API tools faq
paste
Guest User

realm-export.json

a guest
Aug 11th, 2020
174
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
JSON 44.41 KB | None | 0 0
raw download clone embed print report
  1. {
  2.   "id": "myRealm",
  3.   "realm": "myRealm",
  4.   "notBefore": 0,
  5.   "revokeRefreshToken": false,
  6.   "refreshTokenMaxReuse": 0,
  7.   "accessTokenLifespan": 300,
  8.   "accessTokenLifespanForImplicitFlow": 900,
  9.   "ssoSessionIdleTimeout": 1800,
  10.   "ssoSessionMaxLifespan": 36000,
  11.   "ssoSessionIdleTimeoutRememberMe": 0,
  12.   "ssoSessionMaxLifespanRememberMe": 0,
  13.   "offlineSessionIdleTimeout": 2592000,
  14.   "offlineSessionMaxLifespanEnabled": false,
  15.   "offlineSessionMaxLifespan": 5184000,
  16.   "accessCodeLifespan": 60,
  17.   "accessCodeLifespanUserAction": 300,
  18.   "accessCodeLifespanLogin": 1800,
  19.   "actionTokenGeneratedByAdminLifespan": 43200,
  20.   "actionTokenGeneratedByUserLifespan": 300,
  21.   "enabled": true,
  22.   "sslRequired": "external",
  23.   "registrationAllowed": true,
  24.   "registrationEmailAsUsername": true,
  25.   "rememberMe": false,
  26.   "verifyEmail": false,
  27.   "loginWithEmailAllowed": true,
  28.   "duplicateEmailsAllowed": false,
  29.   "resetPasswordAllowed": false,
  30.   "editUsernameAllowed": false,
  31.   "bruteForceProtected": false,
  32.   "permanentLockout": false,
  33.   "maxFailureWaitSeconds": 900,
  34.   "minimumQuickLoginWaitSeconds": 60,
  35.   "waitIncrementSeconds": 60,
  36.   "quickLoginCheckMilliSeconds": 1000,
  37.   "maxDeltaTimeSeconds": 43200,
  38.   "failureFactor": 30,
  39.   "defaultRoles": [
  40.     "offline_access",
  41.     "uma_authorization"
  42.   ],
  43.   "requiredCredentials": [
  44.     "password"
  45.   ],
  46.   "otpPolicyType": "totp",
  47.   "otpPolicyAlgorithm": "HmacSHA1",
  48.   "otpPolicyInitialCounter": 0,
  49.   "otpPolicyDigits": 6,
  50.   "otpPolicyLookAheadWindow": 1,
  51.   "otpPolicyPeriod": 30,
  52.   "otpSupportedApplications": [
  53.     "FreeOTP",
  54.     "Google Authenticator"
  55.   ],
  56.   "scopeMappings": [
  57.     {
  58.       "clientScope": "offline_access",
  59.       "roles": [
  60.         "offline_access"
  61.       ]
  62.     }
  63.   ],
  64.   "clients": [
  65.     {
  66.       "id": "44a131e3-0f4f-4c22-a95b-f14354c20e42",
  67.       "clientId": "admin-cli",
  68.       "name": "${client_admin-cli}",
  69.       "surrogateAuthRequired": false,
  70.       "enabled": true,
  71.       "clientAuthenticatorType": "client-secret",
  72.       "secret": "**********",
  73.       "redirectUris": [],
  74.       "webOrigins": [],
  75.       "notBefore": 0,
  76.       "bearerOnly": false,
  77.       "consentRequired": false,
  78.       "standardFlowEnabled": false,
  79.       "implicitFlowEnabled": false,
  80.       "directAccessGrantsEnabled": true,
  81.       "serviceAccountsEnabled": false,
  82.       "publicClient": true,
  83.       "frontchannelLogout": false,
  84.       "protocol": "openid-connect",
  85.       "attributes": {},
  86.       "authenticationFlowBindingOverrides": {},
  87.       "fullScopeAllowed": false,
  88.       "nodeReRegistrationTimeout": 0,
  89.       "defaultClientScopes": [
  90.         "web-origins",
  91.         "role_list",
  92.         "profile",
  93.         "roles",
  94.         "email"
  95.       ],
  96.       "optionalClientScopes": [
  97.         "address",
  98.         "phone",
  99.         "offline_access"
  100.       ]
  101.     },
  102.     {
  103.       "id": "7e902d89-a7ba-4145-993d-febb1395aa9e",
  104.       "clientId": "account",
  105.       "name": "${client_account}",
  106.       "baseUrl": "/auth/realms/myRealm/account",
  107.       "surrogateAuthRequired": false,
  108.       "enabled": true,
  109.       "clientAuthenticatorType": "client-secret",
  110.       "secret": "**********",
  111.       "defaultRoles": [
  112.         "view-profile",
  113.         "manage-account"
  114.       ],
  115.       "redirectUris": [
  116.         "/auth/realms/myRealm/account/*"
  117.       ],
  118.       "webOrigins": [],
  119.       "notBefore": 0,
  120.       "bearerOnly": false,
  121.       "consentRequired": false,
  122.       "standardFlowEnabled": true,
  123.       "implicitFlowEnabled": false,
  124.       "directAccessGrantsEnabled": false,
  125.       "serviceAccountsEnabled": false,
  126.       "publicClient": false,
  127.       "frontchannelLogout": false,
  128.       "protocol": "openid-connect",
  129.       "attributes": {},
  130.       "authenticationFlowBindingOverrides": {},
  131.       "fullScopeAllowed": false,
  132.       "nodeReRegistrationTimeout": 0,
  133.       "defaultClientScopes": [
  134.         "web-origins",
  135.         "role_list",
  136.         "profile",
  137.         "roles",
  138.         "email"
  139.       ],
  140.       "optionalClientScopes": [
  141.         "address",
  142.         "phone",
  143.         "offline_access"
  144.       ]
  145.     },
  146.     {
  147.       "id": "95e029fd-c143-495c-9e62-09b58b92a7a2",
  148.       "clientId": "security-admin-console",
  149.       "name": "${client_security-admin-console}",
  150.       "baseUrl": "/auth/admin/myRealm/console/index.html",
  151.       "surrogateAuthRequired": false,
  152.       "enabled": true,
  153.       "clientAuthenticatorType": "client-secret",
  154.       "secret": "**********",
  155.       "redirectUris": [
  156.         "/auth/admin/myRealm/console/*"
  157.       ],
  158.       "webOrigins": [],
  159.       "notBefore": 0,
  160.       "bearerOnly": false,
  161.       "consentRequired": false,
  162.       "standardFlowEnabled": true,
  163.       "implicitFlowEnabled": false,
  164.       "directAccessGrantsEnabled": false,
  165.       "serviceAccountsEnabled": false,
  166.       "publicClient": true,
  167.       "frontchannelLogout": false,
  168.       "protocol": "openid-connect",
  169.       "attributes": {},
  170.       "authenticationFlowBindingOverrides": {},
  171.       "fullScopeAllowed": false,
  172.       "nodeReRegistrationTimeout": 0,
  173.       "protocolMappers": [
  174.         {
  175.           "id": "51b56dc0-505a-4a64-9e52-742e1ddc9ac3",
  176.           "name": "locale",
  177.           "protocol": "openid-connect",
  178.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  179.           "consentRequired": false,
  180.           "config": {
