45b7-b76e-81b27f0aacd9", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9888c544-10bf-4cc6-8b7e-95fc6bc4b26e", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "1cff3035-0b3e-45e9-9b38-7bc05f5e5697", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "977edf04-7d5a-489c-a057-b00863fdd27a", + "clientId": "sa-cl6-cx-23", + "description": "Technical User for AAI Registry connection to ADAC Fleet (Dirk Dennin & Asdren)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "5a7c0ea2-8575-4f80-bfe7-8d87dae2016a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "711201e5-7add-401b-a8a2-8e7f3c922ea2", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "5fd60367-8180-4465-90f3-d6260cbbe73e", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "dfb7305d-a492-47c5-aeab-8c926935e792", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "97bcbd36-39fe-4553-923f-0be2b7c3967d", + "clientId": "sa-cl6-cx-24", + "description": "Technical User for AAI Registry connection to ADAC DTC (Dirk Dennin, Asdren Kuci)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "b5889d7b-1120-4499-88dc-b27b84cb7fcf", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "9ac6261a-1314-4c86-aaf1-43b8a10ef6f9", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "e86a433f-26ec-41a1-9b35-e294b95e6699", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "1fa30aa0-afac-40ce-86f3-0fff0be1c4bc", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1db8b620-0b9a-4f21-9a04-431d9e5d72a9", + "clientId": "sa-cl6-cx-25", + "description": "Technical User for AAI Registry connection to Siemens CO2 (Werner Eberling)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "61a35863-4cbd-4249-b67c-edb37d0be2ed", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "5496020a-c216-49b9-b1bd-fe3b11d7a790", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "76c44288-43c4-4fde-a205-ade6e044ee3d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "22eae628-8360-472f-86a7-98be9771e688", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0a902ec2-33d4-4f5c-9aa7-d51af2252044", + "clientId": "sa-cl6-cx-26", + "description": "Technical User for AAI Registry connection to Siemens CO2 (Werner Eberling)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7c7a382d-dcdb-40bb-b2ac-77c9541e59f7", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "1782d640-81ba-4215-8dcb-557d73a2c1e5", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "c5be708e-59d1-4ca9-ab82-2519b0a8215e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "8bcd5dce-f859-4a83-88c9-8c60efec6355", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dc1eb8bd-d579-4dd8-bc66-6222d881566a", + "clientId": "sa-cl6-cx-27", + "description": "Technical User (READ) GreenToken for EDC integration scenario (Contact: David Rauch, SAP)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "2cbb47fc-8864-4963-a274-42f15ffd19a6", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + }, + { + "id": "101d5a0e-2eab-42ea-adaa-75482df0ff44", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "8ac8e285-8089-4789-bf38-9d310edb2300", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "c4abf7f7-c84a-4c98-8a67-f3f7d68f2031", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1cf8af37-ac23-47e2-8e48-ebf904585f0f", + "clientId": "sa-cl6-cx-28", + "description": "Technical User (WRITE) GreenToken for EDC integration scenario (Contact: David Rauch, SAP)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "372ddd3c-7aa4-485a-b333-e1fed1e0ec4f", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ee9af151-5cd4-4ac1-be87-4f9145fab0ec", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c70e9a49-a871-4bfc-810f-8f85a49f847e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "2e0e393c-99b1-481d-bd9a-cc10465cae68", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "acb29a18-6306-44c0-ac94-8548df74b315", + "clientId": "sa-cl6-cx-29", + "description": "Technical User (WRITE) CX Battery for EDC integration scenario (Contact: Jochen Braun, CGI)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://materialpass.stable.demo.catena-x.net/*", + "http://localhost:8080/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "db29a54d-b840-435c-a3c2-5a0286cbd8de", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "userinfo.token.claim": "true" + } + }, + { + "id": "a445a212-c5da-4bf9-b093-19c5b9abf618", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "d359aa48-a5ef-469d-a2b8-47bc90507ba4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "21f0a51e-bec2-4caa-9bfd-be20164ea15a", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "7c87b118-63d5-4f72-9772-1f4632a1b3fc", + "clientId": "sa-cl6-cx-3", + "description": "Technical user for AAI Registry connection to BMW data pipeline", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "426b3802-567e-4235-94cb-5cf4c1f1f748", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "0b17c9ff-d20c-4425-8c63-36fabe5802f6", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "c6eaa3fd-bf8f-4ef4-8a6f-1629004b80c3", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "e08c09db-18ce-4b61-94cf-1e152c996136", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e81223c0-59b1-4788-a8d9-5022f13cc4b3", + "clientId": "sa-cl6-cx-30", + "description": "Technical User (READ) CX Battery for EDC integration scenario (Contact: Jochen Braun, CGI)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://materialpass.stable.demo.catena-x.net/*", + "http://localhost:8080/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "75a1c382-0549-45e4-876e-1e412ebdbb48", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "00c147fc-29c1-4d94-b998-d7c8ce3a720e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "eb00dd9a-5ee6-4e79-86ca-e46e39ee1fc0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0ce4a2fa-c85a-4bd1-b571-5afe6a79ca6d", + "clientId": "sa-cl6-cx-4", + "description": "Technical user created for postman tests for traceability (Contact: Markus kreuz)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "8c334961-82eb-4784-b7bf-05ebda7edc1c", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "bd34d354-2e82-4987-803b-0e8209a8cc1b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "46cd680e-ee4e-4511-ac76-a95851657ced", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "741c0ba1-543f-4dea-83df-b1735b2ed0e2", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c3e0182e-abb2-4451-8180-51538eaeb93a", + "clientId": "sa-cl6-cx-5", + "description": "Technical user created for postman tests for traceability (Contact: Clemens Braband)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "531faee9-5a4b-451a-909f-b9f603f48fc2", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "6bff54b5-ed16-4ef3-9e94-73bfc39da7c4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "ee566510-db23-4569-ad1a-7691f0f12355", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "5eae602e-0242-4539-9728-fb16df138252", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "674ba68c-891f-4df6-9d11-1c48600f986f", + "clientId": "sa-cl6-cx-6", + "description": "Technical user for AAI Registry connection to BASF Data Service (Gabriele Eckhardt)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "8932692f-4aac-4874-8019-0325a487e78b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "2cb46242-7053-4bb7-a40c-2f107d0ffb2e", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "07557d98-31c4-48cc-ba12-93ac7938cad4", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "d8eff86d-fbe2-468f-a4a0-2ced8d0993e0", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "fdaa99b6-c8e9-4521-a70c-4d535a1e573e", + "clientId": "sa-cl6-cx-8", + "description": "Technical user for AAI Registry connection to Traceability (Matthias Binzer) - testdata2edc", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3aca6d5d-f95f-448a-a60f-daa2aed09d04", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "0ba4d9a3-bb4b-4667-afe4-3fd1c7638a97", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "eed9f43e-4464-40f3-a2fd-07a003ba93b2", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "29a0fd3f-c2b9-4ff8-8cb9-046bbfb02d98", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c3af980d-b1f6-447a-ba96-5dacd52a7adf", + "clientId": "sa-cl6-cx-9", + "description": "Technical user for AAI Registry connection to IRS (Johannes Zahn)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "e3dfef3a-abae-4bee-a6ff-2c6b0f91e22c", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "621a15c8-77ce-402e-95e3-85165f90ed81", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ad8fd51a-8262-4345-aa98-2892edbb52e7", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "9d65811a-6f05-4bc8-9dd3-ec664ed87f42", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6e2f3a74-9277-4265-a0bd-8f8f41ba0530", + "clientId": "sa-cl7-cx-1", + "description": "Technical user created for BPDM / CDQ connect (SPOC: Peter Schenkel)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "33ef0160-e559-4fde-8faa-657140437026", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "61c367f1-dcd7-4190-9d63-97c0b3ae5afc", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "1c8aad27-8158-498b-bf99-e6de92799b6d", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d1c857fb-0c7d-4b6d-b6e8-34bf4de76d6d", + "clientId": "sa-cl7-cx-2", + "description": "Technical user for BPDM connection to Fraud App (Michael Wirth & CGI: Fabio)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "23db4b23-856e-4f3b-a1e2-f935d2373d0d", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "5db07b78-2eb9-405d-a0eb-9ab0e94a1e4d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "b01e802a-984a-4c95-a5f7-db4f3fd4b16b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "09b70efe-f7e1-4880-a375-de44e2e1b38a", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f6627ae5-54ac-4e53-871d-875de8879e51", + "clientId": "sa-cl7-cx-3", + "description": "Technical user created for BPDM Pen integration with Invicti, WRITE (SPOC: Patrick Zeller)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "7876f4d9-faa0-4386-af39-3681b0b4295b", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "b2b9d6c3-842c-4ce3-b984-a7cfc2464e1f", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "03b778d8-3f51-4d37-9e25-5899fb4c1099", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "12b94ca3-d6cb-4806-a288-7efa3ea919e9", + "clientId": "sa-cl7-cx-4", + "description": "Technical user created for BPDM Pen integration with Invicti, READ (SPOC: Patrick Zeller)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "82e2b111-a709-470f-98c6-7b5cc845eb97", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "83fca7bf-051a-4a8e-a84b-251f9a68c9d1", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "7b4eb789-46a5-42db-904b-a90feddd91a4", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "183aae87-c9cf-4d70-934b-629aa6974c54", + "clientId": "sa-cl7-cx-5", + "description": "User for Portal to access BPDM for Company Address publishing into the BPDM (portal helm chart: backend.checklistworker.bpdm.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "08dbaf87-e25e-489c-bec9-f062af3de2df", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "2420c9fc-2c5a-4e54-b6c1-3d72e4eb9e85", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "fb8aa3d7-44dd-4348-9a43-a48fadb0a858", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "ccc8006a-71d2-4fd8-b945-d1d3bd716cef", + "clientId": "sa-cl7-cx-6", + "description": "User for Data Quality Service BPDM, (SPOC: Tim Gerlicher)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "d070c22c-fd82-4d6b-b68c-5e92dad965ca", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "edff7e10-bc1c-48ed-9e6e-1718b9b3d3ae", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "2e8aa311-8e28-4af0-9d69-0819e4716f47", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "04981b7f-5a0c-49c0-8d7e-ec57c185922b", + "clientId": "sa-cl7-cx-7", + "description": "User for API Testing BPDM Pool and Gate (SPOC: Nico Koprowski)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "3d9fd1fe-9a5e-4706-b007-12cb42220dd3", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "16008a03-3528-4212-aa68-c860f6ea5073", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "6f5a1ef2-5827-4d0f-bbf3-c938dfe2f25e", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c2bdc736-ca35-43c4-8e18-27e7425df9f0", + "clientId": "sa-cl8-cx-1", + "description": "Technical User for Portal to SD (portal helm chart: backend.checklistworker.sdfactory.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "5049595f-673e-4ce2-9ce2-90e11c0fc6e9", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b8086ec0-3da2-4f98-a7fd-19d007709e6f", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "55da2734-a7e2-4d89-b210-7cb0a24fced4", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles" + ], + "optionalClientScopes": [ + "microprofile-jwt" + ] + }, + { + "id": "f69006e1-e4a6-4237-b73b-89711c0934c2", + "clientId": "sa-clx-cx-1", + "description": "Technical User für SAP (Felix Ruecker) um auf BPN und Registry zuzugreifen", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "eb5ed933-696d-4b51-a5e0-534da33028a3", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "ace07ce7-da41-4a76-b6a0-8535eab2cc4a", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "4be32837-1566-4215-a712-f8af835fa0c1", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "9ea6f463-9346-4650-8ecd-39298823c513", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d6b6e09c-d92d-4915-a7de-29488b0597b4", + "clientId": "sa-clx-cx-2", + "description": "Technical User für SAP (Felix Ruecker) um auf BPN und Registry zuzugreifen", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "6758fb03-3059-48b7-ad73-5b506e52f1b2", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "ddf2bba9-11a9-4329-8418-aa1cd6f9a050", + "name": "BPN", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + }, + { + "id": "0ef7dcfa-86a7-4280-803e-e394d2515c36", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "54a933f7-f652-47e5-a3e7-a1f23f50034b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "66e16962-df76-4829-95f2-91e0577c3c92", + "clientId": "SAP-Login", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://amjx8gvyp.accounts.ondemand.com/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "47b7bb2b-b544-4f54-9a37-f6c5f87f7f94", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "b1b3c279-a5c0-44dd-bda6-b43cc9a904ac", + "name": "Sub_to_email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "sub", + "jsonType.label": "String" + } + }, + { + "id": "aa31d5d5-cb28-400d-b45e-46b09dd591f9", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "748e5a80-a12e-432c-898b-0af1f34355bc", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "c2793b11-a96e-4ca4-be82-d58b500450bb", + "name": "Groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "Groups", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "Groups", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d5265cd8-d128-4dc9-8602-d49d1df0a86c", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/CX-Central/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/CX-Central/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "12d9df9a-241b-4ec2-bafa-3f26ccaa1890", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6df310ed-500e-43d5-b510-fa4668e939ee", + "clientId": "technical_roles_management", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2486e439-4fbd-4f53-bc02-aff9d0699e07", + "clientId": "urn:uuid:7bd86018-d0a2-421b-9e00-b77bab0838b1", + "name": "CPM App", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://impact.bmw.cloud/multipass/api/collectors/7bd86018-d0a2-421b-9e00-b77bab0838b1/saml/SSO" + ], + "webOrigins": [ + "https://impact.bmw.cloud" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", + "attributes": { + "saml.force.post.binding": "true", + "saml.multivalued.roles": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "saml.signing.certificate": "MIIE0zCCArugAwIBAgIEWSwjGzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDDBBpbXBhY3QuYm13LmNsb3VkMB4XDTIxMTEyNTEzMTkzMloXDTMxMTEyMzEzMjkzMlowGzEZMBcGA1UEAwwQaW1wYWN0LmJtdy5jbG91ZDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJr3kQjeWOd9bPBTGAlQpbrh4kDmweESAeu2kXPqtQkEaHjdIHbgQAE/J1BAxme0hB0RzeAV1h4rdg8m1UUx2jaZ/QPvwgggFaGcdykM2Ja/f/dnnm5P9Xi8DYRWR+UJy9Sa9gJwPfgCPWNwcXNKC2+xW/fubvjfEE8K040KqhPFrT5wOA6mbDohYBrGa4xcXrnNsts2dnU6ecXnlrgjYpYHL0cIxVRvtxJ49VgJRuWXCIDLqkogqm/FdHIcwMcy11GfM0O3JTRl+oNGyTYBHaFrwLOWmv3LggcBoAPIIz4tlsr0bMG29IW2snVIPL4x3NptehODwfcOiagfd+QNjAungmCugpoPYM78bxkKT/24LTg3lFYSqC/CGSkz4OQLEbwYUV/qrcNo2r3tQsD3JahCppH2zhvJSoko0XijVRyQ8Xh8hWWaj3ana89rCg7DztSQJmrM0YjYNngTnQgdsK0NVljy5tL7nLHpV/DQ0OmzW84C7uNtDDmwysGof89H6VeoovLhWbsqPhhcEapw0v7atpRWSge2Mc0Wh3kiHxmhHQ4tBDa37g/8U8Dhr+w+DmAzQPmRg6/joir/fpgF89ox7J+iONKV9M6JMtIlpIFKWdxL+NMeB1aC3D7cYW9+YSHmkqxX1xFWDs4JbFKqIZYaMkzEqpIz4CgVk+MYfdyFAgMBAAGjHzAdMBsGA1UdEQQUMBKCEGltcGFjdC5ibXcuY2xvdWQwDQYJKoZIhvcNAQELBQADggIBAFCOGx89nkHj2t0PbGuxmnYI5tCEtRuud4/hwZ4Z8kDS23c+2yO4VaQQhn2tYumHMm6mSeImQVUOQQtp+ltaP9k8va8qto3zfhBc6CPrent8Lxw6xn7j/G0EWryvtLy/G0/nDcb5z4+Yilfi49uJdNw1LftX4RvesVSaWqIhTkBbqly5oEysYgGDf7+eW9Af8febKAMbnvzO2yuKXa7XN2xNuVtvF+bBa2gbgIjyPp3mTMm2SGqacqlrTeGj1nFcvVRm03XKAd1IzPhhjGFCjS3lM37qNSrwG7QVTh0fEtStObspEc/rMuAG2huURYEVFsKTEOP3n9Mn4p3veqxVK751jdqxUCmsa942e/P+5JbijHROAmRUyNX/E5ZQh0bf9IGMPrLgVHz+NYddchNmMXa7eMHJZSHnkVvj+K7cXhUS4vN6GuP/WYpbPGCRO3jiVGnZ61ckT5IVUPs5t35k/btQDw+MIc3dJ2UGbuofmmdZ+BiNw3cmICkSTdVIRJvQUG7rsCGHWQ3TjsS/MXDmfmfu5wLD6uY7xOarirCPKwbqto0tICNcV6CFta1VO6Yj8tMaRpdG9MrGHmXNz+ms3H2fd4HyFaL/sxwv2uHW+f8R7YldYnVebTwjtoITSYgZHdJ8yDicKWEFsU1RRlFTbkdvuysyz0+GXKnJbwdpFnBY", + "oidc.ciba.grant.enabled": "false", + "backchannel.logout.session.required": "false", + "client_credentials.use_refresh_token": "false", + "saml.signature.algorithm": "RSA_SHA256", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "true", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "true", + "saml_single_logout_service_url_post": "https://impact.bmw.cloud/multipass/api/collectors/7bd86018-d0a2-421b-9e00-b77bab0838b1/saml/SingleLogout", + "saml.encrypt": "true", + "saml_assertion_consumer_url_post": "https://impact.bmw.cloud/multipass/api/collectors/7bd86018-d0a2-421b-9e00-b77bab0838b1/saml/SSO", + "saml.server.signature": "true", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding.identifier": "/ewlwAsHsIG1PkTPfKmGSGYGJio=", + "saml.artifact.binding": "false", + "saml_single_logout_service_url_redirect": "https://impact.bmw.cloud/multipass/api/collectors/7bd86018-d0a2-421b-9e00-b77bab0838b1/saml/SingleLogout", + "saml_force_name_id_format": "false", + "saml.encryption.certificate": "MIIE0zCCArugAwIBAgIEWSwjGzANBgkqhkiG9w0BAQsFADAbMRkwFwYDVQQDDBBpbXBhY3QuYm13LmNsb3VkMB4XDTIxMTEyNTEzMTkzMloXDTMxMTEyMzEzMjkzMlowGzEZMBcGA1UEAwwQaW1wYWN0LmJtdy5jbG91ZDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJr3kQjeWOd9bPBTGAlQpbrh4kDmweESAeu2kXPqtQkEaHjdIHbgQAE/J1BAxme0hB0RzeAV1h4rdg8m1UUx2jaZ/QPvwgggFaGcdykM2Ja/f/dnnm5P9Xi8DYRWR+UJy9Sa9gJwPfgCPWNwcXNKC2+xW/fubvjfEE8K040KqhPFrT5wOA6mbDohYBrGa4xcXrnNsts2dnU6ecXnlrgjYpYHL0cIxVRvtxJ49VgJRuWXCIDLqkogqm/FdHIcwMcy11GfM0O3JTRl+oNGyTYBHaFrwLOWmv3LggcBoAPIIz4tlsr0bMG29IW2snVIPL4x3NptehODwfcOiagfd+QNjAungmCugpoPYM78bxkKT/24LTg3lFYSqC/CGSkz4OQLEbwYUV/qrcNo2r3tQsD3JahCppH2zhvJSoko0XijVRyQ8Xh8hWWaj3ana89rCg7DztSQJmrM0YjYNngTnQgdsK0NVljy5tL7nLHpV/DQ0OmzW84C7uNtDDmwysGof89H6VeoovLhWbsqPhhcEapw0v7atpRWSge2Mc0Wh3kiHxmhHQ4tBDa37g/8U8Dhr+w+DmAzQPmRg6/joir/fpgF89ox7J+iONKV9M6JMtIlpIFKWdxL+NMeB1aC3D7cYW9+YSHmkqxX1xFWDs4JbFKqIZYaMkzEqpIz4CgVk+MYfdyFAgMBAAGjHzAdMBsGA1UdEQQUMBKCEGltcGFjdC5ibXcuY2xvdWQwDQYJKoZIhvcNAQELBQADggIBAFCOGx89nkHj2t0PbGuxmnYI5tCEtRuud4/hwZ4Z8kDS23c+2yO4VaQQhn2tYumHMm6mSeImQVUOQQtp+ltaP9k8va8qto3zfhBc6CPrent8Lxw6xn7j/G0EWryvtLy/G0/nDcb5z4+Yilfi49uJdNw1LftX4RvesVSaWqIhTkBbqly5oEysYgGDf7+eW9Af8febKAMbnvzO2yuKXa7XN2xNuVtvF+bBa2gbgIjyPp3mTMm2SGqacqlrTeGj1nFcvVRm03XKAd1IzPhhjGFCjS3lM37qNSrwG7QVTh0fEtStObspEc/rMuAG2huURYEVFsKTEOP3n9Mn4p3veqxVK751jdqxUCmsa942e/P+5JbijHROAmRUyNX/E5ZQh0bf9IGMPrLgVHz+NYddchNmMXa7eMHJZSHnkVvj+K7cXhUS4vN6GuP/WYpbPGCRO3jiVGnZ61ckT5IVUPs5t35k/btQDw+MIc3dJ2UGbuofmmdZ+BiNw3cmICkSTdVIRJvQUG7rsCGHWQ3TjsS/MXDmfmfu5wLD6uY7xOarirCPKwbqto0tICNcV6CFta1VO6Yj8tMaRpdG9MrGHmXNz+ms3H2fd4HyFaL/sxwv2uHW+f8R7YldYnVebTwjtoITSYgZHdJ8yDicKWEFsU1RRlFTbkdvuysyz0+GXKnJbwdpFnBY", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "true", + "display.on.consent.screen": "false", + "saml_name_id_format": "email", + "saml.onetimeuse.condition": "false", + "saml_signature_canonicalization_method": "http://www.w3.org/2001/10/xml-exc-c14n#" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "role_list" + ], + "optionalClientScopes": [] + } + ], + "clientScopes": [ + { + "id": "32795711-2e76-43f9-8138-3ce5b9eae1a2", + "name": "catena", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "748924d3-243b-4d66-9708-89e258dffb2c", + "name": "tenant-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "tenant", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "tenant", + "jsonType.label": "String" + } + }, + { + "id": "b3dd05cc-7289-4a87-9625-af60b859d748", + "name": "organisation-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "organisation", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "organisation", + "jsonType.label": "String" + } + }, + { + "id": "1d94ee73-6981-486c-a2d8-2e2f857cd125", + "name": "bpn-mapper", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "bpn", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "bpn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "13834c57-9211-4e3e-b892-0632a3c15225", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "6c0bfbc5-e3d7-45f9-a0bc-61e30225e22b", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "8868b283-df78-4c9a-b78e-1c29e4b9b61c", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "23e5acb7-2d8c-4bca-8565-36fb57ee7ee0", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "0adf14b5-a345-4d20-83cc-2a353c686161", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "fc35a8f5-fedd-4b66-b3fa-9427e3947dc5", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "73a111cf-271c-4b9f-abca-e4894e29229d", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "c06270fe-f203-4c9b-92a8-ff716b81127a", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "8e22da0e-f450-444a-80b4-824a69532949", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "09dc23a3-1b9f-4b9d-aa87-e875f0f20655", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "0543fff7-3732-433b-8a24-d2784bba1501", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "34a2f332-9752-4a7f-9d61-b4dbd40946b4", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "955c2cb6-3abb-44d1-a3eb-9ebec0cf6094", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "48b4aa99-383c-4178-b966-c0ae710d8c21", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "e24a7d06-7406-4b2f-854e-a5653f8b964f", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "987e5408-e6ef-4cd2-a51f-451fb7c0dc4e", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "1a9bd37a-377a-48ae-9b95-a1c0c5f3fa08", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "dca5ee31-87cb-407b-aba6-d6c846e6a6b4", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "6af98429-3234-4f57-95c0-7df4209cb349", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "b7e70ea0-1b54-469b-b818-dcb7d4657d9b", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "02aff4ea-454c-41cf-8bf6-1bea1e933812", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "438a5f2c-727b-4ba2-82de-d5cf4b8d4daa", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "70bf1855-c34a-4bd3-a06d-f3d62d91693b", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "0c9106a1-9c93-47bd-85b3-8607ba8485c2", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "4386dc68-8dd3-4439-8c63-eabcdb92fd76", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "78be8eb6-ca31-434c-8441-6abbfe553a22", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "fb918735-48a7-4f96-8830-606815788dfb", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "6e4e8483-7c58-4539-98d1-4b02ff5dc6f5", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "58e59849-6457-4c8b-b713-2c5a008461c6", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "99ca536c-58c2-432f-904e-10926bbc207b", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "8a14f08a-0ba9-44ae-83bd-5a65b9d0fe8c", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "2c452702-a301-4cc7-b76c-619b23f44fa0", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "1e6f0566-fc33-4e1f-bf4e-686676fcde70", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "2629904c-d708-4072-9fe4-98e4a30c7dde", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "07ab75f1-40a3-4b2c-ae83-94dac6e529e2", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "email", + "roles", + "web-origins", + "profile" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "port": "587", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-central", + "eventsEnabled": true, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [ + "UPDATE_CONSENT_ERROR", + "SEND_RESET_PASSWORD", + "GRANT_CONSENT", + "VERIFY_PROFILE_ERROR", + "UPDATE_TOTP", + "REMOVE_TOTP", + "REVOKE_GRANT", + "LOGIN_ERROR", + "CLIENT_LOGIN", + "RESET_PASSWORD_ERROR", + "IMPERSONATE_ERROR", + "CODE_TO_TOKEN_ERROR", + "CUSTOM_REQUIRED_ACTION", + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", + "RESTART_AUTHENTICATION", + "UPDATE_PROFILE_ERROR", + "IMPERSONATE", + "LOGIN", + "UPDATE_PASSWORD_ERROR", + "OAUTH2_DEVICE_VERIFY_USER_CODE", + "CLIENT_INITIATED_ACCOUNT_LINKING", + "TOKEN_EXCHANGE", + "REGISTER", + "LOGOUT", + "AUTHREQID_TO_TOKEN", + "DELETE_ACCOUNT_ERROR", + "CLIENT_REGISTER", + "IDENTITY_PROVIDER_LINK_ACCOUNT", + "UPDATE_PASSWORD", + "DELETE_ACCOUNT", + "FEDERATED_IDENTITY_LINK_ERROR", + "CLIENT_DELETE", + "IDENTITY_PROVIDER_FIRST_LOGIN", + "VERIFY_EMAIL", + "CLIENT_DELETE_ERROR", + "CLIENT_LOGIN_ERROR", + "RESTART_AUTHENTICATION_ERROR", + "REMOVE_FEDERATED_IDENTITY_ERROR", + "EXECUTE_ACTIONS", + "TOKEN_EXCHANGE_ERROR", + "PERMISSION_TOKEN", + "SEND_IDENTITY_PROVIDER_LINK_ERROR", + "EXECUTE_ACTION_TOKEN_ERROR", + "SEND_VERIFY_EMAIL", + "OAUTH2_DEVICE_AUTH", + "EXECUTE_ACTIONS_ERROR", + "REMOVE_FEDERATED_IDENTITY", + "OAUTH2_DEVICE_CODE_TO_TOKEN", + "IDENTITY_PROVIDER_POST_LOGIN", + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", + "UPDATE_EMAIL", + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", + "REGISTER_ERROR", + "REVOKE_GRANT_ERROR", + "LOGOUT_ERROR", + "UPDATE_EMAIL_ERROR", + "EXECUTE_ACTION_TOKEN", + "CLIENT_UPDATE_ERROR", + "UPDATE_PROFILE", + "AUTHREQID_TO_TOKEN_ERROR", + "FEDERATED_IDENTITY_LINK", + "CLIENT_REGISTER_ERROR", + "SEND_IDENTITY_PROVIDER_LINK", + "SEND_VERIFY_EMAIL_ERROR", + "RESET_PASSWORD", + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", + "OAUTH2_DEVICE_AUTH_ERROR", + "UPDATE_CONSENT", + "REMOVE_TOTP_ERROR", + "VERIFY_EMAIL_ERROR", + "SEND_RESET_PASSWORD_ERROR", + "CLIENT_UPDATE", + "IDENTITY_PROVIDER_POST_LOGIN_ERROR", + "CUSTOM_REQUIRED_ACTION_ERROR", + "UPDATE_TOTP_ERROR", + "CODE_TO_TOKEN", + "VERIFY_PROFILE", + "GRANT_CONSENT_ERROR", + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" + ], + "adminEventsEnabled": true, + "adminEventsDetailsEnabled": true, + "identityProviders": [ + { + "alias": "CX-Test-Access", + "internalId": "60e5d38d-c0e2-4ad0-b8b7-0ac98d56d6a7", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "validateSignature": "true", + "userInfoUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/userinfo", + "tokenUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/token", + "clientId": "Central-IdP", + "jwksUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/certs", + "issuer": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Test-Access", + "useJwksUrl": "true", + "authorizationUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Test-Access/protocol/openid-connect/logout", + "syncMode": "IMPORT", + "clientAssertionSigningAlg": "RS256" + } + }, + { + "alias": "Company-1", + "internalId": "90455c53-7a98-48c1-bf51-c84763087ebb", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "validateSignature": "true", + "userInfoUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/userinfo", + "tokenUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/token", + "clientId": "Central-IdP", + "jwksUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/certs", + "issuer": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-1", + "useJwksUrl": "true", + "authorizationUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-1/protocol/openid-connect/logout", + "syncMode": "IMPORT", + "clientAssertionSigningAlg": "RS256" + } + }, + { + "alias": "Company-2", + "internalId": "ab9d4e1e-023a-4877-9747-336d68ef71b6", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "validateSignature": "true", + "userInfoUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/userinfo", + "tokenUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/token", + "clientId": "Central-IdP", + "jwksUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/certs", + "issuer": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-2", + "useJwksUrl": "true", + "authorizationUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Company-2/protocol/openid-connect/logout", + "syncMode": "IMPORT", + "clientAssertionSigningAlg": "RS256" + } + }, + { + "alias": "Security-Company", + "internalId": "5503ea02-cc4b-41ca-9598-88b718b8a500", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "validateSignature": "true", + "userInfoUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/userinfo", + "tokenUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/token", + "clientId": "Central-IdP", + "jwksUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/certs", + "issuer": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Security-Company", + "useJwksUrl": "true", + "authorizationUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/auth", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Security-Company/protocol/openid-connect/logout", + "syncMode": "IMPORT", + "clientAssertionSigningAlg": "RS256" + } + }, + { + "alias": "Service-Provider", + "displayName": "Service-Provider", + "internalId": "94318a98-b4e7-4a0a-8742-4e8fdfcbd626", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "hideOnLoginPage": "false", + "validateSignature": "true", + "clientId": "central-idp", + "tokenUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Service-Provider/protocol/openid-connect/token", + "authorizationUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Service-Provider/protocol/openid-connect/auth", + "jwksUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Service-Provider/protocol/openid-connect/certs", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/Service-Provider/protocol/openid-connect/logout", + "clientAssertionSigningAlg": "RS256", + "syncMode": "FORCE", + "useJwksUrl": "true" + } + }, + { + "alias": "App-Provider", + "displayName": "App-Provider", + "internalId": "fc91ae64-319e-4b29-ae2a-599da7a53f3e", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "hideOnLoginPage": "false", + "validateSignature": "true", + "clientId": "central-idp", + "tokenUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/App-Provider/protocol/openid-connect/token", + "authorizationUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/App-Provider/protocol/openid-connect/auth", + "jwksUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/App-Provider/protocol/openid-connect/certs", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/App-Provider/protocol/openid-connect/logout", + "clientAssertionSigningAlg": "RS256", + "syncMode": "FORCE", + "useJwksUrl": "true" + } + }, + { + "alias": "CX-Operator", + "displayName": "CX-Operator", + "internalId": "fbc571fd-cd44-4cec-a36e-4eba647fe712", + "providerId": "keycloak-oidc", + "enabled": true, + "updateProfileFirstLoginMode": "on", + "trustEmail": false, + "storeToken": false, + "addReadTokenRoleOnCreate": false, + "authenticateByDefault": false, + "linkOnly": false, + "firstBrokerLoginFlowAlias": "first broker login", + "config": { + "hideOnLoginPage": "false", + "validateSignature": "true", + "clientId": "central-idp", + "tokenUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Operator/protocol/openid-connect/token", + "authorizationUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Operator/protocol/openid-connect/auth", + "jwksUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Operator/protocol/openid-connect/certs", + "clientAuthMethod": "private_key_jwt", + "logoutUrl": "https://sharedidp.stable.demo.catena-x.net/auth/realms/CX-Operator/protocol/openid-connect/logout", + "clientAssertionSigningAlg": "RS256", + "syncMode": "FORCE", + "useJwksUrl": "true" + } + } + ], + "identityProviderMappers": [ + { + "id": "5b93fea1-a44f-40a0-a2fb-d7dabcaf03c3", + "name": "organisation-mapper", + "identityProviderAlias": "CX-Operator", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "CX-Operator", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "7b9c62fb-f583-4969-85a4-c99893d77cb4", + "name": "username-mapper", + "identityProviderAlias": "CX-Operator", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "2e87ecff-b1b6-4c08-93f2-b64065b28591", + "name": "organisation-mapper", + "identityProviderAlias": "App-Provider", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "App-Provider", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "3ac435ac-1bce-4527-b76b-d04ac0d01edc", + "name": "organisation-mapper", + "identityProviderAlias": "CX-Test-Access", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "CX-Test-Access", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "ec3605b2-427b-4385-aeed-a76437441ec6", + "name": "username mapper", + "identityProviderAlias": "CX-Test-Access", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "83f7a7bb-a89a-48b0-80bd-1828ba5fcddf", + "name": "username-mapper", + "identityProviderAlias": "Company-2", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "be6510c5-8ba8-4fba-a3ca-7fff4fe832ce", + "name": "organisation-mapper", + "identityProviderAlias": "Company-2", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "company-2", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "af0a3c39-9e5f-4fda-83fa-e47642c503cd", + "name": "username mapper", + "identityProviderAlias": "Security-Company", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "e47bafcc-c821-48bc-be42-d4190880054b", + "name": "organisation-mapper", + "identityProviderAlias": "Company-1", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "company-1", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "f8178cf1-85a1-4a49-8d61-d7e8f02cb3a4", + "name": "username-mapper", + "identityProviderAlias": "Service-Provider", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "ce26f893-29d4-4f3c-b76b-ebb7f4699329", + "name": "organisation-mapper", + "identityProviderAlias": "Service-Provider", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "Service-Provider", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "a66d8e43-18cd-4d81-a26f-b9db7cccbf3a", + "name": "username-mapper", + "identityProviderAlias": "App-Provider", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + }, + { + "id": "cc2f5796-be47-4d57-8c54-d5fd771a461a", + "name": "organisation-mapper", + "identityProviderAlias": "Security-Company", + "identityProviderMapper": "hardcoded-attribute-idp-mapper", + "config": { + "attribute.value": "security-company", + "syncMode": "INHERIT", + "attribute": "organisation" + } + }, + { + "id": "c40e0a6a-5074-418a-9b51-7182c354fe71", + "name": "username-mapper", + "identityProviderAlias": "Company-1", + "identityProviderMapper": "oidc-username-idp-mapper", + "config": { + "template": "${ALIAS}.