  181.             "userinfo.token.claim": "true",
  182.             "user.attribute": "locale",
  183.             "id.token.claim": "true",
  184.             "access.token.claim": "true",
  185.             "claim.name": "locale",
  186.             "jsonType.label": "String"
  187.           }
  188.         }
  189.       ],
  190.       "defaultClientScopes": [
  191.         "web-origins",
  192.         "role_list",
  193.         "profile",
  194.         "roles",
  195.         "email"
  196.       ],
  197.       "optionalClientScopes": [
  198.         "address",
  199.         "phone",
  200.         "offline_access"
  201.       ]
  202.     },
  203.     {
  204.       "id": "7ea57cbe-be8c-481b-b2b7-e52b0111d6bc",
  205.       "clientId": "broker",
  206.       "name": "${client_broker}",
  207.       "surrogateAuthRequired": false,
  208.       "enabled": true,
  209.       "clientAuthenticatorType": "client-secret",
  210.       "secret": "**********",
  211.       "redirectUris": [],
  212.       "webOrigins": [],
  213.       "notBefore": 0,
  214.       "bearerOnly": false,
  215.       "consentRequired": false,
  216.       "standardFlowEnabled": true,
  217.       "implicitFlowEnabled": false,
  218.       "directAccessGrantsEnabled": false,
  219.       "serviceAccountsEnabled": false,
  220.       "publicClient": false,
  221.       "frontchannelLogout": false,
  222.       "protocol": "openid-connect",
  223.       "attributes": {},
  224.       "authenticationFlowBindingOverrides": {},
  225.       "fullScopeAllowed": false,
  226.       "nodeReRegistrationTimeout": 0,
  227.       "defaultClientScopes": [
  228.         "web-origins",
  229.         "role_list",
  230.         "profile",
  231.         "roles",
  232.         "email"
  233.       ],
  234.       "optionalClientScopes": [
  235.         "address",
  236.         "phone",
  237.         "offline_access"
  238.       ]
  239.     },
  240.     {
  241.       "id": "c45c18ed-2882-4340-80bd-9aa7032da2cb",
  242.       "clientId": "gatsby-myRealm",
  243.       "rootUrl": "https://myRealm.131.1.216.224.sslip.io/",
  244.       "surrogateAuthRequired": false,
  245.       "enabled": true,
  246.       "clientAuthenticatorType": "client-secret",
  247.       "secret": "**********",
  248.       "redirectUris": [
  249.         "https://myRealm.131.1.216.224.sslip.io/"
  250.       ],
  251.       "webOrigins": [
  252.         "*"
  253.       ],
  254.       "notBefore": 0,
  255.       "bearerOnly": false,
  256.       "consentRequired": false,
  257.       "standardFlowEnabled": true,
  258.       "implicitFlowEnabled": false,
  259.       "directAccessGrantsEnabled": true,
  260.       "serviceAccountsEnabled": false,
  261.       "publicClient": true,
  262.       "frontchannelLogout": false,
  263.       "protocol": "openid-connect",
  264.       "attributes": {
  265.         "saml.assertion.signature": "false",
  266.         "access.token.lifespan": "3600",
  267.         "saml.force.post.binding": "false",
  268.         "saml.multivalued.roles": "false",
  269.         "saml.encrypt": "false",
  270.         "saml.server.signature": "false",
  271.         "saml.server.signature.keyinfo.ext": "false",
  272.         "exclude.session.state.from.auth.response": "false",
  273.         "saml_force_name_id_format": "false",
  274.         "saml.client.signature": "false",
  275.         "tls.client.certificate.bound.access.tokens": "false",
  276.         "saml.authnstatement": "false",
  277.         "display.on.consent.screen": "false",
  278.         "saml.onetimeuse.condition": "false"
  279.       },
  280.       "authenticationFlowBindingOverrides": {},
  281.       "fullScopeAllowed": true,
  282.       "nodeReRegistrationTimeout": -1,
  283.       "defaultClientScopes": [
  284.         "web-origins",
  285.         "role_list",
  286.         "profile",
  287.         "roles",
  288.         "email"
  289.       ],
  290.       "optionalClientScopes": [
  291.         "address",
  292.         "phone",
  293.         "offline_access"
  294.       ]
  295.     },
  296.     {
  297.       "id": "9e25b948-cfe2-451b-a0f2-18896fc36eb2",
  298.       "clientId": "realm-management",
  299.       "name": "${client_realm-management}",
  300.       "surrogateAuthRequired": false,
  301.       "enabled": true,
  302.       "clientAuthenticatorType": "client-secret",
  303.       "secret": "**********",
  304.       "redirectUris": [],
  305.       "webOrigins": [],
  306.       "notBefore": 0,
  307.       "bearerOnly": true,
  308.       "consentRequired": false,
  309.       "standardFlowEnabled": true,
  310.       "implicitFlowEnabled": false,
  311.       "directAccessGrantsEnabled": false,
  312.       "serviceAccountsEnabled": false,
  313.       "publicClient": false,
  314.       "frontchannelLogout": false,
  315.       "protocol": "openid-connect",
  316.       "attributes": {},
  317.       "authenticationFlowBindingOverrides": {},
  318.       "fullScopeAllowed": false,
  319.       "nodeReRegistrationTimeout": 0,
  320.       "defaultClientScopes": [
  321.         "web-origins",
  322.         "role_list",
  323.         "profile",
  324.         "roles",
  325.         "email"
  326.       ],
  327.       "optionalClientScopes": [
  328.         "address",
  329.         "phone",
  330.         "offline_access"
  331.       ]
  332.     }
  333.   ],
  334.   "clientScopes": [
  335.     {
  336.       "id": "b6a81450-9a78-4b22-b0f2-35eef5fb5937",
  337.       "name": "web-origins",
  338.       "description": "OpenID Connect scope for add allowed web origins to the access token",
  339.       "protocol": "openid-connect",
  340.       "attributes": {
  341.         "include.in.token.scope": "false",
  342.         "display.on.consent.screen": "false",
  343.         "consent.screen.text": ""
  344.       },
  345.       "protocolMappers": [
  346.         {
  347.           "id": "0769c053-aff2-408b-9a0e-dcd8b4d5b959",
  348.           "name": "allowed web origins",
  349.           "protocol": "openid-connect",
  350.           "protocolMapper": "oidc-allowed-origins-mapper",
  351.           "consentRequired": false,
  352.           "config": {}
  353.         }
  354.       ]
  355.     },
  356.     {
  357.       "id": "87d3b3a2-5eb9-4b80-b17e-263ec0e04750",
  358.       "name": "roles",
  359.       "description": "OpenID Connect scope for add user roles to the access token",
  360.       "protocol": "openid-connect",
  361.       "attributes": {
  362.         "include.in.token.scope": "false",
  363.         "display.on.consent.screen": "true",
  364.         "consent.screen.text": "${rolesScopeConsentText}"
  365.       },
  366.       "protocolMappers": [
  367.         {
  368.           "id": "ec1b3fa4-76b5-4f23-a6af-fc1a95019461",
  369.           "name": "client roles",
  370.           "protocol": "openid-connect",
  371.           "protocolMapper": "oidc-usermodel-client-role-mapper",
  372.           "consentRequired": false,
  373.           "config": {
  374.             "multivalued": "true",
  375.             "user.attribute": "foo",
  376.             "access.token.claim": "true",
  377.             "claim.name": "resource_access.${client_id}.roles",
  378.             "jsonType.label": "String"
  379.           }
  380.         },
  381.         {
  382.           "id": "9a7c2a01-010c-434c-9faf-b0ec35072772",
  383.           "name": "audience resolve",
  384.           "protocol": "openid-connect",
  385.           "protocolMapper": "oidc-audience-resolve-mapper",
  386.           "consentRequired": false,
  387.           "config": {}
  388.         },
  389.         {
  390.           "id": "3637cc89-d281-4cfb-ba48-8ee9d31b43ff",
  391.           "name": "realm roles",
  392.           "protocol": "openid-connect",
  393.           "protocolMapper": "oidc-usermodel-realm-role-mapper",
  394.           "consentRequired": false,
  395.           "config": {
  396.             "multivalued": "true",
  397.             "user.attribute": "foo",
  398.             "access.token.claim": "true",
  399.             "claim.name": "realm_access.roles",
  400.             "jsonType.label": "String"
  401.           }
  402.         }
  403.       ]
  404.     },
  405.     {
  406.       "id": "571a9cc1-7433-4db4-b458-b67d8c1080fa",
  407.       "name": "phone",
  408.       "description": "OpenID Connect built-in scope: phone",
  409.       "protocol": "openid-connect",
  410.       "attributes": {
  411.         "include.in.token.scope": "true",
  412.         "display.on.consent.screen": "true",
  413.         "consent.screen.text": "${phoneScopeConsentText}"
  414.       },
  415.       "protocolMappers": [
  416.         {
  417.           "id": "6339d9a2-ab41-46de-bc44-c27cc22c7c89",
  418.           "name": "phone number verified",
  419.           "protocol": "openid-connect",
  420.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  421.           "consentRequired": false,
  422.           "config": {
  423.             "userinfo.token.claim": "true",
  424.             "user.attribute": "phoneNumberVerified",
  425.             "id.token.claim": "true",
  426.             "access.token.claim": "true",
  427.             "claim.name": "phone_number_verified",
  428.             "jsonType.label": "boolean"
  429.           }
  430.         },
  431.         {
  432.           "id": "3c9b047f-560c-4392-910d-6271398038ea",
  433.           "name": "phone number",
  434.           "protocol": "openid-connect",
  435.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  436.           "consentRequired": false,
  437.           "config": {
  438.             "userinfo.token.claim": "true",
  439.             "user.attribute": "phoneNumber",
  440.             "id.token.claim": "true",
  441.             "access.token.claim": "true",
  442.             "claim.name": "phone_number",
  443.             "jsonType.label": "String"
  444.           }
  445.         }
  446.       ]
  447.     },
  448.     {
  449.       "id": "be18e091-d956-4f20-a47c-bd1d09e161e3",
  450.       "name": "address",
  451.       "description": "OpenID Connect built-in scope: address",
  452.       "protocol": "openid-connect",
  453.       "attributes": {
  454.         "include.in.token.scope": "true",
  455.         "display.on.consent.screen": "true",
  456.         "consent.screen.text": "${addressScopeConsentText}"
  457.       },
  458.       "protocolMappers": [
  459.         {
  460.           "id": "cbe42ea2-32b2-44e2-aaa6-7fd77a6b8dc0",
  461.           "name": "address",
  462.           "protocol": "openid-connect",
  463.           "protocolMapper": "oidc-address-mapper",
  464.           "consentRequired": false,
  465.           "config": {
  466.             "user.attribute.formatted": "formatted",
  467.             "user.attribute.country": "country",
  468.             "user.attribute.postal_code": "postal_code",
  469.             "userinfo.token.claim": "true",
  470.             "user.attribute.street": "street",
  471.             "id.token.claim": "true",
  472.             "user.attribute.region": "region",
  473.             "access.token.claim": "true",
  474.             "user.attribute.locality": "locality"
  475.           }
  476.         }
  477.       ]
  478.     },
  479.     {
  480.       "id": "aefa9ee4-8f71-4f8a-bf08-f8f6c9d2701a",
  481.       "name": "email",
  482.       "description": "OpenID Connect built-in scope: email",
  483.       "protocol": "openid-connect",
  484.       "attributes": {
  485.         "include.in.token.scope": "true",
  486.         "display.on.consent.screen": "true",
  487.         "consent.screen.text": "${emailScopeConsentText}"
  488.       },
  489.       "protocolMappers": [
  490.         {
  491.           "id": "d2d60869-0425-48b5-9b68-43f2c68368e6",
  492.           "name": "email",
  493.           "protocol": "openid-connect",
  494.           "protocolMapper": "oidc-usermodel-property-mapper",
  495.           "consentRequired": false,
  496.           "config": {
  497.             "userinfo.token.claim": "true",
  498.             "user.attribute": "email",
  499.             "id.token.claim": "true",
  500.             "access.token.claim": "true",
  501.             "claim.name": "email",
  502.             "jsonType.label": "String"
  503.           }
  504.         },
  505.         {
  506.           "id": "9aa7640e-3145-483b-9244-7f12021e2b3d",
  507.           "name": "email verified",
  508.           "protocol": "openid-connect",
  509.           "protocolMapper": "oidc-usermodel-property-mapper",
  510.           "consentRequired": false,
  511.           "config": {
  512.             "userinfo.token.claim": "true",
  513.             "user.attribute": "emailVerified",
  514.             "id.token.claim": "true",
  515.             "access.token.claim": "true",
  516.             "claim.name": "email_verified",