${CLAIM.sub}", + "syncMode": "INHERIT", + "target": "LOCAL" + } + } + ], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "ab25cbe7-60bc-49ed-aa4a-707f84a70893", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "277b586e-0b26-40e9-90d1-e76305d69a10", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "552bd2e5-c656-4796-8d61-b87c3508aab5", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "de1bbb33-9e18-4fc1-9ea3-1fd8ad22eae9", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper", + "saml-user-property-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper" + ] + } + }, + { + "id": "b521525f-30e3-4b93-b42b-8c0dd53fc3af", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "a4df1d6a-2c46-44f4-9d06-62eb9b754bab", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-sha256-pairwise-sub-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-property-mapper", + "oidc-address-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper", + "saml-user-attribute-mapper" + ] + } + }, + { + "id": "f7e25fe0-dfe5-451a-8f54-ceea0cf201b4", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "d15d2dae-9c9c-4c7d-83f3-726f29194489", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + } + ], + "org.keycloak.userprofile.UserProfileProvider": [ + { + "id": "80d93c16-6221-4f9f-b8af-20c313ae6c04", + "providerId": "declarative-user-profile", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "2bd55ad0-2f32-40f3-9749-c2d422fb697d", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "676a20ad-a79d-4175-998a-672bf4826e92", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "50220023-09bf-443a-a8b3-f306279cbb5b", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "a510d16e-c3f7-4a88-b853-625a2cd357b4", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "0fac6700-45f9-47f5-8ffc-1149d37d2c60", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "6077b6e8-243d-47da-9aff-57f3e356d260", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "6ff98fd1-dd2d-45e6-a250-414a15678691", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "bd4fa278-5e88-4363-9375-7f25a9ca4ee0", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "e5160140-36c6-41ae-88ee-e13e335ba471", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c45b6e5c-af4f-4b20-9b3c-bbf4a3998c55", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "89c10454-1927-4292-8fd0-8bfef40efeba", + "alias": "Login without auto user creation", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Login without auto user creation User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "758343b7-60e3-4876-abd1-c814277bba16", + "alias": "Login without auto user creation Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Login without auto user creation Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "be18e1d3-a03a-439a-96ae-0fca8cdcf4e3", + "alias": "Login without auto user creation First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "07163690-c59e-4cfe-ba62-0a2ec23f535c", + "alias": "Login without auto user creation Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Login without auto user creation Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b55b2257-0125-4c07-9e8e-250a33d2f4c7", + "alias": "Login without auto user creation User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Login without auto user creation Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ede7951b-99d8-4ca6-8ad7-69055c2d2324", + "alias": "Login without auto user creation Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Login without auto user creation First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "0e9b34dd-6b01-4a83-a3d5-ecb94ccd9044", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a5134b6c-38a0-41eb-88eb-a54881580704", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7136bd9f-0b59-4a35-89d1-45265e31c8bb", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d002e886-5fe9-4175-8df1-11ea7fb6d1f9", + "alias": "WebAuth Browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "WebAuth Browser forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ffce857c-c600-4a8c-9000-0ab90cccb0de", + "alias": "WebAuth Browser Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "webauthn-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 21, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "9428c695-44a4-4d25-bfa0-264e6205920d", + "alias": "WebAuth Browser forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "WebAuth Browser Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a5803e20-ca48-4507-8af2-e2f9f777597d", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "cf41aea4-131c-4e9c-b3b1-2ad5e49ee0d5", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "66cf57f8-e5c1-48ac-92f0-0449c414c491", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d3801254-af32-4114-9a25-28430ea48f14", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "61f0a690-1d6f-4c8a-8060-48c43776df32", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "f36ad2df-82dc-4030-b3f2-b1f6fe9090b7", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "46b5c0be-6b4a-4b68-badf-959e11eafab5", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "3a268c73-954d-473f-ad1a-d6dbe358373d", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "1de70ee4-9f36-480d-abea-aef9e6b52d95", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "102f2aa1-43db-4ba7-bc6d-d1d6655ad4ea", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ae5f0aea-98df-492a-8154-0d481faaa2d8", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "b0f91ad8-dd8b-43b6-a5aa-59a71fc1b9b5", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "f3e58a9a-49e4-4f8f-8b32-811a2b901130", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "userProfileEnabled": "false", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/rc/App-Provider-realm.json b/import/realm-config/consortia/catenax-shared/rc/App-Provider-realm.json new file mode 100644 index 00000000..addbdd64 --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/rc/App-Provider-realm.json @@ -0,0 +1,2159 @@ +{ + "id": "App-Provider", + "realm": "App-Provider", + "displayName": "App-Provider", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "09223270-6b75-4dc1-9815-97eddf244e94", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "App-Provider", + "attributes": {} + }, + { + "id": "fd2ed9dc-cb87-4acb-80af-e21339d4abca", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "App-Provider", + "attributes": {} + }, + { + "id": "fd663c27-1fea-4d1b-9f19-7dd746e67f57", + "name": "default-roles-app-provider", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "App-Provider", + "attributes": {} + } + ], + "client": { + "central-idp": [], + "realm-management": [ + { + "id": "20233a40-3093-4da7-bc11-3a3c5a9bc084", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "89dce047-7e67-4b0e-83c6-0d2df0e54ffd", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "50d4aa80-bdfc-4f4f-829a-63bf94f88f3a", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "55d97062-c5c3-4f9b-bf5d-9c4c708df3c2", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "5b0106f7-34f4-4e3a-b5d4-51af8d5db89d", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "a3d2e6d6-1b66-42c4-a3a0-9cef35da82c2", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "88900617-94ee-4fb2-8482-6979d7dca836", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "d2aa1213-9622-403c-a6f1-9263fc07bc65", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "75536e36-718f-4856-bdfd-cdeee779c234", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "4b21896b-2a07-4e72-864b-df5d695cc7d4", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "554821e2-47b2-4607-a45e-efd057b754d0", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "1bcb97a3-b339-4c8b-a6b0-9e6cbe92a23e", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "4b0bd4fb-a9d3-4c7d-8f5f-773823dd2337", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "c07593bb-5b52-481b-b5f5-8dc13343308a", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "manage-identity-providers", + "impersonation", + "manage-clients", + "create-client", + "query-clients", + "view-authorization", + "manage-authorization", + "manage-users", + "query-realms", + "manage-events", + "manage-realm", + "view-events", + "view-realm", + "view-clients", + "query-users", + "view-users", + "view-identity-providers", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "f6f77d19-d41d-44bb-a279-5c36005039a8", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "9e25fc38-671e-49e1-9356-e6b8fe011cf3", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "6fd1635a-fdc5-485e-be3f-2f9dba3dc7d9", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "6820666e-01d4-40be-8d35-a34298be3a10", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "1ded6023-db88-424e-b93a-a8f9b7e28fad", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "8e3da633-242c-4954-949a-37d94d4b6a6f", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "cf16b191-cb70-4edd-9ced-ee408258002c", + "attributes": {} + } + ], + "account": [ + { + "id": "c8a7de18-57bc-4074-9cc8-3169019528ce", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "c51cd08d-75d2-4583-abf6-0a8330af9cf2", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "8c2ce12b-1d5e-4c72-a93c-7cf15c71a8a9", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "cd6903f5-3d55-495e-83bf-08f353c00d46", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "a6016c79-0a89-47b3-b251-d97d54ae8a28", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "0bd51d37-1733-4a78-9828-e02b12b03fcb", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "d0250d20-bb91-4bde-b5bc-1170a30ae0a1", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "fd663c27-1fea-4d1b-9f19-7dd746e67f57", + "name": "default-roles-app-provider", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "App-Provider" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "length(15) and forceExpiredPasswordChange(90) and lowerCase(1) and digits(1) and notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/App-Provider/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/App-Provider/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "49d37a59-09cb-45ea-8b35-65860c522725", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/App-Provider/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/App-Provider/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "1ea78736-9707-429a-b7e9-10978023e9b1", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "26e156eb-636f-459c-97fe-461f879d6ac2", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "cf16b191-cb70-4edd-9ced-ee408258002c", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "70aebb42-c1a0-474f-b6d5-0163e4cc62ae", + "clientId": "central-idp", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/broker/App-Provider/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "token.endpoint.auth.signing.alg": "RS256", + "use.jwks.url": "true", + "backchannel.logout.session.required": "true", + "jwks.url": "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "aa88e0dc-6199-491c-9225-9e8265039187", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "51ea3e52-0e10-40a6-a615-faf26a7e71cf", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/App-Provider/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/App-Provider/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "ab4dd7e3-8a1d-4a08-82ce-0a4b0b749d40", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "c6272fe0-3eba-42ae-839a-746b94d0c3c7", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "19065bcf-4d88-4a1f-ad54-af8e23b80e4b", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "778b84c8-c8be-4d14-b037-b36313ad23c1", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "3dbec8ec-62ae-4115-8a03-4416ce14cedf", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "02021fb7-210e-4d2e-adf1-458fe5170467", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "19be5e0c-5cab-42e5-9d43-40f44a50e977", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "87363e4d-0c6c-4ab4-9ea2-6c056cbb064f", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "11934209-b930-4b49-9442-0bda768614db", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "e963048b-b1d1-4e91-bfbf-4cb55dcf2951", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "25e3a8f9-0ecc-47ab-a865-416d678b50f3", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "d86241de-10f6-4788-bf05-3d1ad3cb8f27", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "e3236345-1ce8-497c-bcc4-8374545f4026", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "2c68c91a-349c-4a3f-9a68-f5cc3848e086", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "1cda8183-b2c0-48f6-b97c-be148f16c393", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "c103f2d7-5fec-4d3d-9a95-b6a91a85031b", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "f6797374-9a19-4ae3-b5f2-06c5d2c7946c", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "99fd8aa0-557b-41bf-8739-0d9b5c5270d8", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "7bd24d38-99c6-47f7-b277-81d7d1e60a31", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "30e4f584-decf-4444-b187-4ac0c91fa072", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "95bccfd2-221b-405a-a206-29bfb0e3e3f6", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "f98f1864-68ae-49c9-b893-d43bf2cdeb38", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "2bb0e215-775b-45b5-9304-e55500598256", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "a96e6b24-d4d2-44ae-8e77-a70b4c4e95b3", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "e49ad8ba-a45b-4ba7-b44a-cc08e39603be", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "7a3cda53-3124-44c4-b71b-2e12d5574180", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "1120836b-6583-44bc-ac0a-b78329cce2c7", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "66143e08-873d-48ba-ad8f-f8149769b812", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "c6cbfb2e-af8a-4a57-b9b6-488bf79ef678", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "8b690766-9431-4d4d-827e-c5959a88dd1d", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "32b4fdb5-dc87-45c8-8a0e-18cea49ddf68", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "10e72ecd-0b63-415f-9e43-f7eb74a05c98", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "345e24b0-f9f1-470d-9497-568f6f711411", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "b9a0059f-0789-4171-8b8a-2706f19dc89c", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "613c19d9-bcd2-4382-84f1-4b2c4fde6632", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "22a3e5e7-1167-41b3-a80e-885928ab6db6", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "port": "587", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "ad998465-a5ed-4baf-87ee-6c69dd9c6151", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "b12c87ec-7ab4-404d-bbbd-2eb1753b8244", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "0132f9e9-f275-4c65-b0cb-110f5151a977", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "saml-user-property-mapper" + ] + } + }, + { + "id": "079b5dc2-6c36-4026-a3c2-aeec16820998", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-role-list-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-full-name-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper" + ] + } + }, + { + "id": "0c60d449-259e-45a9-afc7-c250d9d24eea", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "b376429c-8dee-4c98-95a6-75824ffc5ee2", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "7d9fdb85-7ba3-4563-b42c-452d5b95a6d7", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "0b9ce881-466a-48a9-b520-4e3597eb34c2", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "48f5cd6a-cc7d-4ea7-80c0-13f0ae59a62e", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "cdbd8a66-c024-49af-9c15-721615247868", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "cba32d19-3c2b-4db7-86fd-2ceaf9858627", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "94623990-0d55-4e76-b437-6101cbe714c4", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "20300ece-34e7-48f6-a1b7-71c4a08a0ee6", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b4059920-5a70-446c-91d5-c7836854478d", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "837fd5be-0fd0-4bc0-b0ba-cdf360c6b562", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "311a239e-32c5-4749-8d72-b1f523bda174", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "eeb740a2-ddb4-4005-9100-8f6cf3e46fbe", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "abc88c1e-cee0-4ee5-b794-51fe70745414", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "f344b264-d8b4-48eb-86db-990dfbff025a", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "accf2752-c3ff-4613-9090-e05595974e2d", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "17c46d2e-fdf2-48a6-b833-449722dcbffb", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7a83f59a-6f89-4395-8d2f-a38e07aad274", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "57516d76-98ef-4508-94c1-f812b70cbef1", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "99b94f2a-332d-44a6-83ec-1ae2610c187c", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "40eaee95-0a7b-4c7b-a2fa-53d5b2f164b6", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "921144d2-e71f-447c-9d54-b3e8877e834e", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "6a243e13-f168-4472-a678-8e15e6f03f3f", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "8defdbdb-dd68-4131-aee0-5f4c3fb8e77a", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "2bd1a483-4f3f-4de3-87da-1d3ee9075ffa", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "294b35ef-360c-415b-a11c-326189e35cbd", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "038c74fb-e4cc-43d1-9a85-adfbf31c8014", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "dd94f42e-0c4a-437f-81e0-78a96a223685", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "bd7aff9d-4dda-4b22-92f1-d91ff5b851e3", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "a084c15f-882d-4c53-88f6-5e3b31298083", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/rc/CX-Operator-realm.json b/import/realm-config/consortia/catenax-shared/rc/CX-Operator-realm.json new file mode 100644 index 00000000..bf81ac4a --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/rc/CX-Operator-realm.json @@ -0,0 +1,2159 @@ +{ + "id": "CX-Operator", + "realm": "CX-Operator", + "displayName": "CX-Operator", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "f9e700c4-3479-4df9-8f66-32d3d0aa402f", + "name": "default-roles-cx-operator", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + }, + { + "id": "fd28e000-c7c7-4637-9137-43aab13a4f5b", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + }, + { + "id": "44683915-2421-4815-ba4a-81ba4af2e700", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + } + ], + "client": { + "central-idp": [], + "realm-management": [ + { + "id": "54175197-ae2d-486c-b52a-f1de1772ef8f", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "00e3c5bb-6c52-40de-8c2b-fcce4090b3fc", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "de03316f-e10e-4261-9914-49b6b66f4159", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "0ac296ac-bf3d-461f-96e6-cd0fcce4b97f", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "ca00badd-aeca-4378-aab2-6f133972f3c4", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "85556a10-4077-4929-8fa8-eb910cbcd39a", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "d5fc862f-243c-4cf4-86b9-c269c0a6cf18", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "4fba3f08-7718-4dbd-8eae-ec72ac38b4dd", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "23a20fb4-0ea9-4f7f-8540-fcf9f7aaa030", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "f4b36def-8935-466c-986e-230cf8e74816", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "3075363d-78e1-45fc-aeaf-1c6f0202346a", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-events", + "manage-clients", + "view-identity-providers", + "impersonation", + "query-groups", + "query-realms", + "manage-users", + "query-clients", + "query-users", + "view-clients", + "manage-authorization", + "create-client", + "manage-identity-providers", + "view-users", + "manage-events", + "manage-realm", + "view-realm", + "view-authorization" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "e1f16553-28d3-42db-99c7-e6204246a2c1", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "8a140563-d3d7-4cbb-a023-ac2ccf444158", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "e8622ce0-182b-4c04-ba25-8ed5c50d0683", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "0435d9b3-43a6-4b44-a661-2c7381e88ad7", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "320ceb6f-8744-4fa7-9d1b-32c8a9f0ffc6", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "09370612-e580-4ab5-8827-5ed0e7faa0bb", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "1846e5e3-6823-4ff5-9026-1751f159069a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "a8063557-4d74-435b-ab1e-2ba52c5308f8", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "62ca4922-3ea7-42c0-86b5-227149277c34", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "be1cf7e1-0270-41d1-9ce3-f9ed840fd432", + "attributes": {} + } + ], + "account": [ + { + "id": "ff99d820-6dff-49f0-b831-ce7fe6801b42", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "fb06b072-0737-4fe4-84dd-bca8d32d4550", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "bbbe2dd8-5c93-4885-8b0a-7e227d2f861d", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "cd0cf14c-0739-4da9-9283-98c8a7739c97", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "91d84ea1-42af-48c9-ab3d-b160c423120d", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "c61934bc-75a9-48b6-b37f-131c72b8ac37", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "0e19abe7-b5aa-48ae-b5ef-f589fefff5db", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "f9e700c4-3479-4df9-8f66-32d3d0aa402f", + "name": "default-roles-cx-operator", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "CX-Operator" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "length(15) and forceExpiredPasswordChange(90) and lowerCase(1) and digits(1) and notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Operator/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Operator/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "586494f5-d21b-4dc9-b618-ae6dde896a59", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Operator/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Operator/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "3dd58884-4647-477e-a7ef-1b299aa2a26c", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "793217d8-80d5-46ec-9507-aca5a8dbdfbc", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "be1cf7e1-0270-41d1-9ce3-f9ed840fd432", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e01bbf6a-966b-4a04-91cc-1be54398d023", + "clientId": "central-idp", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/broker/CX-Operator/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "token.endpoint.auth.signing.alg": "RS256", + "use.jwks.url": "true", + "backchannel.logout.session.required": "true", + "jwks.url": "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "5d4be671-a85b-4102-91c0-3d444e9549bb", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/CX-Operator/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/CX-Operator/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "2f451e93-4f2f-450a-acb0-6b170c9158a3", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "362f247c-98b6-4577-9fdf-58e9b8b02ff1", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "85d44bfa-e5ae-4982-af15-1557b52e9fec", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "c073d69f-8ff1-4f66-8108-1da31b9a01ca", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "ea162d29-da0d-4caa-8210-122ea067481b", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "ec42fa8f-1393-41be-ba33-377b8dd0246f", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "0ab73adc-4dd1-4a32-abe2-12093cd10b43", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "4cb009ee-b9e9-4d10-b5b5-3ccce89d12c0", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "fe93e386-dcff-4871-b6f3-d37906ab0d43", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "870e4c2e-83fe-4ea6-bf70-24627de5cbd9", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "b504ae92-cf77-40d0-853f-3f7521c45c73", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "60891e8b-ce9f-475c-b6ae-8d3ce862c43a", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "78ee36f2-b876-4e61-a821-19a41ae70fd9", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + }, + { + "id": "e4402c22-40ad-4be3-a3b5-567baffdcb8c", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "56f5418e-2b15-4f99-a54f-746b27ffa788", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "023fc147-52ae-4ea9-b106-d713d4625f48", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "d63e6bfd-63b3-4853-9f80-8c8bb6a5b95b", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "7550baf2-3541-46cc-827d-452328409445", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "5c617319-cb7e-4925-bd25-5ed43f9681e0", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "1d8185f2-3051-4f6e-a6c7-3be7569883e4", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "b01c009c-28bb-405e-bdba-0a7e0d819663", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "525eee5e-159b-4365-b5b6-4b95e98a48f2", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "3bfec154-789d-43e1-b9d1-eabadc087ec0", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "e926db58-7353-4562-ac69-feb767ff9a45", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "b742dd79-d660-4d89-b45b-c5a803b64baa", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "ba11b750-af17-4bd9-a418-8c2c2a39146f", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "9532afdc-0222-4e79-b09f-c4d8c3c2a9ae", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "5777b34c-7bd8-4148-8851-209fc716556d", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "7e11dcd2-0f73-4445-bda9-fff2a021a386", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "c82ce218-3c8d-4539-a746-c66f0a1887f6", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "05608ade-80a4-4684-a020-6135ca6b39c7", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "f8a41bb2-8aae-4c7f-bca0-d241b1571896", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "df21b649-0b05-4ba1-b0fa-0b3729af5b59", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "38880d3f-296c-496c-bf6e-010c83d1243b", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "df3cbe76-8bc8-4d47-a17b-4ea5fdf1e70f", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "e2d302a0-1df7-4dae-9128-a1d5d9a6c160", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "port": "587", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "ff800f90-97c0-4f08-b95f-397a9325bbb5", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "84e3090c-5cb3-4157-a366-0427efeafdd1", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "6c46f360-1831-4f1d-97c0-a36503a61243", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "e9eefa38-4c5f-4afb-bf8b-70f36d4d3180", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-property-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "saml-user-attribute-mapper" + ] + } + }, + { + "id": "d159b35a-dab0-4f35-a1c6-4403db711c60", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "f0681c21-2cd2-4860-9bde-e73b2a2adb14", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "d5109c64-e80b-47dc-839a-a43daf933a0d", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "4cc22082-1d2a-4f91-bc0f-c7dccb010ef3", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-address-mapper" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "46984e4d-ce4b-4f6b-ae36-52068ebd71c5", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "2e8584a5-4683-4c75-9a71-18b6b593fec7", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "73e2090a-8890-499c-b4b8-cb652fcbc182", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "4f40e663-8063-4190-9d1b-2c4f231a157b", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "b063b12b-0241-4abd-9ca4-ecfcfd49c835", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "4789f6df-4575-4a40-905f-da09463796fb", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "10f36f5f-7650-4ea2-86b9-d6bcf8678635", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a7e54bff-9aab-4d81-9547-9415464d4fae", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c4f842fb-5041-4b4c-a285-d10544db2e64", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "1bc372bb-ec2a-416a-ae69-2aa8b16cb2b4", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "764b661e-a9a5-440d-99a3-c68605c8649e", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "4305fe2b-02b5-4396-a1d1-f3033124303f", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a32570e2-2612-46a1-810b-32338b1e919b", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "4e8720c1-ec42-49b8-a648-9cc5c85e8a0d", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b031bc10-ee2b-474f-93bc-14712bac758f", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c68cf361-c790-466d-9399-9c826436b43c", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b14e6633-8f62-49b3-b6b2-edc80e80133e", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "876582e7-bf0f-44c8-aa75-1f3b875e5e0b", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "75fe4f59-be2c-4788-82c4-2c3a492e1827", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a4a0f8e5-07ea-4b08-b5b7-71480111085b", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7d3641c9-82c5-4830-a59f-b2e9f20aef41", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e3d1c905-8fb5-484d-bda0-5f55a9a4b286", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "79a911df-2682-4673-b74f-bdd4aec7e4c0", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d70e1f83-c985-4f2f-a809-a8762eb0f264", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "2006dfea-6d20-487b-ac66-b8f471b67371", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "c62239df-a7bb-4fce-8528-1f1024998af5", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/rc/CX-Test-Access-realm.json b/import/realm-config/consortia/catenax-shared/rc/CX-Test-Access-realm.json new file mode 100644 index 00000000..25d7948e --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/rc/CX-Test-Access-realm.json @@ -0,0 +1,2310 @@ +{ + "id": "CX-Test-Access", + "realm": "CX-Test-Access", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "7fc2660d-887e-4ec1-91a8-f3a206ddf990", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "CX-Test-Access", + "attributes": {} + }, + { + "id": "8987da95-72d9-4e57-a5b0-8f79e540df65", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "CX-Test-Access", + "attributes": {} + }, + { + "id": "dd90c7d4-cb35-44de-9546-ab1a3e6cd2b7", + "name": "default-roles-cx-test-access", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "CX-Test-Access", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "b70f395d-1c64-4ce4-bca3-ac1f87d3ac93", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "c597edcb-e00d-4bce-8789-5a667848794f", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "f43e2bbb-18ed-4e46-aa83-e30647ca2acf", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "d9a7713a-433f-47d8-a4ac-a2352fef5ff9", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "bb705c97-3da1-420a-8ac7-5a816bbc2c06", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "a75a9da1-42c9-4149-8de7-8839ccca2acc", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "d08f8c21-bbcd-4693-8eda-75809c362eae", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "6fd994bf-73e8-47ac-abac-331987af4a42", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "2d401ae8-8eba-432f-b72c-48d7cab9f1ad", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "d604ec92-ba33-46a3-b39a-82f7fd58ab85", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "0a9e99a4-8c1f-462a-bb95-4a4e636c0574", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "4961a372-c8f8-44f3-ac44-3d525d1b13cf", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "ebeb65d1-ff03-419b-8d34-1c022cdfe06b", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "83b50677-7f4c-4a73-9d10-810b08860786", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "c7521b4f-d10f-4c69-a287-006dfc3187b0", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "95d5d3f7-7b79-4cd1-8d77-105f3172d6ed", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "fa78bd21-0584-48fd-bc37-986a52b13338", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "31cc9a43-1a1d-463a-a7d5-defbb5410f91", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "manage-clients", + "view-authorization", + "manage-authorization", + "query-realms", + "view-identity-providers", + "view-clients", + "view-events", + "view-realm", + "manage-users", + "manage-identity-providers", + "query-users", + "manage-realm", + "manage-events", + "query-clients", + "query-groups", + "view-users", + "create-client", + "impersonation" + ] + } + }, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "65474875-62cd-47ca-8ec6-efd0277d2d9d", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + } + ], + "Central-IdP": [], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "8189a237-f860-4d22-9af8-e686bc2869b0", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "052ee967-b093-4dbc-8f7c-7b8eb4d62711", + "attributes": {} + } + ], + "account": [ + { + "id": "668e76ae-158e-4016-b5ef-5c31542276b4", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "404aa9cb-0b3b-4024-90db-0577259c5164", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "8e2b5108-258c-4499-bc31-c7801a9dc015", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "d9ea667a-bdd1-433d-9e49-26a144d23766", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "781f2ed7-5976-4107-8e0d-77c2cb943c4d", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "d9186017-c564-4f40-8d1a-15cb2835b31f", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "eac18f80-5d16-471b-9f76-f863a975a7d0", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "dd90c7d4-cb35-44de-9546-ab1a3e6cd2b7", + "name": "default-roles-cx-test-access", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "CX-Test-Access" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Test-Access/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Test-Access/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4834d2e2-b49f-4fe6-9f9c-a8c3a571b58f", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Test-Access/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Test-Access/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "18d6bb28-a231-42a5-a45f-121cd50e00dd", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4bcfd4aa-3afb-43d0-87e2-e8e5e7ebe57e", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "052ee967-b093-4dbc-8f7c-7b8eb4d62711", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c86c9430-cdb7-467d-b8f0-b7fa4c90ad5b", + "clientId": "Central-IdP", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/broker/CX-Test-Access/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "use.jwks.string": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "jwks.url": "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "d0904334-0bf4-4285-9101-609fac5c10e7", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "95326117-810d-473b-a488-5ac662c4dafe", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "892a14ec-4cbf-4d1c-9408-716cb76a3237", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "a434f4df-8385-4fb9-a7ff-cae31f617bc0", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/CX-Test-Access/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/CX-Test-Access/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "33923a97-562a-4062-a3f4-674ca1a14663", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "3c9e0317-a7c3-474b-a3cb-ffaa2005bec5", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "aedc7d2a-acda-42c6-839a-b661c2be9b16", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "5ed23c32-54ce-4839-80ee-8ab8c33c5662", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "9a5ec5f8-1ef5-4352-a284-e6ac20c04872", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "cb986f49-238f-4d37-94f7-b85f0ff9808f", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "4eeeafe7-aa82-471d-a633-2fb9a219ba11", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "54220980-4b9a-470a-9261-b3b80ac6aba3", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "dc64c05c-24a7-46d5-8f88-700bc00025e1", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "41cf11f9-098b-46ff-b455-b8234f5e4eb6", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "0f8103ff-6c88-4da2-9969-14ddc8cb2ae2", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "4739f141-346c-4420-8c16-edc023e8ffe1", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "85d9377f-410e-4bf5-8d5e-0db8913977d4", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "6d97694b-8dfb-4883-be6c-2a6d040ea01c", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "7a461d3d-761f-4c8d-bb63-e49e15dcd6a0", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "6b243aea-9dc8-45c5-acc0-c760d1973d1f", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "8471f5ca-f79a-4663-b0fb-1857b980d506", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "dcb7dae1-7d81-458d-b3ff-80fc99bdc210", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "548e0af1-a4f5-4cb7-8485-c0603486bd1d", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "b648db19-5b08-45f6-bc61-cea8e43a206a", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "b623937e-4d6f-442b-9958-16e18b30eb9b", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "31753316-291d-43c5-8be0-d92f83c4ddfb", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "97c1fc7d-c6b8-4ab9-8fa0-6af1f813d795", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "82195102-69ac-45c2-90b1-ebfeee419761", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "e5c11413-9c37-4957-b379-f2b9ffd90fce", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "d8a20e95-fd5a-4c32-a360-70de76905e4e", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "4144115f-e5a1-48ef-a8d0-5f4f6effa6b0", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "fafffd5e-1901-4e16-b704-afd9883900a3", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "83efafef-1157-4c19-b47b-40938b10e582", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "c6af2eac-9c21-45eb-879c-b048ad3f7b43", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "3893c55b-1763-4eaa-b4df-db70716149ef", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "da470352-d0b0-4ac8-aed7-7608b60b7fed", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "d3fd230b-3f19-44fa-b9ce-f89ab59403c8", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "198fe999-899f-40cf-af0e-974aee0f64c7", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "113a225d-ecf7-4b1d-bf28-ce9abb1ed9e4", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "f56add5d-37f0-4e75-b4ca-7fb7a958aa76", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "port": "587", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-shared-portal", + "eventsEnabled": true, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [ + "UPDATE_CONSENT_ERROR", + "SEND_RESET_PASSWORD", + "GRANT_CONSENT", + "VERIFY_PROFILE_ERROR", + "UPDATE_TOTP", + "REMOVE_TOTP", + "REVOKE_GRANT", + "LOGIN_ERROR", + "CLIENT_LOGIN", + "RESET_PASSWORD_ERROR", + "IMPERSONATE_ERROR", + "CODE_TO_TOKEN_ERROR", + "CUSTOM_REQUIRED_ACTION", + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", + "RESTART_AUTHENTICATION", + "UPDATE_PROFILE_ERROR", + "IMPERSONATE", + "LOGIN", + "UPDATE_PASSWORD_ERROR", + "OAUTH2_DEVICE_VERIFY_USER_CODE", + "CLIENT_INITIATED_ACCOUNT_LINKING", + "TOKEN_EXCHANGE", + "REGISTER", + "LOGOUT", + "AUTHREQID_TO_TOKEN", + "DELETE_ACCOUNT_ERROR", + "CLIENT_REGISTER", + "IDENTITY_PROVIDER_LINK_ACCOUNT", + "UPDATE_PASSWORD", + "DELETE_ACCOUNT", + "FEDERATED_IDENTITY_LINK_ERROR", + "CLIENT_DELETE", + "IDENTITY_PROVIDER_FIRST_LOGIN", + "VERIFY_EMAIL", + "CLIENT_DELETE_ERROR", + "CLIENT_LOGIN_ERROR", + "RESTART_AUTHENTICATION_ERROR", + "REMOVE_FEDERATED_IDENTITY_ERROR", + "EXECUTE_ACTIONS", + "TOKEN_EXCHANGE_ERROR", + "PERMISSION_TOKEN", + "SEND_IDENTITY_PROVIDER_LINK_ERROR", + "EXECUTE_ACTION_TOKEN_ERROR", + "SEND_VERIFY_EMAIL", + "OAUTH2_DEVICE_AUTH", + "EXECUTE_ACTIONS_ERROR", + "REMOVE_FEDERATED_IDENTITY", + "OAUTH2_DEVICE_CODE_TO_TOKEN", + "IDENTITY_PROVIDER_POST_LOGIN", + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", + "UPDATE_EMAIL", + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", + "REGISTER_ERROR", + "REVOKE_GRANT_ERROR", + "LOGOUT_ERROR", + "UPDATE_EMAIL_ERROR", + "EXECUTE_ACTION_TOKEN", + "CLIENT_UPDATE_ERROR", + "UPDATE_PROFILE", + "AUTHREQID_TO_TOKEN_ERROR", + "FEDERATED_IDENTITY_LINK", + "CLIENT_REGISTER_ERROR", + "SEND_IDENTITY_PROVIDER_LINK", + "SEND_VERIFY_EMAIL_ERROR", + "RESET_PASSWORD", + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", + "OAUTH2_DEVICE_AUTH_ERROR", + "UPDATE_CONSENT", + "REMOVE_TOTP_ERROR", + "VERIFY_EMAIL_ERROR", + "SEND_RESET_PASSWORD_ERROR", + "CLIENT_UPDATE", + "IDENTITY_PROVIDER_POST_LOGIN_ERROR", + "CUSTOM_REQUIRED_ACTION_ERROR", + "UPDATE_TOTP_ERROR", + "CODE_TO_TOKEN", + "VERIFY_PROFILE", + "GRANT_CONSENT_ERROR", + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" + ], + "adminEventsEnabled": true, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "f4d39346-0216-4e4a-a5a9-9777d1805027", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-full-name-mapper", + "oidc-address-mapper", + "saml-user-property-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-usermodel-attribute-mapper", + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper" + ] + } + }, + { + "id": "06dffe59-3b7a-4af6-9568-4eda475c6353", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "3b073342-79f9-4f70-94b2-9aa5d75b6a04", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "5438d051-0476-4336-8765-8f8862312049", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-property-mapper", + "oidc-usermodel-property-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper" + ] + } + }, + { + "id": "37139ac6-1084-4ab7-b6b5-aa99528760a8", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "f0d9795a-d350-4033-aa88-0424de3ba99c", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "ed783de3-fedf-4af9-8d27-99c75c235198", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "9ebb1b13-9301-46e1-8295-9ebe87e585e1", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "1cc27f1f-d0e9-46b8-bb24-dae9eb5eacf0", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "f1f9c48d-8579-4b24-b1a2-66bb02802fce", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "669aef76-0e2b-4224-b692-e7873d105eb5", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "eed96c6c-fcf2-4dcc-8d10-77d748ed2a14", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "44cdee96-71c8-4340-b9bd-faf592283a60", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "c040404a-884b-4cab-9082-20199c078fec", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "4b658fd2-3446-43ba-90b0-3aea1212a719", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "18d6e304-a993-42dd-b708-11cb7c6ad796", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b3420431-24c9-40da-8881-4fc9b734a3a1", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "366e68a6-fd90-4251-afea-bb52d2507fc1", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "9a60141b-172d-4f5d-9e3f-58832915fc9b", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "980e1a6a-1cd7-4cba-865e-c40cf292c3f9", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "c15bbb1b-ce7f-454d-961c-8ffd071437cb", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "68aeb545-b4a0-439d-97f4-dc945f81f500", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "1d0fc4bf-a1f3-405a-a056-4ab1b595c406", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "16ef32a3-0d38-43a2-8121-9549bbbd1786", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "295f0005-fd09-4bee-a6a9-e346ce875df1", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "54aebcbe-16fb-424e-b476-14f95fa87613", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d21ef958-e0ae-49a9-89ad-e32d85a02630", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "06bad889-af19-4bc4-8bdf-807625f2854f", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d6e6dea1-edd9-4c7c-b2a4-ff6022bcab7e", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a93d2173-c91f-4830-acb2-2ab302414eac", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a91ca547-97e6-47f1-94d6-08f421c53f43", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "c843c30f-17d7-4f97-9576-673477257cea", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "0e274292-b446-44b3-a3a0-300e5f956d32", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "082f73bb-7fc7-419c-a633-bd712eef2758", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/rc/Company-1-realm.json