  517.             "jsonType.label": "boolean"
  518.           }
  519.         }
  520.       ]
  521.     },
  522.     {
  523.       "id": "01add37e-75c5-4e35-b1c3-4cbd39b263e0",
  524.       "name": "profile",
  525.       "description": "OpenID Connect built-in scope: profile",
  526.       "protocol": "openid-connect",
  527.       "attributes": {
  528.         "include.in.token.scope": "true",
  529.         "display.on.consent.screen": "true",
  530.         "consent.screen.text": "${profileScopeConsentText}"
  531.       },
  532.       "protocolMappers": [
  533.         {
  534.           "id": "ab062461-7dfc-4e9b-bc14-da97ef381916",
  535.           "name": "updated at",
  536.           "protocol": "openid-connect",
  537.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  538.           "consentRequired": false,
  539.           "config": {
  540.             "userinfo.token.claim": "true",
  541.             "user.attribute": "updatedAt",
  542.             "id.token.claim": "true",
  543.             "access.token.claim": "true",
  544.             "claim.name": "updated_at",
  545.             "jsonType.label": "String"
  546.           }
  547.         },
  548.         {
  549.           "id": "81ca0b56-d03f-42d9-bac9-ba80677150a4",
  550.           "name": "birthdate",
  551.           "protocol": "openid-connect",
  552.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  553.           "consentRequired": false,
  554.           "config": {
  555.             "userinfo.token.claim": "true",
  556.             "user.attribute": "birthdate",
  557.             "id.token.claim": "true",
  558.             "access.token.claim": "true",
  559.             "claim.name": "birthdate",
  560.             "jsonType.label": "String"
  561.           }
  562.         },
  563.         {
  564.           "id": "f9810beb-0075-4b25-a113-57987c096fe3",
  565.           "name": "middle name",
  566.           "protocol": "openid-connect",
  567.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  568.           "consentRequired": false,
  569.           "config": {
  570.             "userinfo.token.claim": "true",
  571.             "user.attribute": "middleName",
  572.             "id.token.claim": "true",
  573.             "access.token.claim": "true",
  574.             "claim.name": "middle_name",
  575.             "jsonType.label": "String"
  576.           }
  577.         },
  578.         {
  579.           "id": "9781acaf-2230-4705-b31a-ab7a9683bc08",
  580.           "name": "family name",
  581.           "protocol": "openid-connect",
  582.           "protocolMapper": "oidc-usermodel-property-mapper",
  583.           "consentRequired": false,
  584.           "config": {
  585.             "userinfo.token.claim": "true",
  586.             "user.attribute": "lastName",
  587.             "id.token.claim": "true",
  588.             "access.token.claim": "true",
  589.             "claim.name": "family_name",
  590.             "jsonType.label": "String"
  591.           }
  592.         },
  593.         {
  594.           "id": "216d320e-47d4-40f5-a90a-cbfe8e17e4d8",
  595.           "name": "profile",
  596.           "protocol": "openid-connect",
  597.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  598.           "consentRequired": false,
  599.           "config": {
  600.             "userinfo.token.claim": "true",
  601.             "user.attribute": "profile",
  602.             "id.token.claim": "true",
  603.             "access.token.claim": "true",
  604.             "claim.name": "profile",
  605.             "jsonType.label": "String"
  606.           }
  607.         },
  608.         {
  609.           "id": "eaf9602c-5d40-4da1-881e-e76d3ff29401",
  610.           "name": "zoneinfo",
  611.           "protocol": "openid-connect",
  612.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  613.           "consentRequired": false,
  614.           "config": {
  615.             "userinfo.token.claim": "true",
  616.             "user.attribute": "zoneinfo",
  617.             "id.token.claim": "true",
  618.             "access.token.claim": "true",
  619.             "claim.name": "zoneinfo",
  620.             "jsonType.label": "String"
  621.           }
  622.         },
  623.         {
  624.           "id": "b025a61a-57ed-4bb2-8b81-734d5f59f4dd",
  625.           "name": "username",
  626.           "protocol": "openid-connect",
  627.           "protocolMapper": "oidc-usermodel-property-mapper",
  628.           "consentRequired": false,
  629.           "config": {
  630.             "userinfo.token.claim": "true",
  631.             "user.attribute": "username",
  632.             "id.token.claim": "true",
  633.             "access.token.claim": "true",
  634.             "claim.name": "preferred_username",
  635.             "jsonType.label": "String"
  636.           }
  637.         },
  638.         {
  639.           "id": "f6987905-98a9-42f1-a663-5d23aef23f53",
  640.           "name": "given name",
  641.           "protocol": "openid-connect",
  642.           "protocolMapper": "oidc-usermodel-property-mapper",
  643.           "consentRequired": false,
  644.           "config": {
  645.             "userinfo.token.claim": "true",
  646.             "user.attribute": "firstName",
  647.             "id.token.claim": "true",
  648.             "access.token.claim": "true",
  649.             "claim.name": "given_name",
  650.             "jsonType.label": "String"
  651.           }
  652.         },
  653.         {
  654.           "id": "9e775b96-ff79-40e5-a011-c460de787a4b",
  655.           "name": "gender",
  656.           "protocol": "openid-connect",
  657.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  658.           "consentRequired": false,
  659.           "config": {
  660.             "userinfo.token.claim": "true",
  661.             "user.attribute": "gender",
  662.             "id.token.claim": "true",
  663.             "access.token.claim": "true",
  664.             "claim.name": "gender",
  665.             "jsonType.label": "String"
  666.           }
  667.         },
  668.         {
  669.           "id": "f2c299e2-e38a-498a-b772-e77f931f3713",
  670.           "name": "picture",
  671.           "protocol": "openid-connect",
  672.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  673.           "consentRequired": false,
  674.           "config": {
  675.             "userinfo.token.claim": "true",