b/import/realm-config/consortia/catenax-shared/rc/Company-1-realm.json new file mode 100644 index 00000000..d69c3053 --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/rc/Company-1-realm.json @@ -0,0 +1,2192 @@ +{ + "id": "Company-1", + "realm": "Company-1", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "737ff7e9-8bfd-4606-9460-9dbdc0aedb4a", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "Company-1", + "attributes": {} + }, + { + "id": "7ea39c59-b7a1-4c8b-a8b6-2954961ec507", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "Company-1", + "attributes": {} + }, + { + "id": "f35527ef-748f-46a8-8f75-5261019bd2ca", + "name": "default-roles-company-1", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "Company-1", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "a4a05389-886d-4b77-b3cf-76611f85458e", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "1ab2399d-1602-4bf5-97bb-d028482de43d", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "e8376c0b-7055-4c74-8dc9-82e36d81cf8f", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "207026b6-87b8-4c67-95ed-f8f8815c6bda", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "f3673773-13e9-4572-bf79-bda19708df1a", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "c4f1d63a-cd59-4e36-ae68-b6a6e86616e0", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "b843fe96-2156-4782-b8c8-870f8a587ac2", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "201f046d-c75f-4eda-bde4-ce6bc3945028", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "da212b35-1822-4daf-8609-cc2c503b34e1", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "8b9dfb14-8af6-43dc-888a-eab852b2bb51", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "b6893823-9890-418d-85ef-eece319c6b4b", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "cb24453c-57df-4533-ab7d-6efd52487615", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "de148166-68b9-438f-bd6a-9c50ef839fc7", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "c6fb6e8e-65e5-4cce-acb3-247115821391", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "impersonation", + "manage-authorization", + "query-users", + "view-identity-providers", + "manage-clients", + "view-users", + "manage-events", + "manage-users", + "manage-realm", + "view-authorization", + "view-events", + "create-client", + "query-clients", + "query-realms", + "view-clients", + "manage-identity-providers", + "view-realm" + ] + } + }, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "2b4960a0-c145-4da0-ad1d-7be01fa9f0ba", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "75be9ce5-0d67-45cb-8605-0e5adfc34cce", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "0d44b420-a90c-4794-87da-0dd2e482ec57", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "248d9474-e92e-46f4-992e-cae1d7415a8d", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "d86d5527-acb8-4b3c-aec3-c018e74c971c", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + } + ], + "Central-IdP": [], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "1716a349-456d-4717-b10a-b2570d11024c", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "5fbf5e9a-181f-4acf-962e-2c8c840a6735", + "attributes": {} + } + ], + "account": [ + { + "id": "f5e3c624-c017-4ae4-8fc2-3f272092ee8d", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "e52ed14e-5c22-412e-b5a0-b77ee9179384", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "933a6653-dd59-4c64-afbf-c5738592df73", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "a8128d34-daa9-46d2-abb2-b8b6613c9c6e", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "58e841e4-cbcd-45f6-bc1b-a6a086f5c5ad", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "1e0cab99-e74a-4819-8349-fab105de6cb9", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "4641bec9-242e-45e4-b73e-def1eb5819b9", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "f35527ef-748f-46a8-8f75-5261019bd2ca", + "name": "default-roles-company-1", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "Company-1" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Company-1/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Company-1/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b900730e-0e16-47a8-bb3b-d5e640ddfa82", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Company-1/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Company-1/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "fbcae586-379c-46ac-90e9-c9f4e49cb9d6", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "84687239-70f8-42ec-bea3-9758d85dc81a", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "5fbf5e9a-181f-4acf-962e-2c8c840a6735", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dfab1e92-777d-4d11-8e48-08c94fc2e3f7", + "clientId": "Central-IdP", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/broker/Company-1/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "use.jwks.string": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "jwks.url": "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c03b5a09-116d-42ec-abd6-1c5afc9d8bed", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/Company-1/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/Company-1/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "b37e9a5f-a7fa-4371-8cf1-36c3772d9c74", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "6c21ae11-7d56-4803-8541-0fd06a84ee1d", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "e258e0ec-4385-40b8-960a-5f295fbdb442", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "124d63bd-e65d-4ca8-b2fb-7f941a836f6c", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "9c957137-142f-4d98-a987-42862b06a740", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "20cda0b8-708f-48f2-9abd-72e4cdc6dbe0", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "76831268-8d9a-4caf-8e32-38be5a110f77", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "6e151e9d-eff1-445b-93e1-260a1b147ebd", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "c02ecd94-2001-4694-9173-dce9960fb242", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "e791698e-01ad-4cdc-925f-b56331aede1f", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "3396db09-c217-4e21-a3d2-e987688271d4", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "0e9d402c-660f-4f7f-aba8-eb91267e4703", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "c8da22a6-8cdc-4a19-9ae4-446c56593ee1", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "8cd58931-10af-455e-ad7e-8534a124276a", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "8ef95a29-5574-446c-a96d-edf6960aba46", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "6a44e0c1-9db4-4071-a323-5504e956b88e", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "ea6199b5-8b91-4c14-970f-058c92c651e6", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "1d58424c-1b17-4f08-8223-2a1803a7ff03", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "23ab4d31-cf85-4bc4-b33d-8c7ff11a9cf5", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "d07b6546-0416-4a31-a111-943687d6cc73", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "9bbe8bf7-d365-451b-84ab-680bfc36f72e", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "9ede0c0c-3af9-4a44-898c-382d02dbefd9", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "cc1fcf8c-11c4-40f4-9bb7-f948c5dae0d8", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "de2db7f5-4420-4b3f-bb5c-20761a2ea21c", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "11f3ce6d-4ba7-4379-b344-965173027b76", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "e2fbd787-b188-4262-8d85-c8a1752fe23c", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "dd87dc12-b2fd-4cbb-a08c-a3210786e378", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "aec437e0-df61-4aee-8ba7-ea25741e7952", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "257c4af0-89fe-400d-8dca-0c2376ae6fcc", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "ae52b888-fe33-4fc1-b865-674ccd587d52", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "44dda41e-0fa1-43b9-bbdf-6ad7785360f2", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "4a2f881a-65b7-4ea5-9c57-cc990e6b78be", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "4c92a098-2fec-41d0-b298-07a0f13710b9", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "61ee9a46-2e8a-4d36-b5aa-1b12128bfd4e", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "56f7f7b8-dc54-4a45-80f8-68b68d5be48e", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "73c728a2-94b9-429f-ace9-21351bed7633", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-shared-portal", + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "371d3661-555c-48a4-9fae-aabb20abe248", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-property-mapper", + "saml-user-attribute-mapper", + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper" + ] + } + }, + { + "id": "ad87f2c9-1594-40f0-a002-dd377944aa18", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "8e02447a-1bb8-4535-83c3-27207977a40a", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "83f469d5-639e-4ab1-88ce-7c3d5bf1ca2c", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "64f5ed3a-2407-442d-a1d2-85b79151ee47", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "daaf4447-3874-45c6-b3e1-b5ae235281dd", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "7edbb3a6-db7c-4525-b7aa-7e0a139f8536", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "saml-user-property-mapper" + ] + } + }, + { + "id": "af857f90-12b5-4efb-9b3f-ecb18205befa", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.userprofile.UserProfileProvider": [ + { + "id": "a197f689-d9c3-4bed-92eb-5a66adebaf68", + "providerId": "declarative-user-profile", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "b797e70b-da5a-4a81-9c5c-86a1991338ff", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "b17c3abf-49ce-4c36-9508-a92daa0e3258", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "25358e61-6908-4c1f-88ef-ce5ea789d3f0", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "9e9fed2a-48e0-4bb8-b297-57ca015d3968", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "d0ac1856-ddd4-4c73-a227-02d7b7ac6222", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "0e74307e-97c1-4947-9fc5-50d0fc030bf3", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "da3baf0e-253d-411f-b669-dba5c7229a2a", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "3208e5be-09a7-43ff-8e24-e5f7aa1b9cac", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "dbcf8da3-5d78-4f29-a2e1-a8855398ae36", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c5d9272a-578b-4080-a1fb-fa77e49532f5", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "9583b1fd-2b25-4a90-b165-4749a5a9118a", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "92d32f27-b266-426d-802e-0d488849474d", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e5e866d2-d33d-47d3-8008-34c5ca441bc6", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e8c62fd5-4a60-45da-b210-b64a7c50ce74", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "97e2f5f1-6dc6-4b38-a699-4f207da3a12d", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "5c9d6430-9775-4f54-81e5-e36dc4d4f30e", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d56fecef-a5ba-43b4-9078-3bc00be1deab", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a4fe6b02-f901-4b9f-82c3-69c857fef3ea", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "211bfd67-b114-436e-9dde-1353bb47b7a6", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "cef227e3-9574-45b0-91e3-1a2c6e44b4ab", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7d196326-93c0-4122-b832-bec014469139", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e4700f01-d9e1-4e52-8c2f-c2cefb728bb5", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b7a8bae5-4432-4112-9ee7-7a3e450c9b07", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7f268b7e-d989-421d-8442-b3ee9375f67c", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "97b8d400-d49f-45fa-9aa1-abd8e03e89f4", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "1e3cd852-b302-421d-9e97-1f7c2c3112de", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "userProfileEnabled": "false", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/rc/Company-2-realm.json b/import/realm-config/consortia/catenax-shared/rc/Company-2-realm.json new file mode 100644 index 00000000..9fefb0cf --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/rc/Company-2-realm.json @@ -0,0 +1,2183 @@ +{ + "id": "Company-2", + "realm": "Company-2", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "07b011d0-df1c-406e-aeea-cebf84f1afce", + "name": "default-roles-company-2", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "Company-2", + "attributes": {} + }, + { + "id": "98158b74-c0fb-4e87-9d28-af3677d7dc9d", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "Company-2", + "attributes": {} + }, + { + "id": "67018b6a-e063-43d7-9967-65b989ec5a59", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "Company-2", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "6f133934-a728-4a11-9f32-60cce19c2f45", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "4c8e3af0-9363-4680-bd80-3b1c21cecbec", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "7d8b9db1-1e32-430b-8ba7-0e48805ebfac", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "22ec24b8-48fa-49f8-80be-e84ae9057eb4", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "8c933a4b-5b3c-4bd1-abbb-093809cdc14f", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "create-client", + "manage-authorization", + "view-events", + "query-groups", + "view-authorization", + "query-users", + "view-identity-providers", + "manage-clients", + "view-clients", + "query-clients", + "impersonation", + "view-realm", + "manage-events", + "manage-realm", + "view-users", + "query-realms", + "manage-users", + "manage-identity-providers" + ] + } + }, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "a7713ff9-eac1-4fc3-ab0b-275ace863b99", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "f8f1e810-5168-4d3f-af07-3a2b348a5ac5", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "89d7d1ef-1f6e-43f4-ab9e-d57480405a24", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "d8949aeb-e37e-4090-881d-6ee256a7c078", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "da07557c-0178-4bfd-9a81-180484def268", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "5ee7a4d9-1c51-43b6-b959-4c09f4de7f63", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "232cdc4a-377d-4ef3-9225-aca510f44766", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "65ccb9c1-c9b3-4853-9636-0367f280dc2a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "42a72b74-7054-421f-a1f2-f78930cee990", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "9c5a61c2-b3f1-4601-8236-043afde87fda", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "24cfd3d6-121c-44bf-8363-9720438e985b", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "5c3b4ebf-f8b8-4ab2-9d19-13990bb331af", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "5454ff27-df12-4be4-bf8f-f3390fdc876d", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "3a968552-41d5-4782-b410-a29eaa50c2f9", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + } + ], + "Central-IdP": [], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "8548428f-0c53-4b70-99e3-4a894a2836a1", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "05011dbb-dae9-446e-b8b9-8c2a67f62ca5", + "attributes": {} + } + ], + "account": [ + { + "id": "500f352f-8493-440e-8c4b-6053ef65a636", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "5622327e-e406-4a83-a9bc-eb8537e6dd82", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "bf4969a6-62b2-434c-bab4-65095e99a4ce", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "9d1f083f-0b22-407a-ab76-c907b677347b", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "d39b9e6d-8d0f-40b5-986f-59b5e85f50c4", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "bcb5c9f9-d99c-491b-b8f3-8f4d4e5fd221", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "ffbeba0d-f3ef-43a3-98d5-845d33cfc601", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "07b011d0-df1c-406e-aeea-cebf84f1afce", + "name": "default-roles-company-2", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "Company-2" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "0105a266-2635-40da-b6a3-7c106018a77d", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Company-2/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Company-2/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d4498a60-40e0-41b2-a0d3-686b927be4e3", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Company-2/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Company-2/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "f6bfa95f-76fd-4215-9e3f-b96f1177016e", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "ceef1449-a25a-40b6-a079-ffa4a7e7ef9f", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "05011dbb-dae9-446e-b8b9-8c2a67f62ca5", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "8e495f6b-df34-47b4-bc39-4f9a613a9e69", + "clientId": "Central-IdP", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/broker/Company-2/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "use.jwks.string": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "jwks.url": "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "9c6d1ab0-7b4e-4780-9f5e-4b26a9187baf", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/Company-2/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/Company-2/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "87305044-fcc8-46a7-8255-ad2667beeeff", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "cbed30ab-ea18-42b5-bfd8-373af2aff4bc", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "32b1a492-9439-4cef-bcbe-15dd4f4097f5", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "9b26b004-8134-42d4-9ebe-3bacefa53d55", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "b91cb0c1-eac6-4c8c-b25c-82d814c11bfa", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "21d99eb3-42df-4901-b33c-244e369eb1d1", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "5698eb5d-c315-49e6-89f9-5bcf3f1d0bc3", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "a44b4427-e980-49a9-939e-ba748b0b03db", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "9e5bb8d8-f02e-4e80-b171-0387f79cad06", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "ff78cd73-27b4-436f-98d0-908b34e5d4ad", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "7c079379-9e95-44e0-9561-04e8cddd4303", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "234e763e-c9b2-4856-89bb-0836909f6d91", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "ac3540c9-6783-4025-a4a8-c99baa22333d", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "f1319e83-b9f4-460a-9760-b8f14f425489", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "20e61376-984e-45c0-843c-fa89f14fab09", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "c970ad00-d31c-42ad-a8b1-3cbd9ec07539", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "e3e26bcf-fd59-406b-a683-f919ff2c9024", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "e0f86d3b-33f0-4faf-80fa-718f22bb1ade", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "2aefe0de-2786-49e3-a740-c3208ffc09cd", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "3659043b-e516-4cbe-a78e-7f7ba5afb865", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "7de2a17f-54a0-4fed-8926-0dbb21ded513", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "1121bde9-6746-410e-be3b-bc0453e04b2e", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "ca3c4aae-bcb3-4b06-a7e9-3c8e4a6f0692", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "0d0a4afe-90e6-448b-9888-1aa2c82bb34b", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "e74d03b9-52c1-4516-ab2b-8813e12a952c", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "2f8ad681-dc7b-4165-a43a-df0c311b1cc1", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "459ef22f-2fcf-4f74-803c-d2cdecdee687", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "6d467582-8b0f-4181-9359-9616b4f134a4", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "69bedfe1-34b4-4990-a626-8ba8efdb4184", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "35d6077c-f4c4-4433-81d6-668413c7a358", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "a55e928c-9145-4872-828b-7f02d308dc38", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "ed0c7ecb-545d-40ba-ba4a-91a8bd688c0c", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "dbaefb50-27b4-4786-93d4-1b0d07f423a4", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "aa8ecfd8-3b1f-4118-afd7-e9b78dcfeb92", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "2a74bc74-2ff3-4e47-9339-c77aeebd3756", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "7f031d8b-ad80-4af4-8481-3c2ded30be3a", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "fromDisplayName": "", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-shared-portal", + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "c315c0b1-240e-4055-ae1a-39dba79562f6", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "de91aba8-db6d-448a-a0b1-12b6f0d9b791", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "f30b78e8-9c72-4381-ad35-01da42b8fdb9", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "9deb41f0-c961-4401-9e62-b952cc90bbe2", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper" + ] + } + }, + { + "id": "715638cf-477f-4054-9b7c-d58343bfe8e3", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-role-list-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper", + "saml-user-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper" + ] + } + }, + { + "id": "eaf10353-6324-436b-908b-b31f33ad20b3", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "62366f38-6a8f-4bd1-a3f3-24d6586f6b3d", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "f179f0aa-3885-4123-b8f6-ad2795ce6a59", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "6b0a4ae3-7d8f-43d6-883d-d6186f8eb237", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "9f41ff93-422a-4dbd-bb74-ff0cc573d4f8", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "b71f4d8c-3daf-4aa0-87a4-62142737e66f", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "f10b68ce-bdd1-4d84-939f-49ac0b4d583d", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "4090717e-0bd3-429c-b005-1e503064e13e", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "568f0442-c735-47c3-a99a-bca7e05841a2", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "fb4158ee-bdfb-4a66-9d89-ccfb250a9cf5", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "f6b2eb2c-db8b-4f9c-ad0f-3716bad43f75", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "63d1e1cd-2fdf-446c-83bd-b05df0f4c209", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "28c6741f-5ce8-4366-be28-fa55d3657aa7", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d2f9506d-35fd-4ad2-941b-57379d89b2bb", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "7df49a98-e77a-4921-adfd-5d8f06f43203", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "90da87d4-5d4b-4908-9668-5a39966be2c6", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "15cff910-0f44-41f7-9c58-d751e0f11faa", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e44830c3-be7d-4069-80ad-e734d110839b", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "f5a769a2-b5b6-45da-a328-07ffdf021f29", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "900da95c-6aec-4fc6-8a13-d2ace7093954", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "48a5033d-3f9a-4b04-b1e8-92fdfd7c5a9c", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "aab33b03-6e09-4abb-b1ce-4bcc9a3a833f", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "608e7a0b-6afb-4a8b-890a-9653bceff5bd", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "0d2e0804-1570-4d70-ae2a-8ed2491e809e", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b3d92972-da18-40c3-b72c-5210ef0e5483", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c15433d2-79c9-404c-ba70-89c63cfcb961", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "63cc0a58-a291-4943-8352-605d92d7d596", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "959f2059-2b29-428e-8345-920f1e8ec738", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "a8cd31eb-0ddd-4dab-b2a6-8f2811aa342e", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/rc/Security-Company-realm.json b/import/realm-config/consortia/catenax-shared/rc/Security-Company-realm.json new file mode 100644 index 00000000..67ae73e2 --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/rc/Security-Company-realm.json @@ -0,0 +1,2182 @@ +{ + "id": "Security-Company", + "realm": "Security-Company", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "886e6c46-9fd4-4bc7-822b-bd01a5e2eec9", + "name": "default-roles-security-company", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "Security-Company", + "attributes": {} + }, + { + "id": "0d348799-1dae-43ba-92f7-3f59e37a29be", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "Security-Company", + "attributes": {} + }, + { + "id": "8dbe3dfa-70c0-486a-8912-f03d4c3507c2", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "Security-Company", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "f467f3f8-f003-434d-b9eb-9709b5420767", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "986ec9e6-2ae2-48f2-b73f-d53000efc4ba", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "c44dd6a4-0393-4577-96a0-e2d6ea4206a3", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "a3453f3e-6a97-4229-b580-4162306182b1", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "cf7a74b3-30e2-413f-b9cf-93ff6af87a8f", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "7c431d80-a74f-4583-9c85-e10a004b29cc", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "182d6eb8-b551-49a1-9681-044b83794bf5", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "5d48f929-3aa4-4e9b-95f3-b6664cb9124f", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "15acd0d8-c78f-4793-b578-0d8df73bdc93", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "29c6953d-8d60-48ad-ad29-47172aa3fd46", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "d35fa620-5d59-4697-880f-f35f15ac8c07", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "1a143089-6d4f-4af2-97a0-ba90a2b593ee", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "467e8421-3bad-4fab-9397-00df573ca6f9", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "bf61fd2f-f4fd-4290-899f-6ff2c03bec3c", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "33dab6e8-5f6b-439d-af89-5b89b70c7b94", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "5f7bfc76-0b59-417b-9e4d-db95043e469a", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "manage-events", + "view-events", + "query-realms", + "query-users", + "impersonation", + "view-clients", + "manage-identity-providers", + "view-realm", + "manage-clients", + "view-users", + "manage-users", + "create-client", + "query-clients", + "view-authorization", + "manage-realm", + "view-identity-providers", + "manage-authorization", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "9af22f43-269b-46b2-a8ed-fc21e6db5dbd", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "a94effc5-289e-4eec-9c4c-66189b90daff", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "32beb856-c8f3-41cb-bb9f-002ef64df4ed", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + } + ], + "Central-IdP": [], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "3b8bf692-7d3a-451b-b8e5-e6aa42cc2982", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "f109c0be-4558-4c7d-b3de-52e9fa724bb9", + "attributes": {} + } + ], + "account": [ + { + "id": "1f756096-e46f-4e4d-b071-5b1091d4b57d", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "7ecb626f-2559-43d3-8af4-9ccde6df85dd", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "bce79653-4543-4477-acae-47b463c68274", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "5f960bbf-3e3b-4917-8fdc-3cc06624298d", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "44277525-9adb-44b2-9bd3-062a150da843", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "ce39030d-9371-4ff1-9b72-83097e1c6d7a", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "231bee07-20ac-4d0c-8871-20e17314aab0", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "886e6c46-9fd4-4bc7-822b-bd01a5e2eec9", + "name": "default-roles-security-company", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "Security-Company" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Security-Company/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Security-Company/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "9ce7fcbd-47ae-4ae4-9327-988c7695124b", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Security-Company/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Security-Company/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "d648ca0a-e376-4f4c-bdfe-3e90dcbacba4", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d2f0ac9c-31e4-400f-aae7-ce2cfb8781df", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f109c0be-4558-4c7d-b3de-52e9fa724bb9", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1216ba84-922b-4790-9403-42f7d30e6819", + "clientId": "Central-IdP", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/broker/Security-Company/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "use.jwks.string": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "jwks.url": "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "847b0082-5840-4663-99dc-af3f890a94e4", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0a02fa25-0a93-4b84-9dec-0c237890ac46", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/Security-Company/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/Security-Company/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "568e42d0-33b9-460a-8208-36ce6c1a2dac", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "d802891e-db21-4bea-afd1-7e24a970b8cb", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "72757bac-a0c4-404a-9d00-3df755f2b342", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "4361375c-c328-4b37-aeb3-e9b1d7abb276", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "5ed11df0-e8fd-4e81-bc6b-e2f19edddebb", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "b8514845-f202-46f3-b57b-0c45c6942356", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "35600167-53bc-4fba-b014-872cafe0dd18", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "0aa575ba-d083-4e43-933d-b753b78f45a5", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "9752ca33-d47d-4157-b373-a364397e7113", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "3892e8ea-ee79-4f3c-9b73-eb1844fd049e", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "1e79baac-193c-4dc0-852f-001a175916bc", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "e8fc062f-f81d-4455-b6ca-a233a9653917", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "3852b5d6-aea4-4bc3-88fc-db9d76f8d861", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "2d15260c-2ed3-4d36-aff0-f07b3a1ddb59", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "1e20fc74-9ecc-4a3e-95bb-cfc595c3b4f1", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "fea21fcf-dec8-4971-bf97-be19ab17a05f", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "ec5e4f84-e37e-4072-a7c9-9b3354f22429", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "8573b82f-dffa-4bbd-b6e3-d618aae6e055", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "47f5363d-06a5-4005-86f3-0b93b385cd2a", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "673fbf76-163a-46a4-bbbb-917a3e226f4a", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "78c3a340-edea-41a9-8cc0-b505496144ad", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "3304f7bb-d013-4ae5-9bda-bbc37d8951e9", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "3d218792-9b0e-47cb-a265-0523fa4da94b", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "4e33fd9c-f748-47bf-b22d-ab1f842dd9ed", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "b4d6b59b-c067-4d05-8a84-b7a4d4c7f6c5", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "550215bf-1565-44d5-a971-70b0098cc485", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "4be82907-f750-4991-9a56-d984285f2f8c", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "08368322-07ab-438c-b704-e2439c5f13e5", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "a64cc361-e1b3-4713-ba34-f542cce02c32", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "0d4d75c4-393a-4351-ba26-72060ecff230", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "91808271-0138-4211-ad7b-813e1ef948b2", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "cb4f7939-e589-47b7-9bf3-66e335350a40", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "beec1440-282f-44ad-a16a-3d6acf2952c0", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "45fbbe82-4c94-496d-8afe-8e41c57703f3", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "00df8389-d9aa-40ce-a506-ace8491d1fa6", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "3c28e936-74fa-453c-8414-1b30eb996ce3", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-shared-portal", + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "bc8ee12e-e127-42ba-9537-bff78766696e", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "f1fd43ff-3c5f-4411-bc6a-2c817478b81e", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "94f19adc-1bfc-4e09-980e-f2f299f20700", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "bc597cb9-d0b8-4788-a59b-a0d67da55a04", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "efb29006-5914-4d8d-a1ac-ff9a9c6cd4ba", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "d2ea7294-1a79-46c4-9c98-3f21ca5d342b", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "oidc-usermodel-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-full-name-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper" + ] + } + }, + { + "id": "617bdcd6-39c8-49b8-a241-ecf7ee0ffe15", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-address-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-usermodel-property-mapper" + ] + } + }, + { + "id": "d177fc62-15a6-4970-b409-1f9b4ad1d95e", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "20151b2f-6a3b-49d7-b694-e027fa304b0b", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "a3e8d25a-db91-44d0-bdc7-03dccf1f4a67", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "e725ab57-4a8d-4156-87e1-c145f69a3f2a", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "5e77c53b-ea13-4dc4-ae28-a95ab15edc6c", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "15a447e2-a051-498e-b076-15c48f46b230", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "1bd3c6e5-7a4e-4b85-8122-fb07f0b3432c", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "02fd86a7-3767-44a8-9cb2-6d504089ec32", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "f1b3dea0-c3ff-4eb6-a0fb-8030a440858e", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "0dc8c123-7a0b-4db4-870d-0a089520c015", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "44ff7895-05fe-4006-b1bb-1b28dc4b9208", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "157e7cb5-dbf8-40bb-a7a5-16368a714550", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b2beeb45-3bbe-45d7-862b-5b681d1ed41d", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ee667b0e-a2cf-459c-9e1a-9241f26ad873", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "eacd2dbb-67ec-4767-9f4a-9cc9615d0332", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "9ddfd5fe-307b-495d-a7d2-7efa6aa87957", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "0d8e578f-4ccb-4c71-b296-06f41f501930", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "98d66eff-950c-4fb9-9ce2-0679a8e8c6ee", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "d93823ce-1beb-4348-bf38-2bb7b31e7da4", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7fd510f0-1724-4be3-a885-f6a6f4a2dded", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "2526bb68-b70c-4b0c-98dd-d3afc2c2c268", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7a84d102-5475-4c2a-a09c-6bd79ef8f78b", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ed57a1df-9d30-4848-8038-5b5af7ffa91c", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "cf9568e5-2f11-4171-807e-acae93448fa2", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ee22ee5b-a7b7-42c2-9b4f-059a3af99bce", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "0e1fdf7b-5ae7-428d-8d1d-3f0c2ecc3fe8", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "2ead2ee1-9c0a-4ac3-b794-b389026366be", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/rc/Service-Provider-realm.json b/import/realm-config/consortia/catenax-shared/rc/Service-Provider-realm.json new file mode 100644 index 00000000..1f5315a7 --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/rc/Service-Provider-realm.json @@ -0,0 +1,2159 @@ +{ + "id": "Service-Provider", + "realm": "Service-Provider", + "displayName": "Service-Provider", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "fa4020a7-cc46-44c4-9bab-4b28c3a74ade", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "Service-Provider", + "attributes": {} + }, + { + "id": "c413af07-9ca0-440d-8dc9-cf341b9a85c2", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "Service-Provider", + "attributes": {} + }, + { + "id": "bf44d46c-5aac-464b-bd81-5047b3fba34e", + "name": "default-roles-service-provider", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "Service-Provider", + "attributes": {} + } + ], + "client": { + "central-idp": [], + "realm-management": [ + { + "id": "1212c16d-22e9-41bc-acd2-7e80e6b7d391", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "7421d671-2914-4a32-80d7-f814b9677ad3", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "de22749d-b9b0-413a-a21c-fa5adc74161b", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "ea4051ca-ee8b-455f-9f22-5333d7daa9ed", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "bdd92049-607e-4bcb-a57f-1b263c7a90ea", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "80064cae-48db-4773-affa-3add0ca939e0", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "d2620813-1788-453b-a2ae-48f8a0ca54a1", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "2e7aa55e-f6c9-4310-9623-9c3f752bb9b3", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "368edd46-8ad1-4b44-aec6-35c9b8ba2600", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "2caedb06-e17b-49c5-85d8-ecedc6bea3b6", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "ee872b12-5cf4-44b3-915f-b8936eafce0f", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "6372d6d9-4fae-4a5a-a07b-0063968a2de7", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "view-events", + "query-groups", + "query-clients", + "view-users", + "query-realms", + "manage-identity-providers", + "manage-users", + "view-authorization", + "manage-events", + "manage-realm", + "view-identity-providers", + "manage-authorization", + "manage-clients", + "view-clients", + "view-realm", + "create-client", + "impersonation" + ] + } + }, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "a302263b-e927-456d-9e85-f1acfc3e3296", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "6de5b661-57cc-420a-bcde-79eb721a2ee8", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "c316b578-37a5-408c-b243-fcc80daab505", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "6f2cbe7e-4933-4d6b-8739-aacf9d29a14e", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "c6064978-258f-4a15-b0d7-74a0949ae44a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "5a4667ee-adc5-4adf-80eb-3d6084132bbe", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "e7b680e7-b912-4a1e-93e0-c73257ac5042", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "d1564bb2-cf32-4be8-95f8-711585ed0f0e", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "a0c977ef-edf0-4bf4-b401-28bda4f256a0", + "attributes": {} + } + ], + "account": [ + { + "id": "cd45653b-8d56-4556-94b7-7be0fbf86dd7", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "6ba1ce93-cc11-41f4-8c4f-a3c09ab7ed1c", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "6a0f3642-15c9-4da0-9623-5cbcdb3a0d05", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "0c15220b-0606-4529-ae65-4535c86dd468", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "9f5eaf3f-5fb7-489f-a8cd-60195336112b", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "6196a976-76ed-46fc-b950-0430c3a59fae", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "45832e00-45e7-47e1-8b28-0a8278a3af74", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "bf44d46c-5aac-464b-bd81-5047b3fba34e", + "name": "default-roles-service-provider", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "Service-Provider" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "length(15) and forceExpiredPasswordChange(90) and lowerCase(1) and digits(1) and notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Service-Provider/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Service-Provider/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e942b741-73d7-4a3c-a204-4e44b481ee70", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Service-Provider/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Service-Provider/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "e5781e73-e7c1-4144-8067-f41e9259af14", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1cae7582-f1cc-4ec0-a4e3-2d50c9382fdc", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "a0c977ef-edf0-4bf4-b401-28bda4f256a0", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "07db7625-60cc-4704-b84f-18b6fd9ba811", + "clientId": "central-idp", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/broker/Service-Provider/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "token.endpoint.auth.signing.alg": "RS256", + "use.jwks.url": "true", + "backchannel.logout.session.required": "true", + "jwks.url": "https://centralidp-rc.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "df0a36b0-2a66-451e-8273-089eaf1dd2b6", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/Service-Provider/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/Service-Provider/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "e7a5fda8-b151-401e-93eb-33cceb81ca3d", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "2faf075e-6dce-4c49-8f3e-eb5c082cb7a8", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "d4cf687c-2dcd-41a0-b793-a061274c5b6e", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "8427b87c-ff51-4150-9b6a-d78622218280", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "da597a68-7b86-4fe8-9a91-1cae27b6f57f", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "cd088762-67ba-4eda-bd5a-c84907750856", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "651e6c53-5f37-4616-b574-aadc44d34cd0", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "31ddbe29-3d2a-410a-8ce0-03f5f72ba835", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "95fd3d6b-570b-436f-9fb1-2cdfc758b6a4", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "2d683944-8331-436f-9015-ce0bd99c844b", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "ec2cb722-f909-4e9a-894f-84df70148922", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "b3f368ca-3ce1-4b7d-87d2-27f0f9241d2b", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "96c37824-44cc-4abd-9ae4-04d34632cde6", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "b45ac659-6593-4cd1-ad0d-3c06c8da1356", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "38dc1bda-db44-48ad-af02-f5f58ba119c1", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "3c738eb9-b2d1-44c1-a2b9-d5744be292b5", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "771399c7-d709-4669-b81d-b39d10045d6c", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "1098383f-ffb5-4c89-b096-6e898054a30a", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "2dcdf1d9-5079-4a22-b54a-04c848d55e24", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "d59cd4f6-6952-4ba4-809f-7b99dec6351a", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "2541c474-b659-4bfe-a6ef-19ce6efdccf8", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "6949b585-218f-42bc-bdc9-c9da6dbfbf0d", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "44e7ac4d-59b4-4c30-bade-823e32e9e9c3", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "e63b9221-d292-4ddd-87ff-b30b3dc2ad96", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "13344acd-5f3b-443d-a810-9e1a32a98fa4", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "80c2f409-d184-4b84-8034-457217c2cf04", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "dbad2185-2ecc-4385-b7c4-dbb877ad18c7", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "e9361d86-440b-4e55-bb5f-fa4a206916b8", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "17cc8c76-595a-4f88-8013-19bf2c2e8feb", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "ea4b3be6-4594-422d-b556-3f660a74a55e", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "5449ecba-fab5-4aea-8b8a-624ef4d0a494", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "1fea6f1c-d850-4e3a-8040-31600e34c1a1", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "c2ce1d88-0ded-4517-8a99-e09a9677f0a8", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "a972e5df-b5f0-42e9-bfe8-ccc8a873ca04", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "a128ec05-48fc-4334-bf1c-8a584cdc966a", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "dab45081-9f84-4336-9e83-df6ba08763ae", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "port": "587", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "c73ebf22-7caf-4395-bc27-b4cab94ce31e", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "5012219f-f13c-4519-9ddb-a837d7e47026", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "8b121ec2-8ffa-42a5-8fd3-b8d595a0cdd0", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "13bb9e0d-1bb9-470c-b64f-fb070afca264", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "ae3470ba-755c-47e0-a396-2b2108547a75", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-user-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper" + ] + } + }, + { + "id": "7b74c4d9-f31d-4971-828f-d95333f8a8e1", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "b89c0247-12e5-4e55-9d6d-ef647fc373a2", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "dd81b671-39c3-4de1-b56b-2baea35697d5", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-property-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "2436d207-680a-4cac-9676-4e81df7594bc", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "01570277-a4dd-4096-b791-bac6bb07e099", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "1c67e421-e33d-4e75-b964-3246e1c11cc7", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "dd74f38e-ff26-45bf-a680-50397a50846f", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "fc5a3525-9e89-4dee-a9fc-2370225e07f7", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "eb6e8a89-1d17-4450-a8d7-78c6f21a4073", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b3437843-3921-4d8f-a417-2520055a0037", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "8dfeacbe-4c1e-466d-b3eb-f64d6b63f9d7", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "451ecf62-cbd1-41a8-b14f-cea0f20d6d99", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "2e9a6da0-ac3d-469c-b0c7-b4c34d998738", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "23d88e58-7be4-4110-ae47-68f92a5cad55", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "42be9b7a-990f-4eeb-9c26-f95c9ab5312a", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "93cc43b6-958d-4a61-aa03-af32112b9b2e", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "073e38e5-32cd-46f1-9330-580024ffa42d", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "f0cf5a31-a8d5-49ea-b0af-7064843b4849", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "8a1dc7f5-1729-46df-82e2-190ff9c9247a", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "661fc7af-4d71-40e3-b1e1-d17223d826db", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "2a252836-b6c5-4a2d-8aa6-3153c4fcbe13", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7a09f065-1ae6-4926-a7f3-aa736926def5", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b38b593b-bb79-483a-9b0d-55874010479d", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "aa3c210d-b828-4449-a610-5096b40ce612", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "babad3dd-2d28-4520-b620-d3ed492eadc4", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "0462a9b5-fd75-469e-84c8-5124bdb80e1a", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "8561fc66-d0bc-4b2a-91c8-d197017f0f7f", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "0b2cf9c9-6f4a-4583-bb43-b1856f1e54eb", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "cee6d341-3c7f-4936-932d-7250ad835d93", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/rc/master-realm.json b/import/realm-config/consortia/catenax-shared/rc/master-realm.json new file mode 100644 index 00000000..717a8798 --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/rc/master-realm.json @@ -0,0 +1,4985 @@ +{ + "id": "master", + "realm": "master", + "displayName": "RC Shared Identity Provider", + "displayNameHtml": "
Keycloak
", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 60, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 600, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "00d3332e-7a24-4b78-80c4-f2c763ea006a", + "name": "cx-admin", + "description": "Catena-X Admin\n- used for partner invite", + "composite": true, + "composites": { + "realm": [ + "create-realm" + ], + "client": { + "master-realm": [ + "manage-clients", + "manage-users", + "manage-realm" + ] + } + }, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "33990584-d02c-4459-8e50-e71c36bbd286", + "name": "default-roles-master", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "4a156096-0057-47df-a606-f76644f5c34f", + "name": "admin", + "description": "${role_admin}", + "composite": true, + "composites": { + "realm": [ + "create-realm" + ], + "client": { + "App-Provider-realm": [ + "manage-identity-providers", + "view-authorization", + "query-groups", + "query-clients", + "view-events", + "manage-clients", + "create-client", + "manage-authorization", + "manage-users", + "manage-realm", + "view-clients", + "manage-events", + "view-identity-providers", + "query-users", + "view-realm", + "view-users", + "impersonation", + "query-realms" + ], + "CX-Test-Access-realm": [ + "manage-realm", + "create-client", + "view-realm", + "view-identity-providers", + "view-events", + "query-groups", + "query-users", + "manage-authorization", + "view-clients", + "query-realms", + "impersonation", + "manage-clients", + "manage-events", + "view-users", + "manage-users", + "view-authorization", + "query-clients", + "manage-identity-providers" + ], + "Company-2-realm": [ + "manage-authorization", + "query-realms", + "impersonation", + "view-authorization", + "view-events", + "view-identity-providers", + "manage-identity-providers", + "manage-clients", + "create-client", + "manage-events", + "view-realm", + "manage-realm", + "query-groups", + "query-users", + "view-users", + "view-clients", + "manage-users", + "query-clients" + ], + "CX-Operator-realm": [ + "manage-authorization", + "query-groups", + "view-users", + "manage-users", + "view-clients", + "manage-clients", + "create-client", + "view-realm", + "impersonation", + "query-clients", + "query-users", + "view-identity-providers", + "manage-identity-providers", + "manage-events", + "view-events", + "manage-realm", + "view-authorization", + "query-realms" + ], + "Security-Company-realm": [ + "query-realms", + "create-client", + "manage-identity-providers", + "view-identity-providers", + "manage-events", + "impersonation", + "manage-realm", + "query-clients", + "manage-authorization", + "view-clients", + "manage-users", + "query-groups", + "view-authorization", + "query-users", + "view-users", + "view-events", + "manage-clients", + "view-realm" + ], + "master-realm": [ + "query-users", + "query-groups", + "create-client", + "impersonation", + "query-clients", + "manage-identity-providers", + "view-authorization", + "view-events", + "manage-events", + "manage-authorization", + "manage-realm", + "view-identity-providers", + "query-realms", + "manage-users", + "view-clients", + "manage-clients", + "view-users", + "view-realm" + ], + "Company-1-realm": [ + "query-groups", + "query-users", + "view-clients", + "impersonation", + "query-clients", + "manage-events", + "manage-realm", + "manage-authorization", + "view-events", + "view-realm", + "manage-clients", + "view-authorization", + "query-realms", + "create-client", + "manage-users", + "view-users", + "view-identity-providers", + "manage-identity-providers" + ], + "Service-Provider-realm": [ + "view-users", + "query-users", + "view-events", + "view-realm", + "impersonation", + "manage-users", + "query-realms", + "view-clients", + "manage-authorization", + "query-clients", + "manage-identity-providers", + "view-authorization", + "manage-events", + "manage-realm", + "view-identity-providers", + "query-groups", + "manage-clients", + "create-client" + ] + } + }, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "0bba2da6-005c-4ded-bf09-671f5cc1e6a0", + "name": "create-realm", + "description": "${role_create-realm}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "e4108209-6e10-4a8a-ad1c-2f9fdd2a92a7", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "c67fb695-8c3b-4e4d-83b9-13607c232e9b", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + } + ], + "client": { + "saService-Provider": [], + "CX-Operator-realm": [ + { + "id": "013ce7f0-c788-4a82-a631-41ba84097f7f", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "9330bbe7-fc70-46cc-803b-52abfb1f4e2c", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "6cf11fe7-61de-48f4-8838-e384de5892de", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "d2c74cbe-ed9f-4c84-bd46-9c76a43049b0", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "f8e8d48c-03ad-4bd2-ad6b-6c034627c6a7", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "ddc29dcc-d29b-4b87-b592-bee9dd0ff1d7", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "5eee98ad-a283-4418-bec3-20c51ff9704f", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "d8ce081f-2f0c-47e0-8f52-a6e2cdd88f5f", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "9f0a7c15-bc5e-4a92-b6c9-1f55e305a2ac", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "3f40fcea-c033-408e-b48b-82256ee7393c", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "CX-Operator-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "41974713-fd5c-45ff-9ac3-753bc74c65b6", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "246730b0-406d-4c40-9d5f-513f9881d43f", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "6ea05980-fc04-48b4-b5f9-cd5670407992", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "961b7bc5-b100-4905-b0c5-8d8509fcacc0", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "123094e6-257b-4628-ada7-412b06b7d25b", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "5253ff75-4e36-4423-bc23-5f482a354d3f", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "f254a28f-13c1-46ac-8a40-f0cb85b743b7", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "CX-Operator-realm": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "0ade4dd7-4f7c-4d5c-a6b3-a9099436db74", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + } + ], + "security-admin-console": [], + "account-console": [], + "broker": [ + { + "id": "af71a761-9a75-41ff-a6ee-c77e72f595db", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "d8fbcdf8-75f5-4066-8a3e-646335c66435", + "attributes": {} + } + ], + "master-realm": [ + { + "id": "a20a1fb2-d04d-4346-8489-8d2485d11127", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "4fb77de6-a224-4dd9-8be6-c7c75aa7ea84", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "46d4a01d-56b7-4b5b-a623-358f5a5ad341", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "88892c66-831f-4606-ae14-bb53eab7cf2e", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "d4bcfbb7-d5df-4162-bc9d-ce29268b2034", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "d8a10613-a444-4807-941c-8f96738a25d9", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "87da293a-6386-4115-a829-d98d15e0f061", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "b91789fa-33a0-4eac-9ff2-b1e4c20141e5", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "master-realm": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "ca4523e1-fc8d-4fe3-acff-415dca8969f9", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "d0e98072-144d-45c4-91bb-b91f8816dcb2", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "master-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "2f3d396e-6741-49af-858a-e2c13b6a6267", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "f73ca8b5-06eb-4422-b488-1d1c5ad3fd3e", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "6b7bb957-3a9a-497d-9fef-ca7c0c841539", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "ad26c837-0a2c-4c7e-bf26-9d862409cd9d", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "7e01d1cd-a8d2-4dfb-b8a9-072aedbab4d6", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "9de47466-4370-4375-b2ec-ba9d07e76ca3", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "ed3cf7ba-92dc-43cd-9763-00f2dfbefc6a", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "793c4ee8-7d58-4a9c-9c7e-8f6e3fafa7ad", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + } + ], + "Company-1-realm": [ + { + "id": "e795aac8-ac54-47c8-ae5a-2a5543dc3114", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "a1b5f575-e4dc-4f38-8cc1-74fda26d7394", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "9dda9fbd-4a5f-4c6e-ab50-788df00105bc", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "f7bc19eb-807f-4ef6-b9e9-df9587324e3b", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "3830fbbc-2eaa-4f33-9e67-6c37ec716319", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "1dd674ef-3289-40cc-91dd-353a9c01af7b", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "Company-1-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "8a880751-d507-4f38-b169-58cef7241efc", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "d7ba10c1-1cec-4941-9309-a937563b72de", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "397ff4ec-1b09-4694-b052-ae0ae0a763cf", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "ac205a93-fa02-4f99-b5fd-601a371214f8", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "19da690a-8654-4d00-a743-cd975bba64e2", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "8e406890-47ae-4aae-bf4e-5d7c10772b15", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "Company-1-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "86683ec4-558d-47fc-9d75-aa48f6a5b942", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "7148c798-7ff7-4d07-bc6d-11980c09fc5f", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "f459b98a-df84-4f36-aba7-6a33da16b53c", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "f574a2de-4bee-4f89-9e6d-e984f827920b", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "519d90e9-09a3-44e3-8b6c-2e84ec99f395", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "d091d7de-1a28-436c-ab91-cb8026cced0f", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + } + ], + "Service-Provider-realm": [ + { + "id": "a8f1b415-c048-4b0f-bff9-72006514acdf", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "Service-Provider-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "3ab35e81-071a-47a5-8beb-3e4fabb9c290", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "Service-Provider-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "36e22139-4e8c-457e-bf7d-f10254fb147d", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "b1dd521d-4791-480d-a889-d49d23d367a5", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "c572e6b3-e1a1-4e2a-8ba4-4b43fcef4f77", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "d7126a97-57d3-4840-9132-efcbbe96f0c7", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "5512a1ea-ba60-44a7-9914-65116330204a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "d064a52c-ef0b-401a-9eeb-54ad10a19c25", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "327d3de4-f132-4036-af4c-bdb43534d949", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "964d3dbb-4a6f-427d-81d4-5804b84484f0", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "2e777937-594c-4248-b56e-40e1800d1cc1", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "5e7c3975-abdb-40ea-b8a7-d39cdc3158f9", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "3b378667-6a0a-464a-9fcd-eec3a082c78a", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "d355b9a2-b747-4c74-bb4c-b2638377ba17", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "a62e03fc-54af-48b0-88c7-f227423866d2", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "e3d995f0-b6d3-4d3c-9b9f-6078dd44ce37", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "a580c5d9-03c4-42d4-9903-4dbe0f0de7de", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "41db4048-09cf-4ec8-b0d6-fac47bc954eb", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + } + ], + "App-Provider-realm": [ + { + "id": "f1d51e8f-3f52-4790-b678-0448e1d476af", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "0476e809-be64-48e2-b84b-59ddcbafeb78", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "78b363d9-f62d-43b4-9e83-f455cfc2977c", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "a73abcc0-e7e8-4f2c-af1b-2fc4ddd435a0", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "App-Provider-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "dfcb34d4-8b5a-4d46-ab00-f130d6816d26", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "66c5ec6c-e70a-4727-8e5a-41021f4f4f01", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "6617263e-029e-4450-ac0d-cc682100af34", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "App-Provider-realm": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "236d830d-1543-42c0-b87a-b02940d4ccad", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "bd4a8462-5048-4afb-8756-33714ed54f72", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "ac10393e-fcd0-4624-992d-648168223d57", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "0da5af9e-833c-44e6-9322-eec30b54d783", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "85227314-d7e3-41bb-b302-3eac01323f0a", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "eefd123e-b0d6-44e7-91ee-9b3bac4ed33b", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "fcf67320-9cd2-483c-94a9-7e5efe0761f0", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "40f6a84d-e476-49dd-b032-40b030e915ff", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "960df3b9-09c7-40ba-b759-c015d9de4377", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "95d6203b-e89a-47e4-b156-56ad65ffbc5e", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "c71b0804-96ad-4925-929c-6383f08d4591", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + } + ], + "Company-2-realm": [ + { + "id": "e0b096da-d5e6-4e67-b1cd-9c515475ce9e", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "dcfa3288-1423-4be1-a254-bee9e8fea521", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "d673333d-9214-45e9-b04a-208f4e1af532", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "6b6304e8-20eb-4d28-80c7-d03c9385e680", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "667a6c72-ba3c-47ad-8ff5-6127e448594e", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "Company-2-realm": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "366902d2-2174-4054-b045-06257c934338", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "aea92bf9-6cdd-4258-8064-f96e2bc9ea9b", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "be016ec3-7867-4844-8e67-04e4c342a484", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "15e5c8c5-4f7e-42c4-a2bd-2f3a4e83b22c", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "7a4b9e0c-cb03-49e7-8551-b4ffb1e59f3b", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "7b24f1e5-94c7-4118-8271-beebc2f9ea9e", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "2cf006a0-47a7-4273-b9d6-3f636dfe1ebc", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "9d2ee03e-a066-440a-a066-2a14eca8ed26", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "b73e1cd2-9890-4665-a804-8c6d5480105c", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "ee3bfd34-1d50-49e5-bdfa-acc7dc834fd0", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "Company-2-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "6bcb51ed-41bf-4d8c-a653-cbccdede68d3", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "9d43f379-f1f3-4618-86b4-9768517e8119", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "123407ce-b27a-4fbb-bd8b-cc11f5f64dc7", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + } + ], + "CX-Test-Access-realm": [ + { + "id": "60dd7daf-7330-4be9-bf9d-d1a79f4d7f2c", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "8dbf1242-6c6c-4e18-96f8-0539491f7d29", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "b7fc150e-7264-4a07-ab08-c403fc43936d", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "c4498895-6b99-4a7d-a0ea-c3fb3cafbde0", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "9e7991cd-334a-4d5c-9fb5-2f3769380145", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "a4efd8df-ed4b-4c4d-868f-0540d8460330", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "3a0d8cc8-8c07-40ba-ba85-69818ceaaaac", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "c20589f9-e397-47cb-a453-ac2dcfc983a4", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "CX-Test-Access-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "5bc5878f-86eb-42a6-beb9-2b64c65b75c5", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "7c50d3ea-f464-4547-8cef-85e6f52cf33e", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "ad631b5f-af22-41e5-8436-97ea0fa269c0", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "8872fb8f-347a-4e49-b010-e7c7836222f6", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "c28a9bab-7efc-4069-9be2-3d6ec5108447", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "70c51e96-f12e-4f74-bcd8-bb971f65ff45", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "54ed008c-b560-4719-b1fa-cdfa3c673dc9", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "ef9fb258-409b-4c22-ad66-7796f3774c5a", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "edd4e1a5-d471-4443-ba84-c3fdea98cdf0", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "b851b34b-5043-4eb2-8534-3b36b8e471c0", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "CX-Test-Access-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + } + ], + "sa-cl1-reg-1": [], + "saCompany-2": [], + "Security-Company-realm": [ + { + "id": "8e53cf29-6c1d-44f5-8546-52bcf1915da3", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "c9534884-6ddb-4204-95fc-8d2218a61ed5", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "f739cd50-8f4a-410a-bce9-fb0e67c88166", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "Security-Company-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "c8e22644-951f-47c8-873b-475d747a0986", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "c0a78e16-8e62-44e4-9cf3-a5d2a991ebdc", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "c9a1b64c-a0c5-4fbf-a30f-9d34f9e7f292", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "2b6cea07-f8ca-4561-9726-1f7ba5328752", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "611f5118-f53d-433f-99e4-337c8a8aaff4", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "8223bc3b-01a6-4a45-906b-e9aa6e5a1480", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "6179eac2-6487-4f31-8c04-a97d7061791b", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "f085daf8-f46a-4cd6-a866-e3c1215cc212", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "31d56175-3549-48b9-a800-e5eec5ff95c2", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "616d993b-25b8-4dca-85e6-ee5c48d83861", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "a446f21a-5bfa-4d2e-b50e-5f01eec60002", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "Security-Company-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "1780be21-25b4-47be-805c-ab43be7e7ed8", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "374240fe-6aae-4a50-822e-78447e83d269", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "79c13b15-d6b0-4777-aecb-1d3fec733695", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "f7764034-803d-4f03-8766-2ef6fc0e7728", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + } + ], + "admin-cli": [], + "saSecurity-Company": [], + "saApp-Provider": [], + "saCX-Test-Access": [], + "account": [ + { + "id": "cf082508-5c71-410d-9c04-22e92208e1d2", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "1c486d7a-6257-4bf7-8f74-8828a0b63428", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "e0176946-c4b2-4eed-a130-31801dee9e4d", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "43e434f2-62a2-477c-8624-ec303b9268aa", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "c6ae9e18-f32b-4401-80a8-d3af924ed72d", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "af589f31-2daf-4f6c-9b52-acfe2d5df92d", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "b78fed2a-063e-4563-8f1d-09e68771f872", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + } + ], + "saCompany-1": [], + "saCX-Operator": [] + } + }, + "groups": [], + "defaultRole": { + "id": "33990584-d02c-4459-8e50-e71c36bbd286", + "name": "default-roles-master", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "master" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "users": [ + { + "id": "b3a88307-e809-4d1e-bf9e-95d272b2ec08", + "createdTimestamp": 1667916400014, + "username": "service-account-saapp-provider", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saApp-Provider", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "App-Provider-realm": [ + "view-events", + "manage-identity-providers", + "manage-authorization", + "view-clients", + "manage-users", + "manage-clients", + "view-users", + "manage-events", + "manage-realm", + "query-realms", + "view-identity-providers", + "view-authorization", + "query-clients", + "query-users", + "view-realm", + "create-client", + "query-groups" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "68139542-dfb7-46ba-86a3-774d6f386c26", + "createdTimestamp": 1651783160914, + "username": "service-account-sa-cl1-reg-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl1-reg-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "cx-admin" + ], + "clientRoles": { + "CX-Test-Access-realm": [ + "query-realms", + "manage-realm", + "manage-clients", + "create-client", + "manage-events", + "view-users", + "view-realm", + "view-identity-providers", + "manage-users", + "view-events", + "query-groups", + "view-authorization", + "query-users", + "manage-authorization", + "query-clients", + "manage-identity-providers", + "view-clients" + ], + "Company-2-realm": [ + "manage-authorization", + "manage-realm", + "query-realms", + "query-groups", + "query-users", + "view-authorization", + "view-users", + "view-events", + "view-identity-providers", + "manage-identity-providers", + "manage-clients", + "view-clients", + "manage-users", + "create-client", + "manage-events", + "query-clients", + "view-realm" + ], + "Company-1-realm": [ + "query-groups", + "query-users", + "view-events", + "view-clients", + "view-realm", + "manage-clients", + "view-authorization", + "query-realms", + "create-client", + "manage-users", + "view-users", + "query-clients", + "view-identity-providers", + "manage-events", + "manage-identity-providers", + "manage-realm", + "manage-authorization" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f70479f8-d521-4f70-9992-9f43202c94df", + "createdTimestamp": 1662631675780, + "username": "service-account-sacompany-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saCompany-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "Company-1-realm": [ + "view-events", + "view-identity-providers", + "manage-events", + "query-groups", + "query-realms", + "view-clients", + "view-realm", + "create-client", + "manage-identity-providers", + "manage-users", + "manage-clients", + "view-users", + "query-clients", + "manage-realm", + "manage-authorization", + "query-users", + "view-authorization" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "63d0617c-5f6a-44cf-9a2f-cfed52198966", + "createdTimestamp": 1662636063960, + "username": "service-account-sacompany-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saCompany-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "Company-2-realm": [ + "query-users", + "create-client", + "view-authorization", + "view-users", + "manage-authorization", + "manage-events", + "view-events", + "query-clients", + "view-identity-providers", + "manage-realm", + "view-realm", + "manage-identity-providers", + "manage-clients", + "view-clients", + "query-realms", + "manage-users", + "query-groups" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "16c63ad1-51dd-4cb2-8d2f-0845ecd63420", + "createdTimestamp": 1667916488132, + "username": "service-account-sacx-operator", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saCX-Operator", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "CX-Operator-realm": [ + "manage-authorization", + "view-identity-providers", + "view-realm", + "query-clients", + "manage-identity-providers", + "view-authorization", + "query-groups", + "manage-users", + "view-clients", + "manage-events", + "query-realms", + "query-users", + "manage-clients", + "view-events", + "view-users", + "manage-realm", + "create-client" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "4902801a-5600-43eb-8208-243d6b0510f2", + "createdTimestamp": 1662631616981, + "username": "service-account-sacx-test-access", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saCX-Test-Access", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "CX-Test-Access-realm": [ + "query-realms", + "create-client", + "manage-users", + "manage-realm", + "view-authorization", + "manage-events", + "query-users", + "view-users", + "view-events", + "view-realm", + "query-groups", + "manage-authorization", + "query-clients", + "view-identity-providers", + "manage-identity-providers", + "manage-clients", + "view-clients" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "d9df3479-5dc3-4a90-b241-414bce6368bc", + "createdTimestamp": 1667904120416, + "username": "service-account-sasecurity-company", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saSecurity-Company", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master" + ], + "clientRoles": { + "Security-Company-realm": [ + "view-authorization", + "manage-clients", + "view-clients", + "view-events", + "query-realms", + "query-users", + "create-client", + "query-clients", + "manage-users", + "manage-realm", + "manage-identity-providers", + "view-identity-providers", + "view-users", + "manage-events", + "view-realm", + "query-groups", + "manage-authorization" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "dab91af3-d47a-4995-acfe-5afd144791e8", + "createdTimestamp": 1667916201244, + "username": "service-account-saservice-provider", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saService-Provider", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "Service-Provider-realm": [ + "view-users", + "view-clients", + "view-identity-providers", + "view-authorization", + "manage-clients", + "view-realm", + "query-users", + "manage-identity-providers", + "query-groups", + "manage-authorization", + "manage-users", + "manage-events", + "create-client", + "manage-realm", + "query-clients", + "view-events", + "query-realms" + ] + }, + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/master/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/master/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "ae3d7f21-5fe2-4a4e-aceb-c2d787da96e2", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/master/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/master/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "b4e9445d-2c6d-4911-b959-e081b164bf9b", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f44bc41d-754a-4ae6-96b4-66dbaa4da64e", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "bdfe8696-2b0d-460c-8281-04e52182a190", + "clientId": "App-Provider-realm", + "name": "App-Provider Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "d8fbcdf8-75f5-4066-8a3e-646335c66435", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "clientId": "Company-1-realm", + "name": "Company 1 Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "clientId": "Company-2-realm", + "name": "Company-2 Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "64acfb98-b4e9-42da-936f-815848d841c5", + "clientId": "CX-Operator-realm", + "name": "CX-Operator Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "clientId": "CX-Test-Access-realm", + "name": "CX-Test-Access Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "clientId": "master-realm", + "name": "master Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d430cf93-c417-4e30-882c-0b1533093b90", + "clientId": "saApp-Provider", + "name": "saApp-Provider", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ba028d33-16aa-4138-997f-1ea356c6ae9b", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9b803677-df6d-458c-98de-873d210150be", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "39a9ee05-f8d3-4ee7-8e0f-b4f135407a3d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "378c7cad-c6dc-49db-b3dd-fea6d9365edb", + "clientId": "sa-cl1-reg-1", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.shared.