  676.             "user.attribute": "picture",
  677.             "id.token.claim": "true",
  678.             "access.token.claim": "true",
  679.             "claim.name": "picture",
  680.             "jsonType.label": "String"
  681.           }
  682.         },
  683.         {
  684.           "id": "4ee2c886-df8d-4c73-917a-64afc1c9cbb5",
  685.           "name": "website",
  686.           "protocol": "openid-connect",
  687.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  688.           "consentRequired": false,
  689.           "config": {
  690.             "userinfo.token.claim": "true",
  691.             "user.attribute": "website",
  692.             "id.token.claim": "true",
  693.             "access.token.claim": "true",
  694.             "claim.name": "website",
  695.             "jsonType.label": "String"
  696.           }
  697.         },
  698.         {
  699.           "id": "74568ea3-2f04-4596-8147-d27666ac69d9",
  700.           "name": "nickname",
  701.           "protocol": "openid-connect",
  702.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  703.           "consentRequired": false,
  704.           "config": {
  705.             "userinfo.token.claim": "true",
  706.             "user.attribute": "nickname",
  707.             "id.token.claim": "true",
  708.             "access.token.claim": "true",
  709.             "claim.name": "nickname",
  710.             "jsonType.label": "String"
  711.           }
  712.         },
  713.         {
  714.           "id": "1b0fa079-4262-4544-8a8c-0f0c72aaeee1",
  715.           "name": "locale",
  716.           "protocol": "openid-connect",
  717.           "protocolMapper": "oidc-usermodel-attribute-mapper",
  718.           "consentRequired": false,
  719.           "config": {
  720.             "userinfo.token.claim": "true",
  721.             "user.attribute": "locale",
  722.             "id.token.claim": "true",
  723.             "access.token.claim": "true",
  724.             "claim.name": "locale",
  725.             "jsonType.label": "String"
  726.           }
  727.         },
  728.         {
  729.           "id": "2bbb078c-3f08-4274-8038-92d4d49fc917",
  730.           "name": "full name",
  731.           "protocol": "openid-connect",
  732.           "protocolMapper": "oidc-full-name-mapper",
  733.           "consentRequired": false,
  734.           "config": {
  735.             "id.token.claim": "true",
  736.             "access.token.claim": "true",
  737.             "userinfo.token.claim": "true"
  738.           }
  739.         }
  740.       ]
  741.     },
  742.     {
  743.       "id": "fe93fe49-782a-44c6-82ca-0b9fbb454bcf",
  744.       "name": "role_list",
  745.       "description": "SAML role list",
  746.       "protocol": "saml",
  747.       "attributes": {
  748.         "consent.screen.text": "${samlRoleListScopeConsentText}",
  749.         "display.on.consent.screen": "true"
  750.       },
  751.       "protocolMappers": [
  752.         {
  753.           "id": "90635121-6d73-41dd-ab12-689ef6a4cb65",
  754.           "name": "role list",
  755.           "protocol": "saml",
  756.           "protocolMapper": "saml-role-list-mapper",
  757.           "consentRequired": false,
  758.           "config": {
  759.             "single": "false",
  760.             "attribute.nameformat": "Basic",
  761.             "attribute.name": "Role"
  762.           }
  763.         }
  764.       ]
  765.     },
  766.     {
  767.       "id": "280b2a4c-9025-4188-8f83-8cc59a213d15",
  768.       "name": "offline_access",
  769.       "description": "OpenID Connect built-in scope: offline_access",
  770.       "protocol": "openid-connect",
  771.       "attributes": {
  772.         "consent.screen.text": "${offlineAccessScopeConsentText}",
  773.         "display.on.consent.screen": "true"
  774.       }
  775.     }
  776.   ],
  777.   "defaultDefaultClientScopes": [
  778.     "role_list",
  779.     "profile",
  780.     "email",
  781.     "roles",
  782.     "web-origins"
  783.   ],
  784.   "defaultOptionalClientScopes": [
  785.     "offline_access",
  786.     "address",
  787.     "phone"
  788.   ],
  789.   "browserSecurityHeaders": {
  790.     "contentSecurityPolicyReportOnly": "",
  791.     "xContentTypeOptions": "nosniff",
  792.     "xRobotsTag": "none",
  793.     "xFrameOptions": "SAMEORIGIN",
  794.     "xXSSProtection": "1; mode=block",
  795.     "contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
  796.     "strictTransportSecurity": "max-age=31536000; includeSubDomains"
  797.   },
  798.   "smtpServer": {},
  799.   "loginTheme": "keycloak",
  800.   "accountTheme": "keycloak",
  801.   "adminTheme": "keycloak",
  802.   "eventsEnabled": false,
  803.   "eventsListeners": [
  804.     "jboss-logging"
  805.   ],
  806.   "enabledEventTypes": [],
  807.   "adminEventsEnabled": false,
  808.   "adminEventsDetailsEnabled": false,
  809.   "components": {
  810.     "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [
  811.       {
  812.         "id": "aeaa8f07-5ea5-4f82-b2ca-654dd9096460",
  813.         "name": "Allowed Client Scopes",
  814.         "providerId": "allowed-client-templates",
  815.         "subType": "authenticated",
  816.         "subComponents": {},
  817.         "config": {
  818.           "allow-default-scopes": [
  819.             "true"
  820.           ]
  821.         }
  822.       },
  823.       {
  824.         "id": "98fa058f-efd7-4448-b407-bec52fd312de",
  825.         "name": "Trusted Hosts",
  826.         "providerId": "trusted-hosts",
  827.         "subType": "anonymous",
  828.         "subComponents": {},
  829.         "config": {
  830.           "host-sending-registration-request-must-match": [
  831.             "true"
  832.           ],
  833.           "client-uris-must-match": [
  834.             "true"
  835.           ]
  836.         }
  837.       },
  838.       {
  839.         "id": "44d3716a-1974-4afe-a940-615b05dd9d7f",
  840.         "name": "Full Scope Disabled",
  841.         "providerId": "scope",
  842.         "subType": "anonymous",
  843.         "subComponents": {},
  844.         "config": {}
  845.       },
  846.       {
  847.         "id": "44c96938-6408-4b9f-9bcd-093633da35e8",
  848.         "name": "Allowed Protocol Mapper Types",
  849.         "providerId": "allowed-protocol-mappers",
  850.         "subType": "anonymous",