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ae96ff8d-954f-4477-a287-aa8526abd333", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "9579b4d3-2acf-4e56-a39a-04d6f6b368aa", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b297c502-919d-4300-95f7-a05f77530160", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "3901aec4-9ce4-4f0e-902e-49a37dccb750", + "clientId": "saCompany-1", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "fa1d8be5-58fc-4b68-a28e-a1746e93a95a", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ccbffd3f-8c5d-41e4-8a83-736043c1299e", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "a5196457-7045-494a-86bf-c484f5e17352", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "70c63755-4273-40e2-8278-c2b3111947e8", + "clientId": "saCompany-2", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "017c90c7-a5ea-4c65-9024-32bc5a35c698", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "2b6b1b40-d6c1-40a6-b10f-d2e673f5b7cd", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "c91bfb29-4aab-4ef8-bb9c-c9f7487ef69b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "22dcd29e-f435-4662-98db-5a9b35d1109e", + "clientId": "saCX-Operator", + "name": "saCX-Operator", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ed69a2eb-aa9c-4fb4-9923-db99100accf8", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "132b1ccb-7448-4b74-bf5f-9ebc412ff2e1", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "a5678011-108c-4c90-ba38-2c07a32abcd9", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4959df64-e4b4-4266-a6d2-ec50fea948f1", + "clientId": "saCX-Test-Access", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f1b81bc5-e71c-4f75-9ffb-4d0274f2e422", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "73de9de3-4d98-459a-8248-6cd83c6e6ec3", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "abf2c37d-73a1-4279-853b-8394bf79b9aa", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "343e2607-4150-49e4-89c7-d378e6a3104d", + "clientId": "saSecurity-Company", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "a6915977-973d-44d0-8586-7ab78f3ad8ec", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c02d0e86-e92b-4812-990f-20b07364cf5d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "32400226-7944-46d2-b124-1073ead99986", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b6cbc5a4-93df-470d-abc0-c476e82685e9", + "clientId": "saService-Provider", + "name": "saService-Provider", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "9b15fcda-2d9a-4d24-b4df-e278c5fdcdc0", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "22a00c4d-f63f-4cd2-a6b1-27d436b8003a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "13ef52b0-6517-41c7-8cfe-c82d9fa831d0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dbfbfd57-b92a-4ce1-9b00-aa4a0ba7d616", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/master/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/master/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "a43fc1aa-bea4-44ab-af81-fca46bd17c16", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "20f50095-760c-425e-a55d-0a8928ed1a73", + "clientId": "Security-Company-realm", + "name": "Security-Company Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "clientId": "Service-Provider-realm", + "name": "Service-Provider Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + } + ], + "clientScopes": [ + { + "id": "ddf08713-aa3b-42f5-ba5f-eaa38ce9b45d", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "d09c784b-c13f-4f0e-8f63-5893b19a6ee5", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "93cc264c-f041-4000-a057-86ed3bec9bae", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "97d5e593-ae0b-4107-ae85-71feffeb2328", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "653a4a7f-fa55-4762-8f80-97b0c70c0fb1", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "6ddf096b-ab83-4e07-92de-1af9450981d6", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "582ce909-19cc-47ac-983b-b160c1033aac", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "a5a0ca1e-72ed-427c-aeaf-264561a902dc", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "13e09171-a147-4279-aa95-00f24ca40209", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "ce567836-1d68-477e-a369-faac9988f5d5", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "7fac83c8-8542-4e58-ac0a-8cd2f35a14e2", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "563b1f24-7a17-45d5-9e9b-ec02f55f29ac", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "ddf6bfd2-162a-4148-82e8-bfcc972d38d9", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "63b37003-4667-4204-ba10-82bd805eedbd", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "43168770-1852-4bd3-a001-ecb8f43e2d01", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "4f43d257-bcd4-424b-ac4c-7ed6106bda7b", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "bcfd9120-456b-4e56-bb19-8412b3bb8e65", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "248c6b5b-6c56-47c4-8e3e-78d0f1c4b354", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "a3a199ea-9bf8-4650-a94e-ca76e033ecfb", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "5e823a7c-6cfe-44c6-8f9a-46f04f9c81a8", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "e8260072-8d11-40ff-8e4a-173cb34ce149", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "6d17b7a8-1436-4b95-b728-43fb616c9206", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "0935b850-6bb3-48df-8569-48559e133cac", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "6a998c2f-6cbd-404c-99d5-18cc0fbc1b69", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "e1ea2afa-d72e-491a-b0d7-570dad902381", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "9ce88d9e-4509-4c33-8839-aea32dec751b", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "24569b37-2897-4fe3-b57c-4c9f30260a24", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "fb833196-4695-4980-9773-d701170d8df6", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "b2381aa1-9ccc-4eca-af18-d144a265c6e9", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "095a37c3-0e99-41ac-98fc-0be41134a718", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "440d4070-c9c0-4ddc-8b9c-f75b13c6bf73", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "e23fb472-ae87-45b9-9bfe-902c705202d6", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "c05c8d76-8345-4f32-aef0-0f9074deeea3", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "64575817-79e6-4ce4-97f2-d98d84ed85aa", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "24e7717d-ef9a-462b-8153-812155508de6", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "port": "587", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "eventsEnabled": true, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [ + "UPDATE_CONSENT_ERROR", + "SEND_RESET_PASSWORD", + "GRANT_CONSENT", + "VERIFY_PROFILE_ERROR", + "UPDATE_TOTP", + "REMOVE_TOTP", + "REVOKE_GRANT", + "LOGIN_ERROR", + "CLIENT_LOGIN", + "RESET_PASSWORD_ERROR", + "IMPERSONATE_ERROR", + "CODE_TO_TOKEN_ERROR", + "CUSTOM_REQUIRED_ACTION", + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", + "RESTART_AUTHENTICATION", + "UPDATE_PROFILE_ERROR", + "IMPERSONATE", + "LOGIN", + "UPDATE_PASSWORD_ERROR", + "OAUTH2_DEVICE_VERIFY_USER_CODE", + "CLIENT_INITIATED_ACCOUNT_LINKING", + "TOKEN_EXCHANGE", + "REGISTER", + "LOGOUT", + "AUTHREQID_TO_TOKEN", + "DELETE_ACCOUNT_ERROR", + "CLIENT_REGISTER", + "IDENTITY_PROVIDER_LINK_ACCOUNT", + "UPDATE_PASSWORD", + "DELETE_ACCOUNT", + "FEDERATED_IDENTITY_LINK_ERROR", + "CLIENT_DELETE", + "IDENTITY_PROVIDER_FIRST_LOGIN", + "VERIFY_EMAIL", + "CLIENT_DELETE_ERROR", + "CLIENT_LOGIN_ERROR", + "RESTART_AUTHENTICATION_ERROR", + "REMOVE_FEDERATED_IDENTITY_ERROR", + "EXECUTE_ACTIONS", + "TOKEN_EXCHANGE_ERROR", + "PERMISSION_TOKEN", + "SEND_IDENTITY_PROVIDER_LINK_ERROR", + "EXECUTE_ACTION_TOKEN_ERROR", + "SEND_VERIFY_EMAIL", + "OAUTH2_DEVICE_AUTH", + "EXECUTE_ACTIONS_ERROR", + "REMOVE_FEDERATED_IDENTITY", + "OAUTH2_DEVICE_CODE_TO_TOKEN", + "IDENTITY_PROVIDER_POST_LOGIN", + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", + "UPDATE_EMAIL", + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", + "REGISTER_ERROR", + "REVOKE_GRANT_ERROR", + "LOGOUT_ERROR", + "UPDATE_EMAIL_ERROR", + "EXECUTE_ACTION_TOKEN", + "CLIENT_UPDATE_ERROR", + "UPDATE_PROFILE", + "AUTHREQID_TO_TOKEN_ERROR", + "FEDERATED_IDENTITY_LINK", + "CLIENT_REGISTER_ERROR", + "SEND_VERIFY_EMAIL_ERROR", + "SEND_IDENTITY_PROVIDER_LINK", + "RESET_PASSWORD", + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", + "OAUTH2_DEVICE_AUTH_ERROR", + "UPDATE_CONSENT", + "REMOVE_TOTP_ERROR", + "VERIFY_EMAIL_ERROR", + "SEND_RESET_PASSWORD_ERROR", + "CLIENT_UPDATE", + "IDENTITY_PROVIDER_POST_LOGIN_ERROR", + "CUSTOM_REQUIRED_ACTION_ERROR", + "UPDATE_TOTP_ERROR", + "CODE_TO_TOKEN", + "VERIFY_PROFILE", + "GRANT_CONSENT_ERROR", + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" + ], + "adminEventsEnabled": true, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "b090f376-44ea-48f2-8fd6-921e13adb786", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "1d220609-5565-43d8-95c9-0c1c79516531", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "5f3cb95d-2844-4740-8496-3926809020e2", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "e9c810f9-fce0-4d9e-8dcb-79ae397bc814", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "54be4ec2-8fc2-4882-8058-79a3d69bce80", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "ecadeac0-7496-47fd-b10d-79f3461bb896", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-attribute-mapper", + "saml-user-property-mapper", + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper" + ] + } + }, + { + "id": "3c52ce03-6518-460c-ac6a-89fd37bad747", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "20b218ed-2ef8-4b75-a4fe-6715d8aeb8d8", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-property-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-address-mapper" + ] + } + } + ], + "org.keycloak.userprofile.UserProfileProvider": [ + { + "id": "ad484781-1154-4e4c-8c49-865ddaeba6b6", + "providerId": "declarative-user-profile", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "87eaeab2-63ed-4199-b5ac-dfd536a8ee4e", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "b5bbb5c7-5db4-434f-a5ac-996d527a5b60", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "abbe387e-c190-47d5-8a8e-247318b060ba", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "535ed0da-498d-41a4-95e7-3848efb05e5d", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "186ac06a-fc68-44d2-8256-0c634b870b15", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "6cb679be-c67c-45d6-903c-c468c0d90c98", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "da33ae56-9c1e-491b-ae0a-b55e6b5b9e1c", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "0f9fa688-65e9-49b1-8893-c2ed457ed2bb", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "2d977838-9c53-4a3d-9886-c74369dcd662", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "e407fded-b032-481c-95f8-db1fcac15afa", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "5ee38974-1a7a-4811-94a8-feb8c24f5585", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b625ace5-30f6-4435-8067-69096564566b", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "4c1208cc-c00d-40f8-a17b-085afb2c3140", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "78bf253e-edf3-418a-ae52-f0728fa8dfea", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "710219df-f170-45ff-87d1-443e8ee8b72a", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b3d01002-2414-46e0-826c-ffdcdb9f26ac", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "9357808e-60b0-406d-b671-e64252f1fee5", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "9bbd8eec-f690-4e7c-b77d-7aea9e549d7f", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "3a2c7d8d-f08a-40a9-a5fb-093635d864a9", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "95d0d730-73c0-4989-bd6c-305d770ff325", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "406b10d5-9468-4761-94fe-79c81640a84f", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "435f1efe-d296-47df-951f-33c90a205ae0", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "40735091-daf8-4d9d-83f6-f653815b152d", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "66d9f869-945e-4083-ad22-19278f1f3985", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "91e4d191-68f1-4f8d-b074-ef87c593ceec", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "ff444918-e51a-4dba-a9ea-1a40b471d135", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "600", + "clientSessionIdleTimeout": "0", + "userProfileEnabled": "false", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/stable/App-Provider-realm.json b/import/realm-config/consortia/catenax-shared/stable/App-Provider-realm.json new file mode 100644 index 00000000..0af8b4ae --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/stable/App-Provider-realm.json @@ -0,0 +1,2159 @@ +{ + "id": "App-Provider", + "realm": "App-Provider", + "displayName": "App-Provider", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "09223270-6b75-4dc1-9815-97eddf244e94", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "App-Provider", + "attributes": {} + }, + { + "id": "fd2ed9dc-cb87-4acb-80af-e21339d4abca", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "App-Provider", + "attributes": {} + }, + { + "id": "fd663c27-1fea-4d1b-9f19-7dd746e67f57", + "name": "default-roles-app-provider", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "App-Provider", + "attributes": {} + } + ], + "client": { + "central-idp": [], + "realm-management": [ + { + "id": "20233a40-3093-4da7-bc11-3a3c5a9bc084", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "89dce047-7e67-4b0e-83c6-0d2df0e54ffd", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "50d4aa80-bdfc-4f4f-829a-63bf94f88f3a", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "55d97062-c5c3-4f9b-bf5d-9c4c708df3c2", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "5b0106f7-34f4-4e3a-b5d4-51af8d5db89d", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "a3d2e6d6-1b66-42c4-a3a0-9cef35da82c2", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "88900617-94ee-4fb2-8482-6979d7dca836", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "d2aa1213-9622-403c-a6f1-9263fc07bc65", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "75536e36-718f-4856-bdfd-cdeee779c234", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "4b21896b-2a07-4e72-864b-df5d695cc7d4", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "554821e2-47b2-4607-a45e-efd057b754d0", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "1bcb97a3-b339-4c8b-a6b0-9e6cbe92a23e", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "4b0bd4fb-a9d3-4c7d-8f5f-773823dd2337", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "c07593bb-5b52-481b-b5f5-8dc13343308a", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "manage-identity-providers", + "impersonation", + "manage-clients", + "create-client", + "query-clients", + "view-authorization", + "manage-authorization", + "manage-users", + "query-realms", + "manage-events", + "manage-realm", + "view-events", + "view-realm", + "view-clients", + "query-users", + "view-users", + "view-identity-providers", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "f6f77d19-d41d-44bb-a279-5c36005039a8", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "9e25fc38-671e-49e1-9356-e6b8fe011cf3", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "6fd1635a-fdc5-485e-be3f-2f9dba3dc7d9", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "6820666e-01d4-40be-8d35-a34298be3a10", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + }, + { + "id": "1ded6023-db88-424e-b93a-a8f9b7e28fad", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "aa88e0dc-6199-491c-9225-9e8265039187", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "8e3da633-242c-4954-949a-37d94d4b6a6f", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "cf16b191-cb70-4edd-9ced-ee408258002c", + "attributes": {} + } + ], + "account": [ + { + "id": "c8a7de18-57bc-4074-9cc8-3169019528ce", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "c51cd08d-75d2-4583-abf6-0a8330af9cf2", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "8c2ce12b-1d5e-4c72-a93c-7cf15c71a8a9", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "cd6903f5-3d55-495e-83bf-08f353c00d46", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "a6016c79-0a89-47b3-b251-d97d54ae8a28", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "0bd51d37-1733-4a78-9828-e02b12b03fcb", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + }, + { + "id": "d0250d20-bb91-4bde-b5bc-1170a30ae0a1", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "fd663c27-1fea-4d1b-9f19-7dd746e67f57", + "name": "default-roles-app-provider", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "App-Provider" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "length(15) and forceExpiredPasswordChange(90) and lowerCase(1) and digits(1) and notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "ad4e882e-ad53-491b-a5da-3cc64f7d61f1", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/App-Provider/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/App-Provider/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "49d37a59-09cb-45ea-8b35-65860c522725", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/App-Provider/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/App-Provider/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "1ea78736-9707-429a-b7e9-10978023e9b1", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "26e156eb-636f-459c-97fe-461f879d6ac2", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "cf16b191-cb70-4edd-9ced-ee408258002c", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "70aebb42-c1a0-474f-b6d5-0163e4cc62ae", + "clientId": "central-idp", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/broker/App-Provider/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "token.endpoint.auth.signing.alg": "RS256", + "use.jwks.url": "true", + "backchannel.logout.session.required": "true", + "jwks.url": "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "aa88e0dc-6199-491c-9225-9e8265039187", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "51ea3e52-0e10-40a6-a615-faf26a7e71cf", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/App-Provider/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/App-Provider/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "ab4dd7e3-8a1d-4a08-82ce-0a4b0b749d40", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "c6272fe0-3eba-42ae-839a-746b94d0c3c7", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "19065bcf-4d88-4a1f-ad54-af8e23b80e4b", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "778b84c8-c8be-4d14-b037-b36313ad23c1", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "3dbec8ec-62ae-4115-8a03-4416ce14cedf", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "02021fb7-210e-4d2e-adf1-458fe5170467", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "19be5e0c-5cab-42e5-9d43-40f44a50e977", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "87363e4d-0c6c-4ab4-9ea2-6c056cbb064f", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "11934209-b930-4b49-9442-0bda768614db", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "e963048b-b1d1-4e91-bfbf-4cb55dcf2951", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "25e3a8f9-0ecc-47ab-a865-416d678b50f3", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "d86241de-10f6-4788-bf05-3d1ad3cb8f27", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "e3236345-1ce8-497c-bcc4-8374545f4026", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "2c68c91a-349c-4a3f-9a68-f5cc3848e086", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "1cda8183-b2c0-48f6-b97c-be148f16c393", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "c103f2d7-5fec-4d3d-9a95-b6a91a85031b", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "f6797374-9a19-4ae3-b5f2-06c5d2c7946c", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "99fd8aa0-557b-41bf-8739-0d9b5c5270d8", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "7bd24d38-99c6-47f7-b277-81d7d1e60a31", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "30e4f584-decf-4444-b187-4ac0c91fa072", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "95bccfd2-221b-405a-a206-29bfb0e3e3f6", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "f98f1864-68ae-49c9-b893-d43bf2cdeb38", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "2bb0e215-775b-45b5-9304-e55500598256", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "a96e6b24-d4d2-44ae-8e77-a70b4c4e95b3", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "e49ad8ba-a45b-4ba7-b44a-cc08e39603be", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "7a3cda53-3124-44c4-b71b-2e12d5574180", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "1120836b-6583-44bc-ac0a-b78329cce2c7", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "66143e08-873d-48ba-ad8f-f8149769b812", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "c6cbfb2e-af8a-4a57-b9b6-488bf79ef678", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "8b690766-9431-4d4d-827e-c5959a88dd1d", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "32b4fdb5-dc87-45c8-8a0e-18cea49ddf68", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "10e72ecd-0b63-415f-9e43-f7eb74a05c98", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "345e24b0-f9f1-470d-9497-568f6f711411", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "b9a0059f-0789-4171-8b8a-2706f19dc89c", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "613c19d9-bcd2-4382-84f1-4b2c4fde6632", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "22a3e5e7-1167-41b3-a80e-885928ab6db6", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "port": "587", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "ad998465-a5ed-4baf-87ee-6c69dd9c6151", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "b12c87ec-7ab4-404d-bbbd-2eb1753b8244", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "0132f9e9-f275-4c65-b0cb-110f5151a977", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "saml-user-property-mapper" + ] + } + }, + { + "id": "079b5dc2-6c36-4026-a3c2-aeec16820998", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-role-list-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-full-name-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper" + ] + } + }, + { + "id": "0c60d449-259e-45a9-afc7-c250d9d24eea", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "b376429c-8dee-4c98-95a6-75824ffc5ee2", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "7d9fdb85-7ba3-4563-b42c-452d5b95a6d7", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "0b9ce881-466a-48a9-b520-4e3597eb34c2", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "48f5cd6a-cc7d-4ea7-80c0-13f0ae59a62e", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "cdbd8a66-c024-49af-9c15-721615247868", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "cba32d19-3c2b-4db7-86fd-2ceaf9858627", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "94623990-0d55-4e76-b437-6101cbe714c4", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "20300ece-34e7-48f6-a1b7-71c4a08a0ee6", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b4059920-5a70-446c-91d5-c7836854478d", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "837fd5be-0fd0-4bc0-b0ba-cdf360c6b562", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "311a239e-32c5-4749-8d72-b1f523bda174", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "eeb740a2-ddb4-4005-9100-8f6cf3e46fbe", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "abc88c1e-cee0-4ee5-b794-51fe70745414", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "f344b264-d8b4-48eb-86db-990dfbff025a", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "accf2752-c3ff-4613-9090-e05595974e2d", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "17c46d2e-fdf2-48a6-b833-449722dcbffb", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7a83f59a-6f89-4395-8d2f-a38e07aad274", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "57516d76-98ef-4508-94c1-f812b70cbef1", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "99b94f2a-332d-44a6-83ec-1ae2610c187c", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "40eaee95-0a7b-4c7b-a2fa-53d5b2f164b6", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "921144d2-e71f-447c-9d54-b3e8877e834e", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "6a243e13-f168-4472-a678-8e15e6f03f3f", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "8defdbdb-dd68-4131-aee0-5f4c3fb8e77a", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "2bd1a483-4f3f-4de3-87da-1d3ee9075ffa", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "294b35ef-360c-415b-a11c-326189e35cbd", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "038c74fb-e4cc-43d1-9a85-adfbf31c8014", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "dd94f42e-0c4a-437f-81e0-78a96a223685", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "bd7aff9d-4dda-4b22-92f1-d91ff5b851e3", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "a084c15f-882d-4c53-88f6-5e3b31298083", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/stable/CX-Operator-realm.json b/import/realm-config/consortia/catenax-shared/stable/CX-Operator-realm.json new file mode 100644 index 00000000..ee27f816 --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/stable/CX-Operator-realm.json @@ -0,0 +1,2159 @@ +{ + "id": "CX-Operator", + "realm": "CX-Operator", + "displayName": "CX-Operator", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "f9e700c4-3479-4df9-8f66-32d3d0aa402f", + "name": "default-roles-cx-operator", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + }, + { + "id": "fd28e000-c7c7-4637-9137-43aab13a4f5b", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + }, + { + "id": "44683915-2421-4815-ba4a-81ba4af2e700", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "CX-Operator", + "attributes": {} + } + ], + "client": { + "central-idp": [], + "realm-management": [ + { + "id": "54175197-ae2d-486c-b52a-f1de1772ef8f", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "00e3c5bb-6c52-40de-8c2b-fcce4090b3fc", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "de03316f-e10e-4261-9914-49b6b66f4159", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "0ac296ac-bf3d-461f-96e6-cd0fcce4b97f", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "ca00badd-aeca-4378-aab2-6f133972f3c4", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "85556a10-4077-4929-8fa8-eb910cbcd39a", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "d5fc862f-243c-4cf4-86b9-c269c0a6cf18", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "4fba3f08-7718-4dbd-8eae-ec72ac38b4dd", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "23a20fb4-0ea9-4f7f-8540-fcf9f7aaa030", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "f4b36def-8935-466c-986e-230cf8e74816", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "3075363d-78e1-45fc-aeaf-1c6f0202346a", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "view-events", + "manage-clients", + "view-identity-providers", + "impersonation", + "query-groups", + "query-realms", + "manage-users", + "query-clients", + "query-users", + "view-clients", + "manage-authorization", + "create-client", + "manage-identity-providers", + "view-users", + "manage-events", + "manage-realm", + "view-realm", + "view-authorization" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "e1f16553-28d3-42db-99c7-e6204246a2c1", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "8a140563-d3d7-4cbb-a023-ac2ccf444158", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "e8622ce0-182b-4c04-ba25-8ed5c50d0683", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "0435d9b3-43a6-4b44-a661-2c7381e88ad7", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "320ceb6f-8744-4fa7-9d1b-32c8a9f0ffc6", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "09370612-e580-4ab5-8827-5ed0e7faa0bb", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "1846e5e3-6823-4ff5-9026-1751f159069a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + }, + { + "id": "a8063557-4d74-435b-ab1e-2ba52c5308f8", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "62ca4922-3ea7-42c0-86b5-227149277c34", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "be1cf7e1-0270-41d1-9ce3-f9ed840fd432", + "attributes": {} + } + ], + "account": [ + { + "id": "ff99d820-6dff-49f0-b831-ce7fe6801b42", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "fb06b072-0737-4fe4-84dd-bca8d32d4550", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "bbbe2dd8-5c93-4885-8b0a-7e227d2f861d", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "cd0cf14c-0739-4da9-9283-98c8a7739c97", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "91d84ea1-42af-48c9-ab3d-b160c423120d", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "c61934bc-75a9-48b6-b37f-131c72b8ac37", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + }, + { + "id": "0e19abe7-b5aa-48ae-b5ef-f589fefff5db", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "f9e700c4-3479-4df9-8f66-32d3d0aa402f", + "name": "default-roles-cx-operator", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "CX-Operator" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "length(15) and forceExpiredPasswordChange(90) and lowerCase(1) and digits(1) and notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "d5894718-53cc-4aec-9bd9-102fcbd191b3", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Operator/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Operator/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "586494f5-d21b-4dc9-b618-ae6dde896a59", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Operator/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Operator/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "3dd58884-4647-477e-a7ef-1b299aa2a26c", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "793217d8-80d5-46ec-9507-aca5a8dbdfbc", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "be1cf7e1-0270-41d1-9ce3-f9ed840fd432", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e01bbf6a-966b-4a04-91cc-1be54398d023", + "clientId": "central-idp", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/broker/CX-Operator/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "token.endpoint.auth.signing.alg": "RS256", + "use.jwks.url": "true", + "backchannel.logout.session.required": "true", + "jwks.url": "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d4e536b1-c583-49b0-9fe4-39c895f91958", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "5d4be671-a85b-4102-91c0-3d444e9549bb", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/CX-Operator/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/CX-Operator/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "2f451e93-4f2f-450a-acb0-6b170c9158a3", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "362f247c-98b6-4577-9fdf-58e9b8b02ff1", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "85d44bfa-e5ae-4982-af15-1557b52e9fec", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "c073d69f-8ff1-4f66-8108-1da31b9a01ca", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "ea162d29-da0d-4caa-8210-122ea067481b", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "ec42fa8f-1393-41be-ba33-377b8dd0246f", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "0ab73adc-4dd1-4a32-abe2-12093cd10b43", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "4cb009ee-b9e9-4d10-b5b5-3ccce89d12c0", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "fe93e386-dcff-4871-b6f3-d37906ab0d43", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "870e4c2e-83fe-4ea6-bf70-24627de5cbd9", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "b504ae92-cf77-40d0-853f-3f7521c45c73", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "60891e8b-ce9f-475c-b6ae-8d3ce862c43a", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "78ee36f2-b876-4e61-a821-19a41ae70fd9", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + }, + { + "id": "e4402c22-40ad-4be3-a3b5-567baffdcb8c", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "56f5418e-2b15-4f99-a54f-746b27ffa788", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "023fc147-52ae-4ea9-b106-d713d4625f48", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "d63e6bfd-63b3-4853-9f80-8c8bb6a5b95b", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "7550baf2-3541-46cc-827d-452328409445", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "5c617319-cb7e-4925-bd25-5ed43f9681e0", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "1d8185f2-3051-4f6e-a6c7-3be7569883e4", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "b01c009c-28bb-405e-bdba-0a7e0d819663", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "525eee5e-159b-4365-b5b6-4b95e98a48f2", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "3bfec154-789d-43e1-b9d1-eabadc087ec0", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "e926db58-7353-4562-ac69-feb767ff9a45", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "b742dd79-d660-4d89-b45b-c5a803b64baa", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "ba11b750-af17-4bd9-a418-8c2c2a39146f", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "9532afdc-0222-4e79-b09f-c4d8c3c2a9ae", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "5777b34c-7bd8-4148-8851-209fc716556d", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "7e11dcd2-0f73-4445-bda9-fff2a021a386", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "c82ce218-3c8d-4539-a746-c66f0a1887f6", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "05608ade-80a4-4684-a020-6135ca6b39c7", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "f8a41bb2-8aae-4c7f-bca0-d241b1571896", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "df21b649-0b05-4ba1-b0fa-0b3729af5b59", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "38880d3f-296c-496c-bf6e-010c83d1243b", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "df3cbe76-8bc8-4d47-a17b-4ea5fdf1e70f", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "e2d302a0-1df7-4dae-9128-a1d5d9a6c160", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "port": "587", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "ff800f90-97c0-4f08-b95f-397a9325bbb5", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "84e3090c-5cb3-4157-a366-0427efeafdd1", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "6c46f360-1831-4f1d-97c0-a36503a61243", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "e9eefa38-4c5f-4afb-bf8b-70f36d4d3180", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-property-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "saml-user-attribute-mapper" + ] + } + }, + { + "id": "d159b35a-dab0-4f35-a1c6-4403db711c60", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "f0681c21-2cd2-4860-9bde-e73b2a2adb14", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "d5109c64-e80b-47dc-839a-a43daf933a0d", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "4cc22082-1d2a-4f91-bc0f-c7dccb010ef3", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-address-mapper" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "46984e4d-ce4b-4f6b-ae36-52068ebd71c5", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "2e8584a5-4683-4c75-9a71-18b6b593fec7", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "73e2090a-8890-499c-b4b8-cb652fcbc182", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "4f40e663-8063-4190-9d1b-2c4f231a157b", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "b063b12b-0241-4abd-9ca4-ecfcfd49c835", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "4789f6df-4575-4a40-905f-da09463796fb", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "10f36f5f-7650-4ea2-86b9-d6bcf8678635", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a7e54bff-9aab-4d81-9547-9415464d4fae", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c4f842fb-5041-4b4c-a285-d10544db2e64", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "1bc372bb-ec2a-416a-ae69-2aa8b16cb2b4", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "764b661e-a9a5-440d-99a3-c68605c8649e", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "4305fe2b-02b5-4396-a1d1-f3033124303f", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a32570e2-2612-46a1-810b-32338b1e919b", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "4e8720c1-ec42-49b8-a648-9cc5c85e8a0d", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b031bc10-ee2b-474f-93bc-14712bac758f", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c68cf361-c790-466d-9399-9c826436b43c", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b14e6633-8f62-49b3-b6b2-edc80e80133e", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "876582e7-bf0f-44c8-aa75-1f3b875e5e0b", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "75fe4f59-be2c-4788-82c4-2c3a492e1827", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a4a0f8e5-07ea-4b08-b5b7-71480111085b", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7d3641c9-82c5-4830-a59f-b2e9f20aef41", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e3d1c905-8fb5-484d-bda0-5f55a9a4b286", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "79a911df-2682-4673-b74f-bdd4aec7e4c0", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d70e1f83-c985-4f2f-a809-a8762eb0f264", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "2006dfea-6d20-487b-ac66-b8f471b67371", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "c62239df-a7bb-4fce-8528-1f1024998af5", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/stable/CX-Test-Access-realm.json b/import/realm-config/consortia/catenax-shared/stable/CX-Test-Access-realm.json new file mode 100644 index 00000000..939e7e0d --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/stable/CX-Test-Access-realm.json @@ -0,0 +1,2310 @@ +{ + "id": "CX-Test-Access", + "realm": "CX-Test-Access", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "7fc2660d-887e-4ec1-91a8-f3a206ddf990", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "CX-Test-Access", + "attributes": {} + }, + { + "id": "8987da95-72d9-4e57-a5b0-8f79e540df65", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "CX-Test-Access", + "attributes": {} + }, + { + "id": "dd90c7d4-cb35-44de-9546-ab1a3e6cd2b7", + "name": "default-roles-cx-test-access", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "CX-Test-Access", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "b70f395d-1c64-4ce4-bca3-ac1f87d3ac93", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "c597edcb-e00d-4bce-8789-5a667848794f", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "f43e2bbb-18ed-4e46-aa83-e30647ca2acf", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "d9a7713a-433f-47d8-a4ac-a2352fef5ff9", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "bb705c97-3da1-420a-8ac7-5a816bbc2c06", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "a75a9da1-42c9-4149-8de7-8839ccca2acc", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "d08f8c21-bbcd-4693-8eda-75809c362eae", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "6fd994bf-73e8-47ac-abac-331987af4a42", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "2d401ae8-8eba-432f-b72c-48d7cab9f1ad", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "d604ec92-ba33-46a3-b39a-82f7fd58ab85", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "0a9e99a4-8c1f-462a-bb95-4a4e636c0574", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "4961a372-c8f8-44f3-ac44-3d525d1b13cf", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "ebeb65d1-ff03-419b-8d34-1c022cdfe06b", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "83b50677-7f4c-4a73-9d10-810b08860786", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "c7521b4f-d10f-4c69-a287-006dfc3187b0", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "95d5d3f7-7b79-4cd1-8d77-105f3172d6ed", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "fa78bd21-0584-48fd-bc37-986a52b13338", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "31cc9a43-1a1d-463a-a7d5-defbb5410f91", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "manage-clients", + "view-authorization", + "manage-authorization", + "query-realms", + "view-identity-providers", + "view-clients", + "view-events", + "view-realm", + "manage-users", + "manage-identity-providers", + "query-users", + "manage-realm", + "manage-events", + "query-clients", + "query-groups", + "view-users", + "create-client", + "impersonation" + ] + } + }, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + }, + { + "id": "65474875-62cd-47ca-8ec6-efd0277d2d9d", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "attributes": {} + } + ], + "Central-IdP": [], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "8189a237-f860-4d22-9af8-e686bc2869b0", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "052ee967-b093-4dbc-8f7c-7b8eb4d62711", + "attributes": {} + } + ], + "account": [ + { + "id": "668e76ae-158e-4016-b5ef-5c31542276b4", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "404aa9cb-0b3b-4024-90db-0577259c5164", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "8e2b5108-258c-4499-bc31-c7801a9dc015", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "d9ea667a-bdd1-433d-9e49-26a144d23766", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "781f2ed7-5976-4107-8e0d-77c2cb943c4d", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "d9186017-c564-4f40-8d1a-15cb2835b31f", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + }, + { + "id": "eac18f80-5d16-471b-9f76-f863a975a7d0", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "dd90c7d4-cb35-44de-9546-ab1a3e6cd2b7", + "name": "default-roles-cx-test-access", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "CX-Test-Access" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "a60f0051-9929-43c1-8c85-70feb6a9c5c8", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Test-Access/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Test-Access/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4834d2e2-b49f-4fe6-9f9c-a8c3a571b58f", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/CX-Test-Access/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/CX-Test-Access/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "18d6bb28-a231-42a5-a45f-121cd50e00dd", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4bcfd4aa-3afb-43d0-87e2-e8e5e7ebe57e", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "052ee967-b093-4dbc-8f7c-7b8eb4d62711", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c86c9430-cdb7-467d-b8f0-b7fa4c90ad5b", + "clientId": "Central-IdP", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/broker/CX-Test-Access/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "use.jwks.string": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "jwks.url": "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "d0904334-0bf4-4285-9101-609fac5c10e7", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "95326117-810d-473b-a488-5ac662c4dafe", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "892a14ec-4cbf-4d1c-9408-716cb76a3237", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "579dfdfc-50c6-4929-8767-bbbe9efeaf9b", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "a434f4df-8385-4fb9-a7ff-cae31f617bc0", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/CX-Test-Access/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/CX-Test-Access/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "33923a97-562a-4062-a3f4-674ca1a14663", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "3c9e0317-a7c3-474b-a3cb-ffaa2005bec5", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "aedc7d2a-acda-42c6-839a-b661c2be9b16", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "5ed23c32-54ce-4839-80ee-8ab8c33c5662", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "9a5ec5f8-1ef5-4352-a284-e6ac20c04872", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "cb986f49-238f-4d37-94f7-b85f0ff9808f", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "4eeeafe7-aa82-471d-a633-2fb9a219ba11", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "54220980-4b9a-470a-9261-b3b80ac6aba3", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "dc64c05c-24a7-46d5-8f88-700bc00025e1", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "41cf11f9-098b-46ff-b455-b8234f5e4eb6", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "0f8103ff-6c88-4da2-9969-14ddc8cb2ae2", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "4739f141-346c-4420-8c16-edc023e8ffe1", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "85d9377f-410e-4bf5-8d5e-0db8913977d4", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "6d97694b-8dfb-4883-be6c-2a6d040ea01c", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "7a461d3d-761f-4c8d-bb63-e49e15dcd6a0", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "6b243aea-9dc8-45c5-acc0-c760d1973d1f", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "8471f5ca-f79a-4663-b0fb-1857b980d506", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "dcb7dae1-7d81-458d-b3ff-80fc99bdc210", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "548e0af1-a4f5-4cb7-8485-c0603486bd1d", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "b648db19-5b08-45f6-bc61-cea8e43a206a", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "b623937e-4d6f-442b-9958-16e18b30eb9b", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "31753316-291d-43c5-8be0-d92f83c4ddfb", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "97c1fc7d-c6b8-4ab9-8fa0-6af1f813d795", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "82195102-69ac-45c2-90b1-ebfeee419761", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "e5c11413-9c37-4957-b379-f2b9ffd90fce", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "d8a20e95-fd5a-4c32-a360-70de76905e4e", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "4144115f-e5a1-48ef-a8d0-5f4f6effa6b0", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "fafffd5e-1901-4e16-b704-afd9883900a3", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "83efafef-1157-4c19-b47b-40938b10e582", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "c6af2eac-9c21-45eb-879c-b048ad3f7b43", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "3893c55b-1763-4eaa-b4df-db70716149ef", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "da470352-d0b0-4ac8-aed7-7608b60b7fed", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "d3fd230b-3f19-44fa-b9ce-f89ab59403c8", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "198fe999-899f-40cf-af0e-974aee0f64c7", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "113a225d-ecf7-4b1d-bf28-ce9abb1ed9e4", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "f56add5d-37f0-4e75-b4ca-7fb7a958aa76", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "port": "587", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-shared-portal", + "eventsEnabled": true, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [ + "UPDATE_CONSENT_ERROR", + "SEND_RESET_PASSWORD", + "GRANT_CONSENT", + "VERIFY_PROFILE_ERROR", + "UPDATE_TOTP", + "REMOVE_TOTP", + "REVOKE_GRANT", + "LOGIN_ERROR", + "CLIENT_LOGIN", + "RESET_PASSWORD_ERROR", + "IMPERSONATE_ERROR", + "CODE_TO_TOKEN_ERROR", + "CUSTOM_REQUIRED_ACTION", + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", + "RESTART_AUTHENTICATION", + "UPDATE_PROFILE_ERROR", + "IMPERSONATE", + "LOGIN", + "UPDATE_PASSWORD_ERROR", + "OAUTH2_DEVICE_VERIFY_USER_CODE", + "CLIENT_INITIATED_ACCOUNT_LINKING", + "TOKEN_EXCHANGE", + "REGISTER", + "LOGOUT", + "AUTHREQID_TO_TOKEN", + "DELETE_ACCOUNT_ERROR", + "CLIENT_REGISTER", + "IDENTITY_PROVIDER_LINK_ACCOUNT", + "UPDATE_PASSWORD", + "DELETE_ACCOUNT", + "FEDERATED_IDENTITY_LINK_ERROR", + "CLIENT_DELETE", + "IDENTITY_PROVIDER_FIRST_LOGIN", + "VERIFY_EMAIL", + "CLIENT_DELETE_ERROR", + "CLIENT_LOGIN_ERROR", + "RESTART_AUTHENTICATION_ERROR", + "REMOVE_FEDERATED_IDENTITY_ERROR", + "EXECUTE_ACTIONS", + "TOKEN_EXCHANGE_ERROR", + "PERMISSION_TOKEN", + "SEND_IDENTITY_PROVIDER_LINK_ERROR", + "EXECUTE_ACTION_TOKEN_ERROR", + "SEND_VERIFY_EMAIL", + "OAUTH2_DEVICE_AUTH", + "EXECUTE_ACTIONS_ERROR", + "REMOVE_FEDERATED_IDENTITY", + "OAUTH2_DEVICE_CODE_TO_TOKEN", + "IDENTITY_PROVIDER_POST_LOGIN", + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", + "UPDATE_EMAIL", + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", + "REGISTER_ERROR", + "REVOKE_GRANT_ERROR", + "LOGOUT_ERROR", + "UPDATE_EMAIL_ERROR", + "EXECUTE_ACTION_TOKEN", + "CLIENT_UPDATE_ERROR", + "UPDATE_PROFILE", + "AUTHREQID_TO_TOKEN_ERROR", + "FEDERATED_IDENTITY_LINK", + "CLIENT_REGISTER_ERROR", + "SEND_IDENTITY_PROVIDER_LINK", + "SEND_VERIFY_EMAIL_ERROR", + "RESET_PASSWORD", + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", + "OAUTH2_DEVICE_AUTH_ERROR", + "UPDATE_CONSENT", + "REMOVE_TOTP_ERROR", + "VERIFY_EMAIL_ERROR", + "SEND_RESET_PASSWORD_ERROR", + "CLIENT_UPDATE", + "IDENTITY_PROVIDER_POST_LOGIN_ERROR", + "CUSTOM_REQUIRED_ACTION_ERROR", + "UPDATE_TOTP_ERROR", + "CODE_TO_TOKEN", + "VERIFY_PROFILE", + "GRANT_CONSENT_ERROR", + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" + ], + "adminEventsEnabled": true, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "f4d39346-0216-4e4a-a5a9-9777d1805027", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-full-name-mapper", + "oidc-address-mapper", + "saml-user-property-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-usermodel-attribute-mapper", + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper" + ] + } + }, + { + "id": "06dffe59-3b7a-4af6-9568-4eda475c6353", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "3b073342-79f9-4f70-94b2-9aa5d75b6a04", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "5438d051-0476-4336-8765-8f8862312049", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-property-mapper", + "oidc-usermodel-property-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper" + ] + } + }, + { + "id": "37139ac6-1084-4ab7-b6b5-aa99528760a8", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "f0d9795a-d350-4033-aa88-0424de3ba99c", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "ed783de3-fedf-4af9-8d27-99c75c235198", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "9ebb1b13-9301-46e1-8295-9ebe87e585e1", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "1cc27f1f-d0e9-46b8-bb24-dae9eb5eacf0", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "f1f9c48d-8579-4b24-b1a2-66bb02802fce", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "669aef76-0e2b-4224-b692-e7873d105eb5", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "eed96c6c-fcf2-4dcc-8d10-77d748ed2a14", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "44cdee96-71c8-4340-b9bd-faf592283a60", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "c040404a-884b-4cab-9082-20199c078fec", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "4b658fd2-3446-43ba-90b0-3aea1212a719", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "18d6e304-a993-42dd-b708-11cb7c6ad796", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b3420431-24c9-40da-8881-4fc9b734a3a1", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "366e68a6-fd90-4251-afea-bb52d2507fc1", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "9a60141b-172d-4f5d-9e3f-58832915fc9b", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "980e1a6a-1cd7-4cba-865e-c40cf292c3f9", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "c15bbb1b-ce7f-454d-961c-8ffd071437cb", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "68aeb545-b4a0-439d-97f4-dc945f81f500", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "1d0fc4bf-a1f3-405a-a056-4ab1b595c406", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "16ef32a3-0d38-43a2-8121-9549bbbd1786", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "295f0005-fd09-4bee-a6a9-e346ce875df1", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "54aebcbe-16fb-424e-b476-14f95fa87613", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d21ef958-e0ae-49a9-89ad-e32d85a02630", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "06bad889-af19-4bc4-8bdf-807625f2854f", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d6e6dea1-edd9-4c7c-b2a4-ff6022bcab7e", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a93d2173-c91f-4830-acb2-2ab302414eac", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a91ca547-97e6-47f1-94d6-08f421c53f43", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "c843c30f-17d7-4f97-9576-673477257cea", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "0e274292-b446-44b3-a3a0-300e5f956d32", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "082f73bb-7fc7-419c-a633-bd712eef2758", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/stable/Company-1-realm.json b/import/realm-config/consortia/catenax-shared/stable/Company-1-realm.json new file mode 100644 index 00000000..a84f0e4c --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/stable/Company-1-realm.json @@ -0,0 +1,2192 @@ +{ + "id": "Company-1", + "realm": "Company-1", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "737ff7e9-8bfd-4606-9460-9dbdc0aedb4a", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "Company-1", + "attributes": {} + }, + { + "id": "7ea39c59-b7a1-4c8b-a8b6-2954961ec507", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "Company-1", + "attributes": {} + }, + { + "id": "f35527ef-748f-46a8-8f75-5261019bd2ca", + "name": "default-roles-company-1", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "Company-1", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "a4a05389-886d-4b77-b3cf-76611f85458e", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "1ab2399d-1602-4bf5-97bb-d028482de43d", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "e8376c0b-7055-4c74-8dc9-82e36d81cf8f", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "207026b6-87b8-4c67-95ed-f8f8815c6bda", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "f3673773-13e9-4572-bf79-bda19708df1a", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "c4f1d63a-cd59-4e36-ae68-b6a6e86616e0", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "b843fe96-2156-4782-b8c8-870f8a587ac2", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "201f046d-c75f-4eda-bde4-ce6bc3945028", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "da212b35-1822-4daf-8609-cc2c503b34e1", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "8b9dfb14-8af6-43dc-888a-eab852b2bb51", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "b6893823-9890-418d-85ef-eece319c6b4b", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "cb24453c-57df-4533-ab7d-6efd52487615", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "de148166-68b9-438f-bd6a-9c50ef839fc7", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "c6fb6e8e-65e5-4cce-acb3-247115821391", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "impersonation", + "manage-authorization", + "query-users", + "view-identity-providers", + "manage-clients", + "view-users", + "manage-events", + "manage-users", + "manage-realm", + "view-authorization", + "view-events", + "create-client", + "query-clients", + "query-realms", + "view-clients", + "manage-identity-providers", + "view-realm" + ] + } + }, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "2b4960a0-c145-4da0-ad1d-7be01fa9f0ba", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "75be9ce5-0d67-45cb-8605-0e5adfc34cce", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "0d44b420-a90c-4794-87da-0dd2e482ec57", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "248d9474-e92e-46f4-992e-cae1d7415a8d", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + }, + { + "id": "d86d5527-acb8-4b3c-aec3-c018e74c971c", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "attributes": {} + } + ], + "Central-IdP": [], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "1716a349-456d-4717-b10a-b2570d11024c", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "5fbf5e9a-181f-4acf-962e-2c8c840a6735", + "attributes": {} + } + ], + "account": [ + { + "id": "f5e3c624-c017-4ae4-8fc2-3f272092ee8d", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "e52ed14e-5c22-412e-b5a0-b77ee9179384", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "933a6653-dd59-4c64-afbf-c5738592df73", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "a8128d34-daa9-46d2-abb2-b8b6613c9c6e", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "58e841e4-cbcd-45f6-bc1b-a6a086f5c5ad", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "1e0cab99-e74a-4819-8349-fab105de6cb9", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + }, + { + "id": "4641bec9-242e-45e4-b73e-def1eb5819b9", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "f35527ef-748f-46a8-8f75-5261019bd2ca", + "name": "default-roles-company-1", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "Company-1" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "777b83ba-c1c3-437d-9338-39bc89e7afab", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Company-1/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Company-1/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b900730e-0e16-47a8-bb3b-d5e640ddfa82", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Company-1/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Company-1/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "fbcae586-379c-46ac-90e9-c9f4e49cb9d6", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "84687239-70f8-42ec-bea3-9758d85dc81a", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "5fbf5e9a-181f-4acf-962e-2c8c840a6735", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dfab1e92-777d-4d11-8e48-08c94fc2e3f7", + "clientId": "Central-IdP", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/broker/Company-1/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "use.jwks.string": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "jwks.url": "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4a978c83-c7b1-42fd-a244-2675df55d85e", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "c03b5a09-116d-42ec-abd6-1c5afc9d8bed", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/Company-1/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/Company-1/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "b37e9a5f-a7fa-4371-8cf1-36c3772d9c74", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "6c21ae11-7d56-4803-8541-0fd06a84ee1d", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "e258e0ec-4385-40b8-960a-5f295fbdb442", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "124d63bd-e65d-4ca8-b2fb-7f941a836f6c", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "9c957137-142f-4d98-a987-42862b06a740", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "20cda0b8-708f-48f2-9abd-72e4cdc6dbe0", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "76831268-8d9a-4caf-8e32-38be5a110f77", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "6e151e9d-eff1-445b-93e1-260a1b147ebd", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "c02ecd94-2001-4694-9173-dce9960fb242", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "e791698e-01ad-4cdc-925f-b56331aede1f", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "3396db09-c217-4e21-a3d2-e987688271d4", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "0e9d402c-660f-4f7f-aba8-eb91267e4703", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "c8da22a6-8cdc-4a19-9ae4-446c56593ee1", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "8cd58931-10af-455e-ad7e-8534a124276a", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "8ef95a29-5574-446c-a96d-edf6960aba46", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "6a44e0c1-9db4-4071-a323-5504e956b88e", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "ea6199b5-8b91-4c14-970f-058c92c651e6", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "1d58424c-1b17-4f08-8223-2a1803a7ff03", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "23ab4d31-cf85-4bc4-b33d-8c7ff11a9cf5", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "d07b6546-0416-4a31-a111-943687d6cc73", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "9bbe8bf7-d365-451b-84ab-680bfc36f72e", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "9ede0c0c-3af9-4a44-898c-382d02dbefd9", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "cc1fcf8c-11c4-40f4-9bb7-f948c5dae0d8", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "de2db7f5-4420-4b3f-bb5c-20761a2ea21c", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "11f3ce6d-4ba7-4379-b344-965173027b76", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "e2fbd787-b188-4262-8d85-c8a1752fe23c", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "dd87dc12-b2fd-4cbb-a08c-a3210786e378", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "aec437e0-df61-4aee-8ba7-ea25741e7952", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "257c4af0-89fe-400d-8dca-0c2376ae6fcc", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "ae52b888-fe33-4fc1-b865-674ccd587d52", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "44dda41e-0fa1-43b9-bbdf-6ad7785360f2", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "4a2f881a-65b7-4ea5-9c57-cc990e6b78be", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "4c92a098-2fec-41d0-b298-07a0f13710b9", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "61ee9a46-2e8a-4d36-b5aa-1b12128bfd4e", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "56f7f7b8-dc54-4a45-80f8-68b68d5be48e", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "73c728a2-94b9-429f-ace9-21351bed7633", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-shared-portal", + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "371d3661-555c-48a4-9fae-aabb20abe248", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-property-mapper", + "saml-user-attribute-mapper", + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper" + ] + } + }, + { + "id": "ad87f2c9-1594-40f0-a002-dd377944aa18", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "8e02447a-1bb8-4535-83c3-27207977a40a", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "83f469d5-639e-4ab1-88ce-7c3d5bf1ca2c", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "64f5ed3a-2407-442d-a1d2-85b79151ee47", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "daaf4447-3874-45c6-b3e1-b5ae235281dd", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "7edbb3a6-db7c-4525-b7aa-7e0a139f8536", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "saml-user-property-mapper" + ] + } + }, + { + "id": "af857f90-12b5-4efb-9b3f-ecb18205befa", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.userprofile.UserProfileProvider": [ + { + "id": "a197f689-d9c3-4bed-92eb-5a66adebaf68", + "providerId": "declarative-user-profile", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "b797e70b-da5a-4a81-9c5c-86a1991338ff", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "b17c3abf-49ce-4c36-9508-a92daa0e3258", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "25358e61-6908-4c1f-88ef-ce5ea789d3f0", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "9e9fed2a-48e0-4bb8-b297-57ca015d3968", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "d0ac1856-ddd4-4c73-a227-02d7b7ac6222", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "0e74307e-97c1-4947-9fc5-50d0fc030bf3", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "da3baf0e-253d-411f-b669-dba5c7229a2a", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "3208e5be-09a7-43ff-8e24-e5f7aa1b9cac", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "dbcf8da3-5d78-4f29-a2e1-a8855398ae36", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c5d9272a-578b-4080-a1fb-fa77e49532f5", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "9583b1fd-2b25-4a90-b165-4749a5a9118a", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "92d32f27-b266-426d-802e-0d488849474d", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e5e866d2-d33d-47d3-8008-34c5ca441bc6", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e8c62fd5-4a60-45da-b210-b64a7c50ce74", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "97e2f5f1-6dc6-4b38-a699-4f207da3a12d", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "5c9d6430-9775-4f54-81e5-e36dc4d4f30e", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d56fecef-a5ba-43b4-9078-3bc00be1deab", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a4fe6b02-f901-4b9f-82c3-69c857fef3ea", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "211bfd67-b114-436e-9dde-1353bb47b7a6", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "cef227e3-9574-45b0-91e3-1a2c6e44b4ab", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7d196326-93c0-4122-b832-bec014469139", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e4700f01-d9e1-4e52-8c2f-c2cefb728bb5", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b7a8bae5-4432-4112-9ee7-7a3e450c9b07", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7f268b7e-d989-421d-8442-b3ee9375f67c", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "97b8d400-d49f-45fa-9aa1-abd8e03e89f4", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "1e3cd852-b302-421d-9e97-1f7c2c3112de", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "userProfileEnabled": "false", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/stable/Company-2-realm.json b/import/realm-config/consortia/catenax-shared/stable/Company-2-realm.json new file mode 100644 index 00000000..9071bb4e --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/stable/Company-2-realm.json @@ -0,0 +1,2183 @@ +{ + "id": "Company-2", + "realm": "Company-2", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "07b011d0-df1c-406e-aeea-cebf84f1afce", + "name": "default-roles-company-2", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "Company-2", + "attributes": {} + }, + { + "id": "98158b74-c0fb-4e87-9d28-af3677d7dc9d", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "Company-2", + "attributes": {} + }, + { + "id": "67018b6a-e063-43d7-9967-65b989ec5a59", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "Company-2", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "6f133934-a728-4a11-9f32-60cce19c2f45", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "4c8e3af0-9363-4680-bd80-3b1c21cecbec", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "7d8b9db1-1e32-430b-8ba7-0e48805ebfac", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "22ec24b8-48fa-49f8-80be-e84ae9057eb4", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "8c933a4b-5b3c-4bd1-abbb-093809cdc14f", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "create-client", + "manage-authorization", + "view-events", + "query-groups", + "view-authorization", + "query-users", + "view-identity-providers", + "manage-clients", + "view-clients", + "query-clients", + "impersonation", + "view-realm", + "manage-events", + "manage-realm", + "view-users", + "query-realms", + "manage-users", + "manage-identity-providers" + ] + } + }, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "a7713ff9-eac1-4fc3-ab0b-275ace863b99", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "f8f1e810-5168-4d3f-af07-3a2b348a5ac5", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "89d7d1ef-1f6e-43f4-ab9e-d57480405a24", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "d8949aeb-e37e-4090-881d-6ee256a7c078", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "da07557c-0178-4bfd-9a81-180484def268", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "5ee7a4d9-1c51-43b6-b959-4c09f4de7f63", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "232cdc4a-377d-4ef3-9225-aca510f44766", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "65ccb9c1-c9b3-4853-9636-0367f280dc2a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "42a72b74-7054-421f-a1f2-f78930cee990", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "9c5a61c2-b3f1-4601-8236-043afde87fda", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "24cfd3d6-121c-44bf-8363-9720438e985b", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "5c3b4ebf-f8b8-4ab2-9d19-13990bb331af", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "5454ff27-df12-4be4-bf8f-f3390fdc876d", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + }, + { + "id": "3a968552-41d5-4782-b410-a29eaa50c2f9", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "attributes": {} + } + ], + "Central-IdP": [], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "8548428f-0c53-4b70-99e3-4a894a2836a1", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "05011dbb-dae9-446e-b8b9-8c2a67f62ca5", + "attributes": {} + } + ], + "account": [ + { + "id": "500f352f-8493-440e-8c4b-6053ef65a636", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "5622327e-e406-4a83-a9bc-eb8537e6dd82", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "bf4969a6-62b2-434c-bab4-65095e99a4ce", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "9d1f083f-0b22-407a-ab76-c907b677347b", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "d39b9e6d-8d0f-40b5-986f-59b5e85f50c4", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "bcb5c9f9-d99c-491b-b8f3-8f4d4e5fd221", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + }, + { + "id": "ffbeba0d-f3ef-43a3-98d5-845d33cfc601", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "0105a266-2635-40da-b6a3-7c106018a77d", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "07b011d0-df1c-406e-aeea-cebf84f1afce", + "name": "default-roles-company-2", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "Company-2" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "0105a266-2635-40da-b6a3-7c106018a77d", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Company-2/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Company-2/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d4498a60-40e0-41b2-a0d3-686b927be4e3", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Company-2/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Company-2/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "f6bfa95f-76fd-4215-9e3f-b96f1177016e", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "ceef1449-a25a-40b6-a079-ffa4a7e7ef9f", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "05011dbb-dae9-446e-b8b9-8c2a67f62ca5", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "8e495f6b-df34-47b4-bc39-4f9a613a9e69", + "clientId": "Central-IdP", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/broker/Company-2/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "use.jwks.string": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "jwks.url": "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "ea5966e0-df54-4f10-b179-3d540fd94e07", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "9c6d1ab0-7b4e-4780-9f5e-4b26a9187baf", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/Company-2/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/Company-2/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "87305044-fcc8-46a7-8255-ad2667beeeff", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "cbed30ab-ea18-42b5-bfd8-373af2aff4bc", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "32b1a492-9439-4cef-bcbe-15dd4f4097f5", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "9b26b004-8134-42d4-9ebe-3bacefa53d55", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "b91cb0c1-eac6-4c8c-b25c-82d814c11bfa", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "21d99eb3-42df-4901-b33c-244e369eb1d1", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "5698eb5d-c315-49e6-89f9-5bcf3f1d0bc3", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "a44b4427-e980-49a9-939e-ba748b0b03db", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "9e5bb8d8-f02e-4e80-b171-0387f79cad06", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "ff78cd73-27b4-436f-98d0-908b34e5d4ad", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "7c079379-9e95-44e0-9561-04e8cddd4303", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "234e763e-c9b2-4856-89bb-0836909f6d91", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "ac3540c9-6783-4025-a4a8-c99baa22333d", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "f1319e83-b9f4-460a-9760-b8f14f425489", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "20e61376-984e-45c0-843c-fa89f14fab09", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "c970ad00-d31c-42ad-a8b1-3cbd9ec07539", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "e3e26bcf-fd59-406b-a683-f919ff2c9024", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "e0f86d3b-33f0-4faf-80fa-718f22bb1ade", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "2aefe0de-2786-49e3-a740-c3208ffc09cd", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "3659043b-e516-4cbe-a78e-7f7ba5afb865", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "7de2a17f-54a0-4fed-8926-0dbb21ded513", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "1121bde9-6746-410e-be3b-bc0453e04b2e", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "ca3c4aae-bcb3-4b06-a7e9-3c8e4a6f0692", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "0d0a4afe-90e6-448b-9888-1aa2c82bb34b", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "e74d03b9-52c1-4516-ab2b-8813e12a952c", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "2f8ad681-dc7b-4165-a43a-df0c311b1cc1", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "459ef22f-2fcf-4f74-803c-d2cdecdee687", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "6d467582-8b0f-4181-9359-9616b4f134a4", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "69bedfe1-34b4-4990-a626-8ba8efdb4184", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "35d6077c-f4c4-4433-81d6-668413c7a358", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "a55e928c-9145-4872-828b-7f02d308dc38", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "ed0c7ecb-545d-40ba-ba4a-91a8bd688c0c", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "dbaefb50-27b4-4786-93d4-1b0d07f423a4", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "aa8ecfd8-3b1f-4118-afd7-e9b78dcfeb92", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "2a74bc74-2ff3-4e47-9339-c77aeebd3756", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "7f031d8b-ad80-4af4-8481-3c2ded30be3a", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "fromDisplayName": "", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-shared-portal", + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "c315c0b1-240e-4055-ae1a-39dba79562f6", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "de91aba8-db6d-448a-a0b1-12b6f0d9b791", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "f30b78e8-9c72-4381-ad35-01da42b8fdb9", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "9deb41f0-c961-4401-9e62-b952cc90bbe2", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper" + ] + } + }, + { + "id": "715638cf-477f-4054-9b7c-d58343bfe8e3", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-role-list-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper", + "saml-user-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper" + ] + } + }, + { + "id": "eaf10353-6324-436b-908b-b31f33ad20b3", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "62366f38-6a8f-4bd1-a3f3-24d6586f6b3d", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "f179f0aa-3885-4123-b8f6-ad2795ce6a59", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "6b0a4ae3-7d8f-43d6-883d-d6186f8eb237", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "9f41ff93-422a-4dbd-bb74-ff0cc573d4f8", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "b71f4d8c-3daf-4aa0-87a4-62142737e66f", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "f10b68ce-bdd1-4d84-939f-49ac0b4d583d", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "4090717e-0bd3-429c-b005-1e503064e13e", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "568f0442-c735-47c3-a99a-bca7e05841a2", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "fb4158ee-bdfb-4a66-9d89-ccfb250a9cf5", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "f6b2eb2c-db8b-4f9c-ad0f-3716bad43f75", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "63d1e1cd-2fdf-446c-83bd-b05df0f4c209", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "28c6741f-5ce8-4366-be28-fa55d3657aa7", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "d2f9506d-35fd-4ad2-941b-57379d89b2bb", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "7df49a98-e77a-4921-adfd-5d8f06f43203", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "90da87d4-5d4b-4908-9668-5a39966be2c6", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "15cff910-0f44-41f7-9c58-d751e0f11faa", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "e44830c3-be7d-4069-80ad-e734d110839b", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "f5a769a2-b5b6-45da-a328-07ffdf021f29", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "900da95c-6aec-4fc6-8a13-d2ace7093954", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "48a5033d-3f9a-4b04-b1e8-92fdfd7c5a9c", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "aab33b03-6e09-4abb-b1ce-4bcc9a3a833f", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "608e7a0b-6afb-4a8b-890a-9653bceff5bd", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "0d2e0804-1570-4d70-ae2a-8ed2491e809e", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b3d92972-da18-40c3-b72c-5210ef0e5483", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "c15433d2-79c9-404c-ba70-89c63cfcb961", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "63cc0a58-a291-4943-8352-605d92d7d596", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "959f2059-2b29-428e-8345-920f1e8ec738", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "a8cd31eb-0ddd-4dab-b2a6-8f2811aa342e", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/stable/Security-Company-realm.json b/import/realm-config/consortia/catenax-shared/stable/Security-Company-realm.json new file mode 100644 index 00000000..545ea35b --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/stable/Security-Company-realm.json @@ -0,0 +1,2182 @@ +{ + "id": "Security-Company", + "realm": "Security-Company", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "886e6c46-9fd4-4bc7-822b-bd01a5e2eec9", + "name": "default-roles-security-company", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "Security-Company", + "attributes": {} + }, + { + "id": "0d348799-1dae-43ba-92f7-3f59e37a29be", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "Security-Company", + "attributes": {} + }, + { + "id": "8dbe3dfa-70c0-486a-8912-f03d4c3507c2", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "Security-Company", + "attributes": {} + } + ], + "client": { + "realm-management": [ + { + "id": "f467f3f8-f003-434d-b9eb-9709b5420767", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "986ec9e6-2ae2-48f2-b73f-d53000efc4ba", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "c44dd6a4-0393-4577-96a0-e2d6ea4206a3", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "a3453f3e-6a97-4229-b580-4162306182b1", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "cf7a74b3-30e2-413f-b9cf-93ff6af87a8f", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "7c431d80-a74f-4583-9c85-e10a004b29cc", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "182d6eb8-b551-49a1-9681-044b83794bf5", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "5d48f929-3aa4-4e9b-95f3-b6664cb9124f", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "15acd0d8-c78f-4793-b578-0d8df73bdc93", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "29c6953d-8d60-48ad-ad29-47172aa3fd46", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "d35fa620-5d59-4697-880f-f35f15ac8c07", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "1a143089-6d4f-4af2-97a0-ba90a2b593ee", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "467e8421-3bad-4fab-9397-00df573ca6f9", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "bf61fd2f-f4fd-4290-899f-6ff2c03bec3c", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "33dab6e8-5f6b-439d-af89-5b89b70c7b94", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "5f7bfc76-0b59-417b-9e4d-db95043e469a", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "manage-events", + "view-events", + "query-realms", + "query-users", + "impersonation", + "view-clients", + "manage-identity-providers", + "view-realm", + "manage-clients", + "view-users", + "manage-users", + "create-client", + "query-clients", + "view-authorization", + "manage-realm", + "view-identity-providers", + "manage-authorization", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "9af22f43-269b-46b2-a8ed-fc21e6db5dbd", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "a94effc5-289e-4eec-9c4c-66189b90daff", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + }, + { + "id": "32beb856-c8f3-41cb-bb9f-002ef64df4ed", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "847b0082-5840-4663-99dc-af3f890a94e4", + "attributes": {} + } + ], + "Central-IdP": [], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "3b8bf692-7d3a-451b-b8e5-e6aa42cc2982", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "f109c0be-4558-4c7d-b3de-52e9fa724bb9", + "attributes": {} + } + ], + "account": [ + { + "id": "1f756096-e46f-4e4d-b071-5b1091d4b57d", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "7ecb626f-2559-43d3-8af4-9ccde6df85dd", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "bce79653-4543-4477-acae-47b463c68274", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "5f960bbf-3e3b-4917-8fdc-3cc06624298d", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "44277525-9adb-44b2-9bd3-062a150da843", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "ce39030d-9371-4ff1-9b72-83097e1c6d7a", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + }, + { + "id": "231bee07-20ac-4d0c-8871-20e17314aab0", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "886e6c46-9fd4-4bc7-822b-bd01a5e2eec9", + "name": "default-roles-security-company", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "Security-Company" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "ec512c09-d2bb-48fe-b858-e606096c1a65", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Security-Company/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Security-Company/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "9ce7fcbd-47ae-4ae4-9327-988c7695124b", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Security-Company/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Security-Company/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "d648ca0a-e376-4f4c-bdfe-3e90dcbacba4", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d2f0ac9c-31e4-400f-aae7-ce2cfb8781df", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f109c0be-4558-4c7d-b3de-52e9fa724bb9", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1216ba84-922b-4790-9403-42f7d30e6819", + "clientId": "Central-IdP", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/broker/Security-Company/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "token.endpoint.auth.signing.alg": "RS256", + "oauth2.device.authorization.grant.enabled": "false", + "use.jwks.url": "true", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "oidc.ciba.grant.enabled": "false", + "use.jwks.string": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.encrypt": "false", + "saml.server.signature": "false", + "exclude.session.state.from.auth.response": "false", + "saml.artifact.binding": "false", + "jwks.url": "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "saml_force_name_id_format": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "847b0082-5840-4663-99dc-af3f890a94e4", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "0a02fa25-0a93-4b84-9dec-0c237890ac46", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/Security-Company/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/Security-Company/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "568e42d0-33b9-460a-8208-36ce6c1a2dac", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "d802891e-db21-4bea-afd1-7e24a970b8cb", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "72757bac-a0c4-404a-9d00-3df755f2b342", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "4361375c-c328-4b37-aeb3-e9b1d7abb276", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "5ed11df0-e8fd-4e81-bc6b-e2f19edddebb", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "b8514845-f202-46f3-b57b-0c45c6942356", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "35600167-53bc-4fba-b014-872cafe0dd18", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "0aa575ba-d083-4e43-933d-b753b78f45a5", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + }, + { + "id": "9752ca33-d47d-4157-b373-a364397e7113", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "3892e8ea-ee79-4f3c-9b73-eb1844fd049e", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "1e79baac-193c-4dc0-852f-001a175916bc", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "e8fc062f-f81d-4455-b6ca-a233a9653917", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + } + ] + }, + { + "id": "3852b5d6-aea4-4bc3-88fc-db9d76f8d861", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "2d15260c-2ed3-4d36-aff0-f07b3a1ddb59", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "1e20fc74-9ecc-4a3e-95bb-cfc595c3b4f1", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "fea21fcf-dec8-4971-bf97-be19ab17a05f", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "ec5e4f84-e37e-4072-a7c9-9b3354f22429", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "8573b82f-dffa-4bbd-b6e3-d618aae6e055", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "47f5363d-06a5-4005-86f3-0b93b385cd2a", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "673fbf76-163a-46a4-bbbb-917a3e226f4a", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "78c3a340-edea-41a9-8cc0-b505496144ad", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "3304f7bb-d013-4ae5-9bda-bbc37d8951e9", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "3d218792-9b0e-47cb-a265-0523fa4da94b", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "4e33fd9c-f748-47bf-b22d-ab1f842dd9ed", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "b4d6b59b-c067-4d05-8a84-b7a4d4c7f6c5", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "550215bf-1565-44d5-a971-70b0098cc485", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "4be82907-f750-4991-9a56-d984285f2f8c", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "08368322-07ab-438c-b704-e2439c5f13e5", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "a64cc361-e1b3-4713-ba34-f542cce02c32", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "0d4d75c4-393a-4351-ba26-72060ecff230", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "91808271-0138-4211-ad7b-813e1ef948b2", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "cb4f7939-e589-47b7-9bf3-66e335350a40", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "beec1440-282f-44ad-a16a-3d6acf2952c0", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "45fbbe82-4c94-496d-8afe-8e41c57703f3", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "00df8389-d9aa-40ce-a506-ace8491d1fa6", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "3c28e936-74fa-453c-8414-1b30eb996ce3", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "loginTheme": "catenax-shared-portal", + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "bc8ee12e-e127-42ba-9537-bff78766696e", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "f1fd43ff-3c5f-4411-bc6a-2c817478b81e", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "94f19adc-1bfc-4e09-980e-f2f299f20700", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "bc597cb9-d0b8-4788-a59b-a0d67da55a04", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "efb29006-5914-4d8d-a1ac-ff9a9c6cd4ba", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "d2ea7294-1a79-46c4-9c98-3f21ca5d342b", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "oidc-usermodel-property-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-full-name-mapper", + "saml-user-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-address-mapper" + ] + } + }, + { + "id": "617bdcd6-39c8-49b8-a241-ecf7ee0ffe15", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-address-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-usermodel-property-mapper" + ] + } + }, + { + "id": "d177fc62-15a6-4970-b409-1f9b4ad1d95e", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "20151b2f-6a3b-49d7-b694-e027fa304b0b", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "a3e8d25a-db91-44d0-bdc7-03dccf1f4a67", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "e725ab57-4a8d-4156-87e1-c145f69a3f2a", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "5e77c53b-ea13-4dc4-ae28-a95ab15edc6c", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "en" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "15a447e2-a051-498e-b076-15c48f46b230", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "1bd3c6e5-7a4e-4b85-8122-fb07f0b3432c", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "02fd86a7-3767-44a8-9cb2-6d504089ec32", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "f1b3dea0-c3ff-4eb6-a0fb-8030a440858e", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "0dc8c123-7a0b-4db4-870d-0a089520c015", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "44ff7895-05fe-4006-b1bb-1b28dc4b9208", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "157e7cb5-dbf8-40bb-a7a5-16368a714550", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b2beeb45-3bbe-45d7-862b-5b681d1ed41d", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ee667b0e-a2cf-459c-9e1a-9241f26ad873", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "eacd2dbb-67ec-4767-9f4a-9cc9615d0332", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "9ddfd5fe-307b-495d-a7d2-7efa6aa87957", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "0d8e578f-4ccb-4c71-b296-06f41f501930", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "98d66eff-950c-4fb9-9ce2-0679a8e8c6ee", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "d93823ce-1beb-4348-bf38-2bb7b31e7da4", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7fd510f0-1724-4be3-a885-f6a6f4a2dded", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "2526bb68-b70c-4b0c-98dd-d3afc2c2c268", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7a84d102-5475-4c2a-a09c-6bd79ef8f78b", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ed57a1df-9d30-4848-8038-5b5af7ffa91c", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "cf9568e5-2f11-4171-807e-acae93448fa2", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "ee22ee5b-a7b7-42c2-9b4f-059a3af99bce", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "0e1fdf7b-5ae7-428d-8d1d-3f0c2ecc3fe8", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "2ead2ee1-9c0a-4ac3-b794-b389026366be", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/stable/Service-Provider-realm.json b/import/realm-config/consortia/catenax-shared/stable/Service-Provider-realm.json new file mode 100644 index 00000000..9e98717b --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/stable/Service-Provider-realm.json @@ -0,0 +1,2159 @@ +{ + "id": "Service-Provider", + "realm": "Service-Provider", + "displayName": "Service-Provider", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 300, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 5, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": true, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 10, + "roles": { + "realm": [ + { + "id": "fa4020a7-cc46-44c4-9bab-4b28c3a74ade", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "Service-Provider", + "attributes": {} + }, + { + "id": "c413af07-9ca0-440d-8dc9-cf341b9a85c2", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "Service-Provider", + "attributes": {} + }, + { + "id": "bf44d46c-5aac-464b-bd81-5047b3fba34e", + "name": "default-roles-service-provider", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "view-profile", + "manage-account" + ] + } + }, + "clientRole": false, + "containerId": "Service-Provider", + "attributes": {} + } + ], + "client": { + "central-idp": [], + "realm-management": [ + { + "id": "1212c16d-22e9-41bc-acd2-7e80e6b7d391", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "7421d671-2914-4a32-80d7-f814b9677ad3", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "de22749d-b9b0-413a-a21c-fa5adc74161b", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "ea4051ca-ee8b-455f-9f22-5333d7daa9ed", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "bdd92049-607e-4bcb-a57f-1b263c7a90ea", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "80064cae-48db-4773-affa-3add0ca939e0", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "d2620813-1788-453b-a2ae-48f8a0ca54a1", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "2e7aa55e-f6c9-4310-9623-9c3f752bb9b3", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "368edd46-8ad1-4b44-aec6-35c9b8ba2600", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "2caedb06-e17b-49c5-85d8-ecedc6bea3b6", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "ee872b12-5cf4-44b3-915f-b8936eafce0f", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "6372d6d9-4fae-4a5a-a07b-0063968a2de7", + "name": "realm-admin", + "description": "${role_realm-admin}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-users", + "view-events", + "query-groups", + "query-clients", + "view-users", + "query-realms", + "manage-identity-providers", + "manage-users", + "view-authorization", + "manage-events", + "manage-realm", + "view-identity-providers", + "manage-authorization", + "manage-clients", + "view-clients", + "view-realm", + "create-client", + "impersonation" + ] + } + }, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "a302263b-e927-456d-9e85-f1acfc3e3296", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "6de5b661-57cc-420a-bcde-79eb721a2ee8", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "c316b578-37a5-408c-b243-fcc80daab505", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "6f2cbe7e-4933-4d6b-8739-aacf9d29a14e", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "c6064978-258f-4a15-b0d7-74a0949ae44a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "5a4667ee-adc5-4adf-80eb-3d6084132bbe", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + }, + { + "id": "e7b680e7-b912-4a1e-93e0-c73257ac5042", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "attributes": {} + } + ], + "security-admin-console": [], + "admin-cli": [], + "account-console": [], + "broker": [ + { + "id": "d1564bb2-cf32-4be8-95f8-711585ed0f0e", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "a0c977ef-edf0-4bf4-b401-28bda4f256a0", + "attributes": {} + } + ], + "account": [ + { + "id": "cd45653b-8d56-4556-94b7-7be0fbf86dd7", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "6ba1ce93-cc11-41f4-8c4f-a3c09ab7ed1c", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "6a0f3642-15c9-4da0-9623-5cbcdb3a0d05", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "0c15220b-0606-4529-ae65-4535c86dd468", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "9f5eaf3f-5fb7-489f-a8cd-60195336112b", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "6196a976-76ed-46fc-b950-0430c3a59fae", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + }, + { + "id": "45832e00-45e7-47e1-8b28-0a8278a3af74", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "attributes": {} + } + ] + } + }, + "groups": [], + "defaultRole": { + "id": "bf44d46c-5aac-464b-bd81-5047b3fba34e", + "name": "default-roles-service-provider", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "Service-Provider" + }, + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "length(15) and forceExpiredPasswordChange(90) and lowerCase(1) and digits(1) and notUsername(undefined) and notEmail(undefined)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "581e8354-6cfa-4f61-a6dc-db93a03bb0fd", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Service-Provider/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Service-Provider/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "e942b741-73d7-4a3c-a204-4e44b481ee70", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/Service-Provider/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/Service-Provider/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "e5781e73-e7c1-4144-8067-f41e9259af14", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "1cae7582-f1cc-4ec0-a4e3-2d50c9382fdc", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "a0c977ef-edf0-4bf4-b401-28bda4f256a0", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "07db7625-60cc-4704-b84f-18b6fd9ba811", + "clientId": "central-idp", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-jwt", + "secret": "**********", + "redirectUris": [ + "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/broker/Service-Provider/endpoint/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "token.endpoint.auth.signing.alg": "RS256", + "use.jwks.url": "true", + "backchannel.logout.session.required": "true", + "jwks.url": "https://centralidp.stable.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "80e6f42d-3f57-4bde-89c2-3ee0f3fce28a", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "df0a36b0-2a66-451e-8273-089eaf1dd2b6", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/Service-Provider/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/Service-Provider/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "e7a5fda8-b151-401e-93eb-33cceb81ca3d", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + } + ], + "clientScopes": [ + { + "id": "2faf075e-6dce-4c49-8f3e-eb5c082cb7a8", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "d4cf687c-2dcd-41a0-b793-a061274c5b6e", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "8427b87c-ff51-4150-9b6a-d78622218280", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "da597a68-7b86-4fe8-9a91-1cae27b6f57f", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "cd088762-67ba-4eda-bd5a-c84907750856", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "651e6c53-5f37-4616-b574-aadc44d34cd0", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "31ddbe29-3d2a-410a-8ce0-03f5f72ba835", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "95fd3d6b-570b-436f-9fb1-2cdfc758b6a4", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "2d683944-8331-436f-9015-ce0bd99c844b", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "ec2cb722-f909-4e9a-894f-84df70148922", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "b3f368ca-3ce1-4b7d-87d2-27f0f9241d2b", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "96c37824-44cc-4abd-9ae4-04d34632cde6", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "b45ac659-6593-4cd1-ad0d-3c06c8da1356", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "38dc1bda-db44-48ad-af02-f5f58ba119c1", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "3c738eb9-b2d1-44c1-a2b9-d5744be292b5", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "771399c7-d709-4669-b81d-b39d10045d6c", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "1098383f-ffb5-4c89-b096-6e898054a30a", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "2dcdf1d9-5079-4a22-b54a-04c848d55e24", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "d59cd4f6-6952-4ba4-809f-7b99dec6351a", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "2541c474-b659-4bfe-a6ef-19ce6efdccf8", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "6949b585-218f-42bc-bdc9-c9da6dbfbf0d", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "44e7ac4d-59b4-4c30-bade-823e32e9e9c3", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "e63b9221-d292-4ddd-87ff-b30b3dc2ad96", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "13344acd-5f3b-443d-a810-9e1a32a98fa4", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "80c2f409-d184-4b84-8034-457217c2cf04", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "dbad2185-2ecc-4385-b7c4-dbb877ad18c7", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "e9361d86-440b-4e55-bb5f-fa4a206916b8", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "17cc8c76-595a-4f88-8013-19bf2c2e8feb", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "ea4b3be6-4594-422d-b556-3f660a74a55e", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "5449ecba-fab5-4aea-8b8a-624ef4d0a494", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "1fea6f1c-d850-4e3a-8040-31600e34c1a1", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "c2ce1d88-0ded-4517-8a99-e09a9677f0a8", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "a972e5df-b5f0-42e9-bfe8-ccc8a873ca04", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "a128ec05-48fc-4334-bf1c-8a584cdc966a", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "dab45081-9f84-4336-9e83-df6ba08763ae", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "auth": "true", + "port": "587", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "c73ebf22-7caf-4395-bc27-b4cab94ce31e", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "5012219f-f13c-4519-9ddb-a837d7e47026", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "8b121ec2-8ffa-42a5-8fd3-b8d595a0cdd0", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "13bb9e0d-1bb9-470c-b64f-fb070afca264", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "ae3470ba-755c-47e0-a396-2b2108547a75", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-user-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-role-list-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper" + ] + } + }, + { + "id": "7b74c4d9-f31d-4971-828f-d95333f8a8e1", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "b89c0247-12e5-4e55-9d6d-ef647fc373a2", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "dd81b671-39c3-4de1-b56b-2baea35697d5", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-usermodel-property-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-property-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper" + ] + } + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "2436d207-680a-4cac-9676-4e81df7594bc", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "01570277-a4dd-4096-b791-bac6bb07e099", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "1c67e421-e33d-4e75-b964-3246e1c11cc7", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "dd74f38e-ff26-45bf-a680-50397a50846f", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "fc5a3525-9e89-4dee-a9fc-2370225e07f7", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "eb6e8a89-1d17-4450-a8d7-78c6f21a4073", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b3437843-3921-4d8f-a417-2520055a0037", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "8dfeacbe-4c1e-466d-b3eb-f64d6b63f9d7", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "451ecf62-cbd1-41a8-b14f-cea0f20d6d99", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "2e9a6da0-ac3d-469c-b0c7-b4c34d998738", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "23d88e58-7be4-4110-ae47-68f92a5cad55", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "42be9b7a-990f-4eeb-9c26-f95c9ab5312a", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "93cc43b6-958d-4a61-aa03-af32112b9b2e", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "073e38e5-32cd-46f1-9330-580024ffa42d", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "f0cf5a31-a8d5-49ea-b0af-7064843b4849", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "8a1dc7f5-1729-46df-82e2-190ff9c9247a", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "661fc7af-4d71-40e3-b1e1-d17223d826db", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "2a252836-b6c5-4a2d-8aa6-3153c4fcbe13", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "7a09f065-1ae6-4926-a7f3-aa736926def5", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "b38b593b-bb79-483a-9b0d-55874010479d", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "aa3c210d-b828-4449-a610-5096b40ce612", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "babad3dd-2d28-4520-b620-d3ed492eadc4", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "0462a9b5-fd75-469e-84c8-5124bdb80e1a", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "8561fc66-d0bc-4b2a-91c8-d197017f0f7f", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "0b2cf9c9-6f4a-4583-bb43-b1856f1e54eb", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "cee6d341-3c7f-4936-932d-7250ad835d93", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "5", + "clientSessionIdleTimeout": "0", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file diff --git a/import/realm-config/consortia/catenax-shared/stable/master-realm.json b/import/realm-config/consortia/catenax-shared/stable/master-realm.json new file mode 100644 index 00000000..0f1a5a34 --- /dev/null +++ b/import/realm-config/consortia/catenax-shared/stable/master-realm.json @@ -0,0 +1,4985 @@ +{ + "id": "master", + "realm": "master", + "displayName": "DEV Shared Identity Provider", + "displayNameHtml": "
Keycloak
", + "notBefore": 0, + "defaultSignatureAlgorithm": "RS256", + "revokeRefreshToken": false, + "refreshTokenMaxReuse": 0, + "accessTokenLifespan": 60, + "accessTokenLifespanForImplicitFlow": 900, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 36000, + "ssoSessionIdleTimeoutRememberMe": 0, + "ssoSessionMaxLifespanRememberMe": 0, + "offlineSessionIdleTimeout": 2592000, + "offlineSessionMaxLifespanEnabled": false, + "offlineSessionMaxLifespan": 5184000, + "clientSessionIdleTimeout": 0, + "clientSessionMaxLifespan": 0, + "clientOfflineSessionIdleTimeout": 0, + "clientOfflineSessionMaxLifespan": 0, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "oauth2DeviceCodeLifespan": 600, + "oauth2DevicePollingInterval": 600, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": false, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": false, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "00d3332e-7a24-4b78-80c4-f2c763ea006a", + "name": "cx-admin", + "description": "Catena-X Admin\n- used for partner invite", + "composite": true, + "composites": { + "realm": [ + "create-realm" + ], + "client": { + "master-realm": [ + "manage-clients", + "manage-users", + "manage-realm" + ] + } + }, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "33990584-d02c-4459-8e50-e71c36bbd286", + "name": "default-roles-master", + "description": "${role_default-roles}", + "composite": true, + "composites": { + "realm": [ + "offline_access", + "uma_authorization" + ], + "client": { + "account": [ + "manage-account", + "view-profile" + ] + } + }, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "4a156096-0057-47df-a606-f76644f5c34f", + "name": "admin", + "description": "${role_admin}", + "composite": true, + "composites": { + "realm": [ + "create-realm" + ], + "client": { + "App-Provider-realm": [ + "manage-identity-providers", + "view-authorization", + "query-groups", + "query-clients", + "view-events", + "manage-clients", + "create-client", + "manage-authorization", + "manage-users", + "manage-realm", + "view-clients", + "manage-events", + "view-identity-providers", + "query-users", + "view-realm", + "view-users", + "impersonation", + "query-realms" + ], + "CX-Test-Access-realm": [ + "manage-realm", + "create-client", + "view-realm", + "view-identity-providers", + "view-events", + "query-groups", + "query-users", + "manage-authorization", + "view-clients", + "query-realms", + "impersonation", + "manage-clients", + "manage-events", + "view-users", + "manage-users", + "view-authorization", + "query-clients", + "manage-identity-providers" + ], + "Company-2-realm": [ + "manage-authorization", + "query-realms", + "impersonation", + "view-authorization", + "view-events", + "view-identity-providers", + "manage-identity-providers", + "manage-clients", + "create-client", + "manage-events", + "view-realm", + "manage-realm", + "query-groups", + "query-users", + "view-users", + "view-clients", + "manage-users", + "query-clients" + ], + "CX-Operator-realm": [ + "manage-authorization", + "query-groups", + "view-users", + "manage-users", + "view-clients", + "manage-clients", + "create-client", + "view-realm", + "impersonation", + "query-clients", + "query-users", + "view-identity-providers", + "manage-identity-providers", + "manage-events", + "view-events", + "manage-realm", + "view-authorization", + "query-realms" + ], + "Security-Company-realm": [ + "query-realms", + "create-client", + "manage-identity-providers", + "view-identity-providers", + "manage-events", + "impersonation", + "manage-realm", + "query-clients", + "manage-authorization", + "view-clients", + "manage-users", + "query-groups", + "view-authorization", + "query-users", + "view-users", + "view-events", + "manage-clients", + "view-realm" + ], + "master-realm": [ + "query-users", + "query-groups", + "create-client", + "impersonation", + "query-clients", + "manage-identity-providers", + "view-authorization", + "view-events", + "manage-events", + "manage-authorization", + "manage-realm", + "view-identity-providers", + "query-realms", + "manage-users", + "view-clients", + "manage-clients", + "view-users", + "view-realm" + ], + "Company-1-realm": [ + "query-groups", + "query-users", + "view-clients", + "impersonation", + "query-clients", + "manage-events", + "manage-realm", + "manage-authorization", + "view-events", + "view-realm", + "manage-clients", + "view-authorization", + "query-realms", + "create-client", + "manage-users", + "view-users", + "view-identity-providers", + "manage-identity-providers" + ], + "Service-Provider-realm": [ + "view-users", + "query-users", + "view-events", + "view-realm", + "impersonation", + "manage-users", + "query-realms", + "view-clients", + "manage-authorization", + "query-clients", + "manage-identity-providers", + "view-authorization", + "manage-events", + "manage-realm", + "view-identity-providers", + "query-groups", + "manage-clients", + "create-client" + ] + } + }, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "0bba2da6-005c-4ded-bf09-671f5cc1e6a0", + "name": "create-realm", + "description": "${role_create-realm}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "e4108209-6e10-4a8a-ad1c-2f9fdd2a92a7", + "name": "offline_access", + "description": "${role_offline-access}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + }, + { + "id": "c67fb695-8c3b-4e4d-83b9-13607c232e9b", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "composite": false, + "clientRole": false, + "containerId": "master", + "attributes": {} + } + ], + "client": { + "saService-Provider": [], + "CX-Operator-realm": [ + { + "id": "013ce7f0-c788-4a82-a631-41ba84097f7f", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "9330bbe7-fc70-46cc-803b-52abfb1f4e2c", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "6cf11fe7-61de-48f4-8838-e384de5892de", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "d2c74cbe-ed9f-4c84-bd46-9c76a43049b0", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "f8e8d48c-03ad-4bd2-ad6b-6c034627c6a7", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "ddc29dcc-d29b-4b87-b592-bee9dd0ff1d7", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "5eee98ad-a283-4418-bec3-20c51ff9704f", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "d8ce081f-2f0c-47e0-8f52-a6e2cdd88f5f", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "9f0a7c15-bc5e-4a92-b6c9-1f55e305a2ac", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "3f40fcea-c033-408e-b48b-82256ee7393c", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "CX-Operator-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "41974713-fd5c-45ff-9ac3-753bc74c65b6", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "246730b0-406d-4c40-9d5f-513f9881d43f", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "6ea05980-fc04-48b4-b5f9-cd5670407992", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "961b7bc5-b100-4905-b0c5-8d8509fcacc0", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "123094e6-257b-4628-ada7-412b06b7d25b", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "5253ff75-4e36-4423-bc23-5f482a354d3f", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "f254a28f-13c1-46ac-8a40-f0cb85b743b7", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "CX-Operator-realm": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + }, + { + "id": "0ade4dd7-4f7c-4d5c-a6b3-a9099436db74", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "64acfb98-b4e9-42da-936f-815848d841c5", + "attributes": {} + } + ], + "security-admin-console": [], + "account-console": [], + "broker": [ + { + "id": "af71a761-9a75-41ff-a6ee-c77e72f595db", + "name": "read-token", + "description": "${role_read-token}", + "composite": false, + "clientRole": true, + "containerId": "d8fbcdf8-75f5-4066-8a3e-646335c66435", + "attributes": {} + } + ], + "master-realm": [ + { + "id": "a20a1fb2-d04d-4346-8489-8d2485d11127", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "4fb77de6-a224-4dd9-8be6-c7c75aa7ea84", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "46d4a01d-56b7-4b5b-a623-358f5a5ad341", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "88892c66-831f-4606-ae14-bb53eab7cf2e", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "d4bcfbb7-d5df-4162-bc9d-ce29268b2034", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "d8a10613-a444-4807-941c-8f96738a25d9", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "87da293a-6386-4115-a829-d98d15e0f061", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "b91789fa-33a0-4eac-9ff2-b1e4c20141e5", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "master-realm": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "ca4523e1-fc8d-4fe3-acff-415dca8969f9", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "d0e98072-144d-45c4-91bb-b91f8816dcb2", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "master-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "2f3d396e-6741-49af-858a-e2c13b6a6267", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "f73ca8b5-06eb-4422-b488-1d1c5ad3fd3e", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "6b7bb957-3a9a-497d-9fef-ca7c0c841539", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "ad26c837-0a2c-4c7e-bf26-9d862409cd9d", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "7e01d1cd-a8d2-4dfb-b8a9-072aedbab4d6", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "9de47466-4370-4375-b2ec-ba9d07e76ca3", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "ed3cf7ba-92dc-43cd-9763-00f2dfbefc6a", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + }, + { + "id": "793c4ee8-7d58-4a9c-9c7e-8f6e3fafa7ad", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "attributes": {} + } + ], + "Company-1-realm": [ + { + "id": "e795aac8-ac54-47c8-ae5a-2a5543dc3114", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "a1b5f575-e4dc-4f38-8cc1-74fda26d7394", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "9dda9fbd-4a5f-4c6e-ab50-788df00105bc", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "f7bc19eb-807f-4ef6-b9e9-df9587324e3b", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "3830fbbc-2eaa-4f33-9e67-6c37ec716319", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "1dd674ef-3289-40cc-91dd-353a9c01af7b", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "Company-1-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "8a880751-d507-4f38-b169-58cef7241efc", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "d7ba10c1-1cec-4941-9309-a937563b72de", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "397ff4ec-1b09-4694-b052-ae0ae0a763cf", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "ac205a93-fa02-4f99-b5fd-601a371214f8", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "19da690a-8654-4d00-a743-cd975bba64e2", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "8e406890-47ae-4aae-bf4e-5d7c10772b15", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "Company-1-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "86683ec4-558d-47fc-9d75-aa48f6a5b942", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "7148c798-7ff7-4d07-bc6d-11980c09fc5f", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "f459b98a-df84-4f36-aba7-6a33da16b53c", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "f574a2de-4bee-4f89-9e6d-e984f827920b", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "519d90e9-09a3-44e3-8b6c-2e84ec99f395", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + }, + { + "id": "d091d7de-1a28-436c-ab91-cb8026cced0f", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "attributes": {} + } + ], + "Service-Provider-realm": [ + { + "id": "a8f1b415-c048-4b0f-bff9-72006514acdf", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "Service-Provider-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "3ab35e81-071a-47a5-8beb-3e4fabb9c290", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "Service-Provider-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "36e22139-4e8c-457e-bf7d-f10254fb147d", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "b1dd521d-4791-480d-a889-d49d23d367a5", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "c572e6b3-e1a1-4e2a-8ba4-4b43fcef4f77", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "d7126a97-57d3-4840-9132-efcbbe96f0c7", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "5512a1ea-ba60-44a7-9914-65116330204a", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "d064a52c-ef0b-401a-9eeb-54ad10a19c25", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "327d3de4-f132-4036-af4c-bdb43534d949", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "964d3dbb-4a6f-427d-81d4-5804b84484f0", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "2e777937-594c-4248-b56e-40e1800d1cc1", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "5e7c3975-abdb-40ea-b8a7-d39cdc3158f9", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "3b378667-6a0a-464a-9fcd-eec3a082c78a", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "d355b9a2-b747-4c74-bb4c-b2638377ba17", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "a62e03fc-54af-48b0-88c7-f227423866d2", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "e3d995f0-b6d3-4d3c-9b9f-6078dd44ce37", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "a580c5d9-03c4-42d4-9903-4dbe0f0de7de", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + }, + { + "id": "41db4048-09cf-4ec8-b0d6-fac47bc954eb", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "attributes": {} + } + ], + "App-Provider-realm": [ + { + "id": "f1d51e8f-3f52-4790-b678-0448e1d476af", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "0476e809-be64-48e2-b84b-59ddcbafeb78", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "78b363d9-f62d-43b4-9e83-f455cfc2977c", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "a73abcc0-e7e8-4f2c-af1b-2fc4ddd435a0", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "App-Provider-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "dfcb34d4-8b5a-4d46-ab00-f130d6816d26", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "66c5ec6c-e70a-4727-8e5a-41021f4f4f01", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "6617263e-029e-4450-ac0d-cc682100af34", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "App-Provider-realm": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "236d830d-1543-42c0-b87a-b02940d4ccad", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "bd4a8462-5048-4afb-8756-33714ed54f72", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "ac10393e-fcd0-4624-992d-648168223d57", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "0da5af9e-833c-44e6-9322-eec30b54d783", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "85227314-d7e3-41bb-b302-3eac01323f0a", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "eefd123e-b0d6-44e7-91ee-9b3bac4ed33b", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "fcf67320-9cd2-483c-94a9-7e5efe0761f0", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "40f6a84d-e476-49dd-b032-40b030e915ff", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "960df3b9-09c7-40ba-b759-c015d9de4377", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "95d6203b-e89a-47e4-b156-56ad65ffbc5e", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + }, + { + "id": "c71b0804-96ad-4925-929c-6383f08d4591", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "bdfe8696-2b0d-460c-8281-04e52182a190", + "attributes": {} + } + ], + "Company-2-realm": [ + { + "id": "e0b096da-d5e6-4e67-b1cd-9c515475ce9e", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "dcfa3288-1423-4be1-a254-bee9e8fea521", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "d673333d-9214-45e9-b04a-208f4e1af532", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "6b6304e8-20eb-4d28-80c7-d03c9385e680", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "667a6c72-ba3c-47ad-8ff5-6127e448594e", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "Company-2-realm": [ + "query-users", + "query-groups" + ] + } + }, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "366902d2-2174-4054-b045-06257c934338", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "aea92bf9-6cdd-4258-8064-f96e2bc9ea9b", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "be016ec3-7867-4844-8e67-04e4c342a484", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "15e5c8c5-4f7e-42c4-a2bd-2f3a4e83b22c", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "7a4b9e0c-cb03-49e7-8551-b4ffb1e59f3b", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "7b24f1e5-94c7-4118-8271-beebc2f9ea9e", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "2cf006a0-47a7-4273-b9d6-3f636dfe1ebc", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "9d2ee03e-a066-440a-a066-2a14eca8ed26", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "b73e1cd2-9890-4665-a804-8c6d5480105c", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "ee3bfd34-1d50-49e5-bdfa-acc7dc834fd0", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "Company-2-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "6bcb51ed-41bf-4d8c-a653-cbccdede68d3", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "9d43f379-f1f3-4618-86b4-9768517e8119", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + }, + { + "id": "123407ce-b27a-4fbb-bd8b-cc11f5f64dc7", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "attributes": {} + } + ], + "CX-Test-Access-realm": [ + { + "id": "60dd7daf-7330-4be9-bf9d-d1a79f4d7f2c", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "8dbf1242-6c6c-4e18-96f8-0539491f7d29", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "b7fc150e-7264-4a07-ab08-c403fc43936d", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "c4498895-6b99-4a7d-a0ea-c3fb3cafbde0", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "9e7991cd-334a-4d5c-9fb5-2f3769380145", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "a4efd8df-ed4b-4c4d-868f-0540d8460330", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "3a0d8cc8-8c07-40ba-ba85-69818ceaaaac", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "c20589f9-e397-47cb-a453-ac2dcfc983a4", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "CX-Test-Access-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "5bc5878f-86eb-42a6-beb9-2b64c65b75c5", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "7c50d3ea-f464-4547-8cef-85e6f52cf33e", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "ad631b5f-af22-41e5-8436-97ea0fa269c0", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "8872fb8f-347a-4e49-b010-e7c7836222f6", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "c28a9bab-7efc-4069-9be2-3d6ec5108447", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "70c51e96-f12e-4f74-bcd8-bb971f65ff45", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "54ed008c-b560-4719-b1fa-cdfa3c673dc9", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "ef9fb258-409b-4c22-ad66-7796f3774c5a", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "edd4e1a5-d471-4443-ba84-c3fdea98cdf0", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + }, + { + "id": "b851b34b-5043-4eb2-8534-3b36b8e471c0", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "CX-Test-Access-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "attributes": {} + } + ], + "sa-cl1-reg-1": [], + "saCompany-2": [], + "Security-Company-realm": [ + { + "id": "8e53cf29-6c1d-44f5-8546-52bcf1915da3", + "name": "view-authorization", + "description": "${role_view-authorization}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "c9534884-6ddb-4204-95fc-8d2218a61ed5", + "name": "manage-clients", + "description": "${role_manage-clients}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "f739cd50-8f4a-410a-bce9-fb0e67c88166", + "name": "view-clients", + "description": "${role_view-clients}", + "composite": true, + "composites": { + "client": { + "Security-Company-realm": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "c8e22644-951f-47c8-873b-475d747a0986", + "name": "view-events", + "description": "${role_view-events}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "c0a78e16-8e62-44e4-9cf3-a5d2a991ebdc", + "name": "query-realms", + "description": "${role_query-realms}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "c9a1b64c-a0c5-4fbf-a30f-9d34f9e7f292", + "name": "impersonation", + "description": "${role_impersonation}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "2b6cea07-f8ca-4561-9726-1f7ba5328752", + "name": "query-users", + "description": "${role_query-users}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "611f5118-f53d-433f-99e4-337c8a8aaff4", + "name": "create-client", + "description": "${role_create-client}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "8223bc3b-01a6-4a45-906b-e9aa6e5a1480", + "name": "query-clients", + "description": "${role_query-clients}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "6179eac2-6487-4f31-8c04-a97d7061791b", + "name": "manage-users", + "description": "${role_manage-users}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "f085daf8-f46a-4cd6-a866-e3c1215cc212", + "name": "manage-realm", + "description": "${role_manage-realm}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "31d56175-3549-48b9-a800-e5eec5ff95c2", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "616d993b-25b8-4dca-85e6-ee5c48d83861", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "a446f21a-5bfa-4d2e-b50e-5f01eec60002", + "name": "view-users", + "description": "${role_view-users}", + "composite": true, + "composites": { + "client": { + "Security-Company-realm": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "1780be21-25b4-47be-805c-ab43be7e7ed8", + "name": "manage-events", + "description": "${role_manage-events}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "374240fe-6aae-4a50-822e-78447e83d269", + "name": "view-realm", + "description": "${role_view-realm}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "79c13b15-d6b0-4777-aecb-1d3fec733695", + "name": "query-groups", + "description": "${role_query-groups}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + }, + { + "id": "f7764034-803d-4f03-8766-2ef6fc0e7728", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "composite": false, + "clientRole": true, + "containerId": "20f50095-760c-425e-a55d-0a8928ed1a73", + "attributes": {} + } + ], + "admin-cli": [], + "saSecurity-Company": [], + "saApp-Provider": [], + "saCX-Test-Access": [], + "account": [ + { + "id": "cf082508-5c71-410d-9c04-22e92208e1d2", + "name": "manage-account", + "description": "${role_manage-account}", + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "1c486d7a-6257-4bf7-8f74-8828a0b63428", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "e0176946-c4b2-4eed-a130-31801dee9e4d", + "name": "view-applications", + "description": "${role_view-applications}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "43e434f2-62a2-477c-8624-ec303b9268aa", + "name": "view-profile", + "description": "${role_view-profile}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "c6ae9e18-f32b-4401-80a8-d3af924ed72d", + "name": "view-consent", + "description": "${role_view-consent}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "af589f31-2daf-4f6c-9b52-acfe2d5df92d", + "name": "delete-account", + "description": "${role_delete-account}", + "composite": false, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + }, + { + "id": "b78fed2a-063e-4563-8f1d-09e68771f872", + "name": "manage-consent", + "description": "${role_manage-consent}", + "composite": true, + "composites": { + "client": { + "account": [ + "view-consent" + ] + } + }, + "clientRole": true, + "containerId": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "attributes": {} + } + ], + "saCompany-1": [], + "saCX-Operator": [] + } + }, + "groups": [], + "defaultRole": { + "id": "33990584-d02c-4459-8e50-e71c36bbd286", + "name": "default-roles-master", + "description": "${role_default-roles}", + "composite": true, + "clientRole": false, + "containerId": "master" + }, + "requiredCredentials": [ + "password" + ], + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "otpSupportedApplications": [ + "FreeOTP", + "Google Authenticator" + ], + "webAuthnPolicyRpEntityName": "keycloak", + "webAuthnPolicySignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyRpId": "", + "webAuthnPolicyAttestationConveyancePreference": "not specified", + "webAuthnPolicyAuthenticatorAttachment": "not specified", + "webAuthnPolicyRequireResidentKey": "not specified", + "webAuthnPolicyUserVerificationRequirement": "not specified", + "webAuthnPolicyCreateTimeout": 0, + "webAuthnPolicyAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyPasswordlessRpEntityName": "keycloak", + "webAuthnPolicyPasswordlessSignatureAlgorithms": [ + "ES256" + ], + "webAuthnPolicyPasswordlessRpId": "", + "webAuthnPolicyPasswordlessAttestationConveyancePreference": "not specified", + "webAuthnPolicyPasswordlessAuthenticatorAttachment": "not specified", + "webAuthnPolicyPasswordlessRequireResidentKey": "not specified", + "webAuthnPolicyPasswordlessUserVerificationRequirement": "not specified", + "webAuthnPolicyPasswordlessCreateTimeout": 0, + "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, + "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "users": [ + { + "id": "b3a88307-e809-4d1e-bf9e-95d272b2ec08", + "createdTimestamp": 1667916400014, + "username": "service-account-saapp-provider", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saApp-Provider", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "App-Provider-realm": [ + "view-events", + "manage-identity-providers", + "manage-authorization", + "view-clients", + "manage-users", + "manage-clients", + "view-users", + "manage-events", + "manage-realm", + "query-realms", + "view-identity-providers", + "view-authorization", + "query-clients", + "query-users", + "view-realm", + "create-client", + "query-groups" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "68139542-dfb7-46ba-86a3-774d6f386c26", + "createdTimestamp": 1651783160914, + "username": "service-account-sa-cl1-reg-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl1-reg-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "cx-admin" + ], + "clientRoles": { + "CX-Test-Access-realm": [ + "query-realms", + "manage-realm", + "manage-clients", + "create-client", + "manage-events", + "view-users", + "view-realm", + "view-identity-providers", + "manage-users", + "view-events", + "query-groups", + "view-authorization", + "query-users", + "manage-authorization", + "query-clients", + "manage-identity-providers", + "view-clients" + ], + "Company-2-realm": [ + "manage-authorization", + "manage-realm", + "query-realms", + "query-groups", + "query-users", + "view-authorization", + "view-users", + "view-events", + "view-identity-providers", + "manage-identity-providers", + "manage-clients", + "view-clients", + "manage-users", + "create-client", + "manage-events", + "query-clients", + "view-realm" + ], + "Company-1-realm": [ + "query-groups", + "query-users", + "view-events", + "view-clients", + "view-realm", + "manage-clients", + "view-authorization", + "query-realms", + "create-client", + "manage-users", + "view-users", + "query-clients", + "view-identity-providers", + "manage-events", + "manage-identity-providers", + "manage-realm", + "manage-authorization" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "f70479f8-d521-4f70-9992-9f43202c94df", + "createdTimestamp": 1662631675780, + "username": "service-account-sacompany-1", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saCompany-1", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "Company-1-realm": [ + "view-events", + "view-identity-providers", + "manage-events", + "query-groups", + "query-realms", + "view-clients", + "view-realm", + "create-client", + "manage-identity-providers", + "manage-users", + "manage-clients", + "view-users", + "query-clients", + "manage-realm", + "manage-authorization", + "query-users", + "view-authorization" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "63d0617c-5f6a-44cf-9a2f-cfed52198966", + "createdTimestamp": 1662636063960, + "username": "service-account-sacompany-2", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saCompany-2", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "Company-2-realm": [ + "query-users", + "create-client", + "view-authorization", + "view-users", + "manage-authorization", + "manage-events", + "view-events", + "query-clients", + "view-identity-providers", + "manage-realm", + "view-realm", + "manage-identity-providers", + "manage-clients", + "view-clients", + "query-realms", + "manage-users", + "query-groups" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "16c63ad1-51dd-4cb2-8d2f-0845ecd63420", + "createdTimestamp": 1667916488132, + "username": "service-account-sacx-operator", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saCX-Operator", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "CX-Operator-realm": [ + "manage-authorization", + "view-identity-providers", + "view-realm", + "query-clients", + "manage-identity-providers", + "view-authorization", + "query-groups", + "manage-users", + "view-clients", + "manage-events", + "query-realms", + "query-users", + "manage-clients", + "view-events", + "view-users", + "manage-realm", + "create-client" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "4902801a-5600-43eb-8208-243d6b0510f2", + "createdTimestamp": 1662631616981, + "username": "service-account-sacx-test-access", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saCX-Test-Access", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "CX-Test-Access-realm": [ + "query-realms", + "create-client", + "manage-users", + "manage-realm", + "view-authorization", + "manage-events", + "query-users", + "view-users", + "view-events", + "view-realm", + "query-groups", + "manage-authorization", + "query-clients", + "view-identity-providers", + "manage-identity-providers", + "manage-clients", + "view-clients" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "d9df3479-5dc3-4a90-b241-414bce6368bc", + "createdTimestamp": 1667904120416, + "username": "service-account-sasecurity-company", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saSecurity-Company", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master" + ], + "clientRoles": { + "Security-Company-realm": [ + "view-authorization", + "manage-clients", + "view-clients", + "view-events", + "query-realms", + "query-users", + "create-client", + "query-clients", + "manage-users", + "manage-realm", + "manage-identity-providers", + "view-identity-providers", + "view-users", + "manage-events", + "view-realm", + "query-groups", + "manage-authorization" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "dab91af3-d47a-4995-acfe-5afd144791e8", + "createdTimestamp": 1667916201244, + "username": "service-account-saservice-provider", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "saService-Provider", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-master", + "create-realm" + ], + "clientRoles": { + "Service-Provider-realm": [ + "view-users", + "view-clients", + "view-identity-providers", + "view-authorization", + "manage-clients", + "view-realm", + "query-users", + "manage-identity-providers", + "query-groups", + "manage-authorization", + "manage-users", + "manage-events", + "create-client", + "manage-realm", + "query-clients", + "view-events", + "query-realms" + ] + }, + "notBefore": 0, + "groups": [] + } + ], + "scopeMappings": [ + { + "clientScope": "offline_access", + "roles": [ + "offline_access" + ] + } + ], + "clientScopeMappings": { + "account": [ + { + "client": "account-console", + "roles": [ + "manage-account" + ] + } + ] + }, + "clients": [ + { + "id": "a1983134-1fff-4e2f-ab64-dcfd20268f9a", + "clientId": "account", + "name": "${client_account}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/master/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/master/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "ae3d7f21-5fe2-4a4e-aceb-c2d787da96e2", + "clientId": "account-console", + "name": "${client_account-console}", + "rootUrl": "${authBaseUrl}", + "baseUrl": "/realms/master/account/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/realms/master/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "b4e9445d-2c6d-4911-b959-e081b164bf9b", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "f44bc41d-754a-4ae6-96b4-66dbaa4da64e", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "bdfe8696-2b0d-460c-8281-04e52182a190", + "clientId": "App-Provider-realm", + "name": "App-Provider Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "d8fbcdf8-75f5-4066-8a3e-646335c66435", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "88609482-1a1c-49af-8e1e-3f033f7b9c5a", + "clientId": "Company-1-realm", + "name": "Company 1 Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "1826ae1d-b8cc-44d8-9971-c0d72b13eef3", + "clientId": "Company-2-realm", + "name": "Company-2 Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "64acfb98-b4e9-42da-936f-815848d841c5", + "clientId": "CX-Operator-realm", + "name": "CX-Operator Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "66092dd8-7c1b-43a0-80f6-b37c36f38ea1", + "clientId": "CX-Test-Access-realm", + "name": "CX-Test-Access Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "8d85399b-1ab9-470e-9c90-fe147d4a2b69", + "clientId": "master-realm", + "name": "master Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "d430cf93-c417-4e30-882c-0b1533093b90", + "clientId": "saApp-Provider", + "name": "saApp-Provider", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ba028d33-16aa-4138-997f-1ea356c6ae9b", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "9b803677-df6d-458c-98de-873d210150be", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "39a9ee05-f8d3-4ee7-8e0f-b4f135407a3d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "378c7cad-c6dc-49db-b3dd-fea6d9365edb", + "clientId": "sa-cl1-reg-1", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.shared.clientId)", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ae96ff8d-954f-4477-a287-aa8526abd333", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "9579b4d3-2acf-4e56-a39a-04d6f6b368aa", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b297c502-919d-4300-95f7-a05f77530160", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "3901aec4-9ce4-4f0e-902e-49a37dccb750", + "clientId": "saCompany-1", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "fa1d8be5-58fc-4b68-a28e-a1746e93a95a", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "ccbffd3f-8c5d-41e4-8a83-736043c1299e", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "a5196457-7045-494a-86bf-c484f5e17352", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "70c63755-4273-40e2-8278-c2b3111947e8", + "clientId": "saCompany-2", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "017c90c7-a5ea-4c65-9024-32bc5a35c698", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "2b6b1b40-d6c1-40a6-b10f-d2e673f5b7cd", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "c91bfb29-4aab-4ef8-bb9c-c9f7487ef69b", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "22dcd29e-f435-4662-98db-5a9b35d1109e", + "clientId": "saCX-Operator", + "name": "saCX-Operator", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ed69a2eb-aa9c-4fb4-9923-db99100accf8", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "132b1ccb-7448-4b74-bf5f-9ebc412ff2e1", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "a5678011-108c-4c90-ba38-2c07a32abcd9", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "4959df64-e4b4-4266-a6d2-ec50fea948f1", + "clientId": "saCX-Test-Access", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "f1b81bc5-e71c-4f75-9ffb-4d0274f2e422", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "73de9de3-4d98-459a-8248-6cd83c6e6ec3", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "abf2c37d-73a1-4279-853b-8394bf79b9aa", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "343e2607-4150-49e4-89c7-d378e6a3104d", + "clientId": "saSecurity-Company", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "id.token.as.detached.signature": "false", + "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", + "saml.encrypt": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "a6915977-973d-44d0-8586-7ab78f3ad8ec", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "c02d0e86-e92b-4812-990f-20b07364cf5d", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "32400226-7944-46d2-b124-1073ead99986", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "b6cbc5a4-93df-470d-abc0-c476e82685e9", + "clientId": "saService-Provider", + "name": "saService-Provider", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [ + "https://null" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "9b15fcda-2d9a-4d24-b4df-e278c5fdcdc0", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientId", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientId", + "jsonType.label": "String" + } + }, + { + "id": "22a00c4d-f63f-4cd2-a6b1-27d436b8003a", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "13ef52b0-6517-41c7-8cfe-c82d9fa831d0", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "dbfbfd57-b92a-4ce1-9b00-aa4a0ba7d616", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "rootUrl": "${authAdminUrl}", + "baseUrl": "/admin/master/console/", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/admin/master/console/*" + ], + "webOrigins": [ + "+" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "pkce.code.challenge.method": "S256" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "a43fc1aa-bea4-44ab-af81-fca46bd17c16", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "profile", + "roles", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "20f50095-760c-425e-a55d-0a8928ed1a73", + "clientId": "Security-Company-realm", + "name": "Security-Company Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + }, + { + "id": "644662f9-26c3-4659-bc2e-44c5717aa9a4", + "clientId": "Service-Provider-realm", + "name": "Service-Provider Realm", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "defaultClientScopes": [], + "optionalClientScopes": [] + } + ], + "clientScopes": [ + { + "id": "ddf08713-aa3b-42f5-ba5f-eaa38ce9b45d", + "name": "phone", + "description": "OpenID Connect built-in scope: phone", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${phoneScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "d09c784b-c13f-4f0e-8f63-5893b19a6ee5", + "name": "phone number verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumberVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "93cc264c-f041-4000-a057-86ed3bec9bae", + "name": "phone number", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "phoneNumber", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "phone_number", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "97d5e593-ae0b-4107-ae85-71feffeb2328", + "name": "profile", + "description": "OpenID Connect built-in scope: profile", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${profileScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "653a4a7f-fa55-4762-8f80-97b0c70c0fb1", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": false, + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "6ddf096b-ab83-4e07-92de-1af9450981d6", + "name": "middle name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "middleName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "middle_name", + "jsonType.label": "String" + } + }, + { + "id": "582ce909-19cc-47ac-983b-b160c1033aac", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "a5a0ca1e-72ed-427c-aeaf-264561a902dc", + "name": "profile", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "profile", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "profile", + "jsonType.label": "String" + } + }, + { + "id": "13e09171-a147-4279-aa95-00f24ca40209", + "name": "picture", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "picture", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "picture", + "jsonType.label": "String" + } + }, + { + "id": "ce567836-1d68-477e-a369-faac9988f5d5", + "name": "gender", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "gender", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "gender", + "jsonType.label": "String" + } + }, + { + "id": "7fac83c8-8542-4e58-ac0a-8cd2f35a14e2", + "name": "birthdate", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "birthdate", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "birthdate", + "jsonType.label": "String" + } + }, + { + "id": "563b1f24-7a17-45d5-9e9b-ec02f55f29ac", + "name": "updated at", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "updatedAt", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "updated_at", + "jsonType.label": "String" + } + }, + { + "id": "ddf6bfd2-162a-4148-82e8-bfcc972d38d9", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "63b37003-4667-4204-ba10-82bd805eedbd", + "name": "website", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "website", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "website", + "jsonType.label": "String" + } + }, + { + "id": "43168770-1852-4bd3-a001-ecb8f43e2d01", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "4f43d257-bcd4-424b-ac4c-7ed6106bda7b", + "name": "nickname", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "nickname", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "nickname", + "jsonType.label": "String" + } + }, + { + "id": "bcfd9120-456b-4e56-bb19-8412b3bb8e65", + "name": "zoneinfo", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "zoneinfo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "zoneinfo", + "jsonType.label": "String" + } + }, + { + "id": "248c6b5b-6c56-47c4-8e3e-78d0f1c4b354", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "a3a199ea-9bf8-4650-a94e-ca76e033ecfb", + "name": "email", + "description": "OpenID Connect built-in scope: email", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${emailScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "5e823a7c-6cfe-44c6-8f9a-46f04f9c81a8", + "name": "email verified", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "emailVerified", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email_verified", + "jsonType.label": "boolean" + } + }, + { + "id": "e8260072-8d11-40ff-8e4a-173cb34ce149", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ] + }, + { + "id": "6d17b7a8-1436-4b95-b728-43fb616c9206", + "name": "role_list", + "description": "SAML role list", + "protocol": "saml", + "attributes": { + "consent.screen.text": "${samlRoleListScopeConsentText}", + "display.on.consent.screen": "true" + }, + "protocolMappers": [ + { + "id": "0935b850-6bb3-48df-8569-48559e133cac", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + } + ] + }, + { + "id": "6a998c2f-6cbd-404c-99d5-18cc0fbc1b69", + "name": "roles", + "description": "OpenID Connect scope for add user roles to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "true", + "consent.screen.text": "${rolesScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "e1ea2afa-d72e-491a-b0d7-570dad902381", + "name": "audience resolve", + "protocol": "openid-connect", + "protocolMapper": "oidc-audience-resolve-mapper", + "consentRequired": false, + "config": {} + }, + { + "id": "9ce88d9e-4509-4c33-8839-aea32dec751b", + "name": "realm roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "realm_access.roles", + "jsonType.label": "String", + "multivalued": "true" + } + }, + { + "id": "24569b37-2897-4fe3-b57c-4c9f30260a24", + "name": "client roles", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-client-role-mapper", + "consentRequired": false, + "config": { + "user.attribute": "foo", + "access.token.claim": "true", + "claim.name": "resource_access.${client_id}.roles", + "jsonType.label": "String", + "multivalued": "true" + } + } + ] + }, + { + "id": "fb833196-4695-4980-9773-d701170d8df6", + "name": "web-origins", + "description": "OpenID Connect scope for add allowed web origins to the access token", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "false", + "display.on.consent.screen": "false", + "consent.screen.text": "" + }, + "protocolMappers": [ + { + "id": "b2381aa1-9ccc-4eca-af18-d144a265c6e9", + "name": "allowed web origins", + "protocol": "openid-connect", + "protocolMapper": "oidc-allowed-origins-mapper", + "consentRequired": false, + "config": {} + } + ] + }, + { + "id": "095a37c3-0e99-41ac-98fc-0be41134a718", + "name": "offline_access", + "description": "OpenID Connect built-in scope: offline_access", + "protocol": "openid-connect", + "attributes": { + "consent.screen.text": "${offlineAccessScopeConsentText}", + "display.on.consent.screen": "true" + } + }, + { + "id": "440d4070-c9c0-4ddc-8b9c-f75b13c6bf73", + "name": "address", + "description": "OpenID Connect built-in scope: address", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "true", + "consent.screen.text": "${addressScopeConsentText}" + }, + "protocolMappers": [ + { + "id": "e23fb472-ae87-45b9-9bfe-902c705202d6", + "name": "address", + "protocol": "openid-connect", + "protocolMapper": "oidc-address-mapper", + "consentRequired": false, + "config": { + "user.attribute.formatted": "formatted", + "user.attribute.country": "country", + "user.attribute.postal_code": "postal_code", + "userinfo.token.claim": "true", + "user.attribute.street": "street", + "id.token.claim": "true", + "user.attribute.region": "region", + "access.token.claim": "true", + "user.attribute.locality": "locality" + } + } + ] + }, + { + "id": "c05c8d76-8345-4f32-aef0-0f9074deeea3", + "name": "microprofile-jwt", + "description": "Microprofile - JWT built-in scope", + "protocol": "openid-connect", + "attributes": { + "include.in.token.scope": "true", + "display.on.consent.screen": "false" + }, + "protocolMappers": [ + { + "id": "64575817-79e6-4ce4-97f2-d98d84ed85aa", + "name": "upn", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": false, + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "upn", + "jsonType.label": "String" + } + }, + { + "id": "24e7717d-ef9a-462b-8153-812155508de6", + "name": "groups", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-realm-role-mapper", + "consentRequired": false, + "config": { + "multivalued": "true", + "userinfo.token.claim": "true", + "user.attribute": "foo", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "groups", + "jsonType.label": "String" + } + } + ] + } + ], + "defaultDefaultClientScopes": [ + "role_list", + "profile", + "email", + "roles", + "web-origins" + ], + "defaultOptionalClientScopes": [ + "offline_access", + "address", + "phone", + "microprofile-jwt" + ], + "browserSecurityHeaders": { + "contentSecurityPolicyReportOnly": "", + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';", + "xXSSProtection": "1; mode=block", + "strictTransportSecurity": "max-age=31536000; includeSubDomains" + }, + "smtpServer": { + "password": "**********", + "starttls": "true", + "port": "587", + "auth": "true", + "host": "smtp.office365.com", + "replyTo": "no-reply@catena-x.net", + "from": "Notifications@catena-x.net", + "ssl": "", + "user": "Notifications@catena-x.net" + }, + "eventsEnabled": true, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [ + "UPDATE_CONSENT_ERROR", + "SEND_RESET_PASSWORD", + "GRANT_CONSENT", + "VERIFY_PROFILE_ERROR", + "UPDATE_TOTP", + "REMOVE_TOTP", + "REVOKE_GRANT", + "LOGIN_ERROR", + "CLIENT_LOGIN", + "RESET_PASSWORD_ERROR", + "IMPERSONATE_ERROR", + "CODE_TO_TOKEN_ERROR", + "CUSTOM_REQUIRED_ACTION", + "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR", + "RESTART_AUTHENTICATION", + "UPDATE_PROFILE_ERROR", + "IMPERSONATE", + "LOGIN", + "UPDATE_PASSWORD_ERROR", + "OAUTH2_DEVICE_VERIFY_USER_CODE", + "CLIENT_INITIATED_ACCOUNT_LINKING", + "TOKEN_EXCHANGE", + "REGISTER", + "LOGOUT", + "AUTHREQID_TO_TOKEN", + "DELETE_ACCOUNT_ERROR", + "CLIENT_REGISTER", + "IDENTITY_PROVIDER_LINK_ACCOUNT", + "UPDATE_PASSWORD", + "DELETE_ACCOUNT", + "FEDERATED_IDENTITY_LINK_ERROR", + "CLIENT_DELETE", + "IDENTITY_PROVIDER_FIRST_LOGIN", + "VERIFY_EMAIL", + "CLIENT_DELETE_ERROR", + "CLIENT_LOGIN_ERROR", + "RESTART_AUTHENTICATION_ERROR", + "REMOVE_FEDERATED_IDENTITY_ERROR", + "EXECUTE_ACTIONS", + "TOKEN_EXCHANGE_ERROR", + "PERMISSION_TOKEN", + "SEND_IDENTITY_PROVIDER_LINK_ERROR", + "EXECUTE_ACTION_TOKEN_ERROR", + "SEND_VERIFY_EMAIL", + "OAUTH2_DEVICE_AUTH", + "EXECUTE_ACTIONS_ERROR", + "REMOVE_FEDERATED_IDENTITY", + "OAUTH2_DEVICE_CODE_TO_TOKEN", + "IDENTITY_PROVIDER_POST_LOGIN", + "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR", + "UPDATE_EMAIL", + "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR", + "REGISTER_ERROR", + "REVOKE_GRANT_ERROR", + "LOGOUT_ERROR", + "UPDATE_EMAIL_ERROR", + "EXECUTE_ACTION_TOKEN", + "CLIENT_UPDATE_ERROR", + "UPDATE_PROFILE", + "AUTHREQID_TO_TOKEN_ERROR", + "FEDERATED_IDENTITY_LINK", + "CLIENT_REGISTER_ERROR", + "SEND_VERIFY_EMAIL_ERROR", + "SEND_IDENTITY_PROVIDER_LINK", + "RESET_PASSWORD", + "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR", + "OAUTH2_DEVICE_AUTH_ERROR", + "UPDATE_CONSENT", + "REMOVE_TOTP_ERROR", + "VERIFY_EMAIL_ERROR", + "SEND_RESET_PASSWORD_ERROR", + "CLIENT_UPDATE", + "IDENTITY_PROVIDER_POST_LOGIN_ERROR", + "CUSTOM_REQUIRED_ACTION_ERROR", + "UPDATE_TOTP_ERROR", + "CODE_TO_TOKEN", + "VERIFY_PROFILE", + "GRANT_CONSENT_ERROR", + "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR" + ], + "adminEventsEnabled": true, + "adminEventsDetailsEnabled": false, + "identityProviders": [], + "identityProviderMappers": [], + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "b090f376-44ea-48f2-8fd6-921e13adb786", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "1d220609-5565-43d8-95c9-0c1c79516531", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "5f3cb95d-2844-4740-8496-3926809020e2", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "e9c810f9-fce0-4d9e-8dcb-79ae397bc814", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "54be4ec2-8fc2-4882-8058-79a3d69bce80", + "name": "Allowed Client Scopes", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allow-default-scopes": [ + "true" + ] + } + }, + { + "id": "ecadeac0-7496-47fd-b10d-79f3461bb896", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "saml-user-attribute-mapper", + "saml-user-property-mapper", + "saml-role-list-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-usermodel-property-mapper", + "oidc-full-name-mapper" + ] + } + }, + { + "id": "3c52ce03-6518-460c-ac6a-89fd37bad747", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "20b218ed-2ef8-4b75-a4fe-6715d8aeb8d8", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-property-mapper", + "saml-role-list-mapper", + "oidc-full-name-mapper", + "oidc-usermodel-property-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-sha256-pairwise-sub-mapper", + "saml-user-attribute-mapper", + "oidc-address-mapper" + ] + } + } + ], + "org.keycloak.userprofile.UserProfileProvider": [ + { + "id": "ad484781-1154-4e4c-8c49-865ddaeba6b6", + "providerId": "declarative-user-profile", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "87eaeab2-63ed-4199-b5ac-dfd536a8ee4e", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "b5bbb5c7-5db4-434f-a5ac-996d527a5b60", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "HS256" + ] + } + }, + { + "id": "abbe387e-c190-47d5-8a8e-247318b060ba", + "name": "rsa-enc-generated", + "providerId": "rsa-enc-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ], + "algorithm": [ + "RSA-OAEP" + ] + } + }, + { + "id": "535ed0da-498d-41a4-95e7-3848efb05e5d", + "name": "aes-generated", + "providerId": "aes-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": false, + "supportedLocales": [], + "authenticationFlows": [ + { + "id": "186ac06a-fc68-44d2-8256-0c634b870b15", + "alias": "Account verification options", + "description": "Method with which to verity the existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-email-verification", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "6cb679be-c67c-45d6-903c-c468c0d90c98", + "alias": "Authentication Options", + "description": "Authentication options.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "basic-auth", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "basic-auth-otp", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "da33ae56-9c1e-491b-ae0a-b55e6b5b9e1c", + "alias": "Browser - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "0f9fa688-65e9-49b1-8893-c2ed457ed2bb", + "alias": "Direct Grant - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "2d977838-9c53-4a3d-9886-c74369dcd662", + "alias": "First broker login - Conditional OTP", + "description": "Flow to determine if the OTP is required for the authentication", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "e407fded-b032-481c-95f8-db1fcac15afa", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Account verification options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "5ee38974-1a7a-4811-94a8-feb8c24f5585", + "alias": "Reset - Conditional OTP", + "description": "Flow to determine if the OTP should be reset or not. Set to REQUIRED to force.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "conditional-user-configured", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b625ace5-30f6-4435-8067-69096564566b", + "alias": "User creation or linking", + "description": "Flow for the existing/non-existing user alternatives", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 20, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "4c1208cc-c00d-40f8-a17b-085afb2c3140", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "First broker login - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "78bf253e-edf3-418a-ae52-f0728fa8dfea", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "710219df-f170-45ff-87d1-443e8ee8b72a", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-secret-jwt", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-x509", + "authenticatorFlow": false, + "requirement": "ALTERNATIVE", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b3d01002-2414-46e0-826c-ffdcdb9f26ac", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 30, + "flowAlias": "Direct Grant - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "9357808e-60b0-406d-b671-e64252f1fee5", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "9bbd8eec-f690-4e7c-b77d-7aea9e549d7f", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "User creation or linking", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "3a2c7d8d-f08a-40a9-a5fb-093635d864a9", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 20, + "flowAlias": "Browser - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "95d0d730-73c0-4989-bd6c-305d770ff325", + "alias": "http challenge", + "description": "An authentication flow based on challenge-response HTTP Authentication Schemes", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "no-cookie-redirect", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 20, + "flowAlias": "Authentication Options", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "406b10d5-9468-4761-94fe-79c81640a84f", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "authenticatorFlow": true, + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "435f1efe-d296-47df-951f-33c90a205ae0", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "authenticatorFlow": false, + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "40735091-daf8-4d9d-83f6-f653815b152d", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorFlow": true, + "requirement": "CONDITIONAL", + "priority": 40, + "flowAlias": "Reset - Conditional OTP", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "66d9f869-945e-4083-ad22-19278f1f3985", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "authenticatorFlow": false, + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "91e4d191-68f1-4f8d-b074-ef87c593ceec", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "ff444918-e51a-4dba-a9ea-1a40b471d135", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "priority": 10, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": false, + "defaultAction": false, + "priority": 20, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "priority": 30, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "priority": 40, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "priority": 50, + "config": {} + }, + { + "alias": "delete_account", + "name": "Delete Account", + "providerId": "delete_account", + "enabled": false, + "defaultAction": false, + "priority": 60, + "config": {} + }, + { + "alias": "update_user_locale", + "name": "Update User Locale", + "providerId": "update_user_locale", + "enabled": true, + "defaultAction": false, + "priority": 1000, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "direct grant", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "cibaBackchannelTokenDeliveryMode": "poll", + "cibaExpiresIn": "120", + "cibaAuthRequestedUserHint": "login_hint", + "oauth2DeviceCodeLifespan": "600", + "clientOfflineSessionMaxLifespan": "0", + "oauth2DevicePollingInterval": "600", + "clientSessionIdleTimeout": "0", + "userProfileEnabled": "false", + "parRequestUriLifespan": "60", + "clientSessionMaxLifespan": "0", + "clientOfflineSessionIdleTimeout": "0", + "cibaInterval": "5" + }, + "keycloakVersion": "16.1.1", + "userManagedAccessAllowed": false, + "clientProfiles": { + "profiles": [] + }, + "clientPolicies": { + "policies": [] + } +} \ No newline at end of file