  851.         "subComponents": {},
  852.         "config": {
  853.           "allowed-protocol-mapper-types": [
  854.             "saml-user-property-mapper",
  855.             "oidc-sha256-pairwise-sub-mapper",
  856.             "oidc-address-mapper",
  857.             "oidc-full-name-mapper",
  858.             "saml-role-list-mapper",
  859.             "oidc-usermodel-attribute-mapper",
  860.             "oidc-usermodel-property-mapper",
  861.             "saml-user-attribute-mapper"
  862.           ]
  863.         }
  864.       },
  865.       {
  866.         "id": "efabb102-4ce6-4c99-8256-026b013798f1",
  867.         "name": "Consent Required",
  868.         "providerId": "consent-required",
  869.         "subType": "anonymous",
  870.         "subComponents": {},
  871.         "config": {}
  872.       },
  873.       {
  874.         "id": "91f5a3a5-57a5-4fe9-80dd-25b1f055be6c",
  875.         "name": "Allowed Protocol Mapper Types",
  876.         "providerId": "allowed-protocol-mappers",
  877.         "subType": "authenticated",
  878.         "subComponents": {},
  879.         "config": {
  880.           "allowed-protocol-mapper-types": [
  881.             "oidc-address-mapper",
  882.             "saml-role-list-mapper",
  883.             "oidc-usermodel-property-mapper",
  884.             "oidc-usermodel-attribute-mapper",
  885.             "saml-user-attribute-mapper",
  886.             "oidc-full-name-mapper",
  887.             "oidc-sha256-pairwise-sub-mapper",
  888.             "saml-user-property-mapper"
  889.           ]
  890.         }
  891.       },
  892.       {
  893.         "id": "860ecab7-90d2-43fd-80e2-64a213025e6c",
  894.         "name": "Allowed Client Scopes",
  895.         "providerId": "allowed-client-templates",
  896.         "subType": "anonymous",
  897.         "subComponents": {},
  898.         "config": {
  899.           "allow-default-scopes": [
  900.             "true"
  901.           ]
  902.         }
  903.       },
  904.       {
  905.         "id": "9fab65fa-fbde-46f0-bd6d-d2fc9887a594",
  906.         "name": "Max Clients Limit",
  907.         "providerId": "max-clients",
  908.         "subType": "anonymous",
  909.         "subComponents": {},
  910.         "config": {
  911.           "max-clients": [
  912.             "200"
  913.           ]
  914.         }
  915.       }
  916.     ],
  917.     "org.keycloak.keys.KeyProvider": [
  918.       {
  919.         "id": "6a9e931c-62e1-4e1b-b074-f2e96d474e93",
  920.         "name": "rsa-generated",
  921.         "providerId": "rsa-generated",
  922.         "subComponents": {},
  923.         "config": {
  924.           "priority": [
  925.             "100"
  926.           ]
  927.         }
  928.       },
  929.       {
  930.         "id": "86a3fd49-4611-4949-a048-75d2431f907f",
  931.         "name": "aes-generated",
  932.         "providerId": "aes-generated",
  933.         "subComponents": {},
  934.         "config": {
  935.           "priority": [
  936.             "100"
  937.           ]
  938.         }
  939.       },
  940.       {
  941.         "id": "fa2cdcd4-5a92-46c1-a777-44c1cc5ebdf9",
  942.         "name": "hmac-generated",
  943.         "providerId": "hmac-generated",
  944.         "subComponents": {},
  945.         "config": {
  946.           "priority": [
  947.             "100"
  948.           ],
  949.           "algorithm": [
  950.             "HS256"
  951.           ]
  952.         }
  953.       }
  954.     ]
  955.   },
  956.   "internationalizationEnabled": false,
  957.   "supportedLocales": [
  958.     ""
  959.   ],
  960.   "authenticationFlows": [
  961.     {
  962.       "id": "44431682-547e-486f-a250-2ad9c78211bd",
  963.       "alias": "Handle Existing Account",
  964.       "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
  965.       "providerId": "basic-flow",
  966.       "topLevel": false,
  967.       "builtIn": true,
  968.       "authenticationExecutions": [
  969.         {
  970.           "authenticator": "idp-confirm-link",
  971.           "requirement": "REQUIRED",
  972.           "priority": 10,
  973.           "userSetupAllowed": false,
  974.           "autheticatorFlow": false
  975.         },
  976.         {
  977.           "authenticator": "idp-email-verification",
  978.           "requirement": "ALTERNATIVE",
  979.           "priority": 20,
  980.           "userSetupAllowed": false,
  981.           "autheticatorFlow": false
  982.         },
  983.         {
  984.           "requirement": "ALTERNATIVE",
  985.           "priority": 30,
  986.           "flowAlias": "Verify Existing Account by Re-authentication",
  987.           "userSetupAllowed": false,
  988.           "autheticatorFlow": true
  989.         }
  990.       ]
  991.     },
  992.     {
  993.       "id": "8eff83f9-adcf-4195-b2d5-7c87c38ad835",
  994.       "alias": "Verify Existing Account by Re-authentication",
  995.       "description": "Reauthentication of existing account",
  996.       "providerId": "basic-flow",
  997.       "topLevel": false,
  998.       "builtIn": true,
  999.       "authenticationExecutions": [
  1000.         {
  1001.           "authenticator": "idp-username-password-form",
  1002.           "requirement": "REQUIRED",
  1003.           "priority": 10,
  1004.           "userSetupAllowed": false,
  1005.           "autheticatorFlow": false
  1006.         },
  1007.         {
  1008.           "authenticator": "auth-otp-form",
  1009.           "requirement": "OPTIONAL",
  1010.           "priority": 20,
  1011.           "userSetupAllowed": false,
  1012.           "autheticatorFlow": false
  1013.         }
  1014.       ]
  1015.     },
  1016.     {
  1017.       "id": "ba36c94c-b14e-41b7-bb6f-6b1b43026d9a",
  1018.       "alias": "browser",
  1019.       "description": "browser based authentication",
  1020.       "providerId": "basic-flow",
  1021.       "topLevel": true,
  1022.       "builtIn": true,
  1023.       "authenticationExecutions": [
  1024.         {
  1025.           "authenticator": "auth-cookie",
  1026.           "requirement": "ALTERNATIVE",
  1027.           "priority": 10,
  1028.           "userSetupAllowed": false,
  1029.           "autheticatorFlow": false
  1030.         },
  1031.         {
  1032.           "authenticator": "auth-spnego",
  1033.           "requirement": "DISABLED",
  1034.           "priority": 20,
  1035.           "userSetupAllowed": false,
  1036.           "autheticatorFlow": false
  1037.         },
  1038.         {
  1039.           "authenticator": "identity-provider-redirector",
  1040.           "requirement": "ALTERNATIVE",
  1041.           "priority": 25,
  1042.           "userSetupAllowed": false,
  1043.           "autheticatorFlow": false
  1044.         },
  1045.         {
  1046.           "requirement": "ALTERNATIVE",
  1047.           "priority": 30,
  1048.           "flowAlias": "forms",
  1049.           "userSetupAllowed": false,
  1050.           "autheticatorFlow": true
  1051.         }
  1052.       ]
  1053.     },
  1054.     {
  1055.       "id": "e6961229-7115-4301-aac9-904aa77c720d",
  1056.       "alias": "clients",
  1057.       "description": "Base authentication for clients",
  1058.       "providerId": "client-flow",
  1059.       "topLevel": true,
  1060.       "builtIn": true,
  1061.       "authenticationExecutions": [
  1062.         {
  1063.           "authenticator": "client-secret",
  1064.           "requirement": "ALTERNATIVE",
  1065.           "priority": 10,
  1066.           "userSetupAllowed": false,
  1067.           "autheticatorFlow": false
  1068.         },
  1069.         {
  1070.           "authenticator": "client-jwt",
  1071.           "requirement": "ALTERNATIVE",
  1072.           "priority": 20,
  1073.           "userSetupAllowed": false,
  1074.           "autheticatorFlow": false
  1075.         },
  1076.         {
  1077.           "authenticator": "client-secret-jwt",
  1078.           "requirement": "ALTERNATIVE",
  1079.           "priority": 30,
  1080.           "userSetupAllowed": false,
  1081.           "autheticatorFlow": false
  1082.         },
  1083.         {
  1084.           "authenticator": "client-x509",
  1085.           "requirement": "ALTERNATIVE",
  1086.           "priority": 40,
  1087.           "userSetupAllowed": false,
  1088.           "autheticatorFlow": false
  1089.         }
  1090.       ]
  1091.     },
  1092.     {
  1093.       "id": "a3bd5bf9-9b51-41c9-b192-9c25a020cab9",
  1094.       "alias": "direct grant",
  1095.       "description": "OpenID Connect Resource Owner Grant",
  1096.       "providerId": "basic-flow",
  1097.       "topLevel": true,
  1098.       "builtIn": true,
  1099.       "authenticationExecutions": [
  1100.         {
  1101.           "authenticator": "direct-grant-validate-username",
  1102.           "requirement": "REQUIRED",
  1103.           "priority": 10,
  1104.           "userSetupAllowed": false,
  1105.           "autheticatorFlow": false
  1106.         },
  1107.         {
  1108.           "authenticator": "direct-grant-validate-password",
  1109.           "requirement": "REQUIRED",
  1110.           "priority": 20,
  1111.           "userSetupAllowed": false,
  1112.           "autheticatorFlow": false
  1113.         },
  1114.         {
  1115.           "authenticator": "direct-grant-validate-otp",
  1116.           "requirement": "OPTIONAL",
  1117.           "priority": 30,
  1118.           "userSetupAllowed": false,
  1119.           "autheticatorFlow": false
  1120.         }
  1121.       ]
  1122.     },
  1123.     {
  1124.       "id": "a1804f65-16ef-45dd-90a7-bae27d5fc1c1",
  1125.       "alias": "docker auth",
  1126.       "description": "Used by Docker clients to authenticate against the IDP",
  1127.       "providerId": "basic-flow",
  1128.       "topLevel": true,
  1129.       "builtIn": true,
  1130.       "authenticationExecutions": [
  1131.         {
  1132.           "authenticator": "docker-http-basic-authenticator",
  1133.           "requirement": "REQUIRED",
  1134.           "priority": 10,
  1135.           "userSetupAllowed": false,
  1136.           "autheticatorFlow": false
  1137.         }
  1138.       ]
  1139.     },
  1140.     {
  1141.       "id": "c51ca3da-70d7-45d9-9363-3fc61983d4f8",
  1142.       "alias": "first broker login",
  1143.       "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
  1144.       "providerId": "basic-flow",
  1145.       "topLevel": true,
  1146.       "builtIn": true,
  1147.       "authenticationExecutions": [
  1148.         {
  1149.           "authenticatorConfig": "review profile config",
  1150.           "authenticator": "idp-review-profile",
  1151.           "requirement": "REQUIRED",
  1152.           "priority": 10,
  1153.           "userSetupAllowed": false,
  1154.           "autheticatorFlow": false
  1155.         },
  1156.         {
  1157.           "authenticatorConfig": "create unique user config",
  1158.           "authenticator": "idp-create-user-if-unique",
  1159.           "requirement": "ALTERNATIVE",
  1160.           "priority": 20,
  1161.           "userSetupAllowed": false,
  1162.           "autheticatorFlow": false
  1163.         },
  1164.         {
  1165.           "requirement": "ALTERNATIVE",
  1166.           "priority": 30,
  1167.           "flowAlias": "Handle Existing Account",
  1168.           "userSetupAllowed": false,
  1169.           "autheticatorFlow": true
  1170.         }
  1171.       ]
  1172.     },
  1173.     {
  1174.       "id": "af4df04f-9902-47c4-aeeb-bd461a92ad0a",
  1175.       "alias": "forms",
  1176.       "description": "Username, password, otp and other auth forms.",
  1177.       "providerId": "basic-flow",
  1178.       "topLevel": false,
  1179.       "builtIn": true,
  1180.       "authenticationExecutions": [
  1181.         {
  1182.           "authenticator": "auth-username-password-form",
  1183.           "requirement": "REQUIRED",
  1184.           "priority": 10,
  1185.           "userSetupAllowed": false,
  1186.           "autheticatorFlow": false
  1187.         },
  1188.         {
  1189.           "authenticator": "auth-otp-form",
  1190.           "requirement": "OPTIONAL",
  1191.           "priority": 20,
  1192.           "userSetupAllowed": false,
  1193.           "autheticatorFlow": false
  1194.         }
  1195.       ]
  1196.     },
  1197.     {
  1198.       "id": "472c409a-6edb-445e-b36e-573bf34a60a2",
  1199.       "alias": "http challenge",
  1200.       "description": "An authentication flow based on challenge-response HTTP Authentication Schemes",
  1201.       "providerId": "basic-flow",
  1202.       "topLevel": true,
  1203.       "builtIn": true,
  1204.       "authenticationExecutions": [
  1205.         {
  1206.           "authenticator": "no-cookie-redirect",
  1207.           "requirement": "REQUIRED",
  1208.           "priority": 10,
  1209.           "userSetupAllowed": false,
  1210.           "autheticatorFlow": false
  1211.         },
  1212.         {
  1213.           "authenticator": "basic-auth",
  1214.           "requirement": "REQUIRED",
  1215.           "priority": 20,
  1216.           "userSetupAllowed": false,
  1217.           "autheticatorFlow": false
  1218.         },
  1219.         {
  1220.           "authenticator": "basic-auth-otp",
  1221.           "requirement": "DISABLED",
  1222.           "priority": 30,
  1223.           "userSetupAllowed": false,
  1224.           "autheticatorFlow": false
  1225.         },
  1226.         {
  1227.           "authenticator": "auth-spnego",
  1228.           "requirement": "DISABLED",
  1229.           "priority": 40,
  1230.           "userSetupAllowed": false,
  1231.           "autheticatorFlow": false
  1232.         }
  1233.       ]
  1234.     },
  1235.     {
  1236.       "id": "629e8337-4cc1-40c9-a307-4417fa946394",
  1237.       "alias": "registration",
  1238.       "description": "registration flow",
  1239.       "providerId": "basic-flow",
  1240.       "topLevel": true,
  1241.       "builtIn": true,
  1242.       "authenticationExecutions": [
  1243.         {
  1244.           "authenticator": "registration-page-form",
  1245.           "requirement": "REQUIRED",
  1246.           "priority": 10,
  1247.           "flowAlias": "registration form",
  1248.           "userSetupAllowed": false,
  1249.           "autheticatorFlow": true
  1250.         }
  1251.       ]
  1252.     },
  1253.     {
  1254.       "id": "598d3977-4eee-4da7-b1c5-b37d1d4998f2",
  1255.       "alias": "registration form",
  1256.       "description": "registration form",
  1257.       "providerId": "form-flow",
  1258.       "topLevel": false,
  1259.       "builtIn": true,
  1260.       "authenticationExecutions": [
  1261.         {
  1262.           "authenticator": "registration-user-creation",
  1263.           "requirement": "REQUIRED",
  1264.           "priority": 20,
  1265.           "userSetupAllowed": false,
  1266.           "autheticatorFlow": false
  1267.         },
  1268.         {
  1269.           "authenticator": "registration-profile-action",
  1270.           "requirement": "REQUIRED",
  1271.           "priority": 40,
  1272.           "userSetupAllowed": false,
  1273.           "autheticatorFlow": false
  1274.         },
  1275.         {
  1276.           "authenticator": "registration-password-action",
  1277.           "requirement": "REQUIRED",
  1278.           "priority": 50,
  1279.           "userSetupAllowed": false,
  1280.           "autheticatorFlow": false
  1281.         },
  1282.         {
  1283.           "authenticator": "registration-recaptcha-action",
  1284.           "requirement": "DISABLED",
  1285.           "priority": 60,
  1286.           "userSetupAllowed": false,
  1287.           "autheticatorFlow": false
  1288.         }
  1289.       ]
  1290.     },
  1291.     {
  1292.       "id": "e5fb7fd9-0423-47e2-959c-538e078ee4f2",
  1293.       "alias": "reset credentials",
  1294.       "description": "Reset credentials for a user if they forgot their password or something",
  1295.       "providerId": "basic-flow",
  1296.       "topLevel": true,
  1297.       "builtIn": true,
  1298.       "authenticationExecutions": [
  1299.         {
  1300.           "authenticator": "reset-credentials-choose-user",
  1301.           "requirement": "REQUIRED",
  1302.           "priority": 10,
  1303.           "userSetupAllowed": false,
  1304.           "autheticatorFlow": false
  1305.         },
  1306.         {
  1307.           "authenticator": "reset-credential-email",
  1308.           "requirement": "REQUIRED",
  1309.           "priority": 20,
  1310.           "userSetupAllowed": false,
  1311.           "autheticatorFlow": false
  1312.         },
  1313.         {
  1314.           "authenticator": "reset-password",
  1315.           "requirement": "REQUIRED",
  1316.           "priority": 30,
  1317.           "userSetupAllowed": false,
  1318.           "autheticatorFlow": false
  1319.         },
  1320.         {
  1321.           "authenticator": "reset-otp",
  1322.           "requirement": "OPTIONAL",
  1323.           "priority": 40,
  1324.           "userSetupAllowed": false,
  1325.           "autheticatorFlow": false
  1326.         }
  1327.       ]
  1328.     },
  1329.     {
  1330.       "id": "18e8fb3e-a32d-48a9-89ef-078eaf923fc7",
  1331.       "alias": "saml ecp",
  1332.       "description": "SAML ECP Profile Authentication Flow",
  1333.       "providerId": "basic-flow",
  1334.       "topLevel": true,
  1335.       "builtIn": true,
  1336.       "authenticationExecutions": [
  1337.         {
  1338.           "authenticator": "http-basic-authenticator",
  1339.           "requirement": "REQUIRED",
  1340.           "priority": 10,
  1341.           "userSetupAllowed": false,
  1342.           "autheticatorFlow": false
  1343.         }
  1344.       ]
  1345.     }
  1346.   ],
  1347.   "authenticatorConfig": [
  1348.     {
  1349.       "id": "fc5dfeb3-5889-4aba-a178-8f5ff07778a0",
  1350.       "alias": "create unique user config",
  1351.       "config": {
  1352.         "require.password.update.after.registration": "false"
  1353.       }
  1354.     },
  1355.     {
  1356.       "id": "ab76bfe4-cb9e-482f-bdef-99b407b754a7",
  1357.       "alias": "review profile config",
  1358.       "config": {
  1359.         "update.profile.on.first.login": "missing"
  1360.       }
  1361.     }
  1362.   ],
  1363.   "requiredActions": [
  1364.     {
  1365.       "alias": "CONFIGURE_TOTP",
  1366.       "name": "Configure OTP",
  1367.       "providerId": "CONFIGURE_TOTP",
  1368.       "enabled": true,
  1369.       "defaultAction": false,
  1370.       "priority": 10,
  1371.       "config": {}
  1372.     },
  1373.     {
  1374.       "alias": "terms_and_conditions",
  1375.       "name": "Terms and Conditions",
  1376.       "providerId": "terms_and_conditions",
  1377.       "enabled": false,
  1378.       "defaultAction": false,
  1379.       "priority": 20,
  1380.       "config": {}
  1381.     },
  1382.     {
  1383.       "alias": "UPDATE_PASSWORD",
  1384.       "name": "Update Password",
  1385.       "providerId": "UPDATE_PASSWORD",
  1386.       "enabled": true,
  1387.       "defaultAction": false,
  1388.       "priority": 30,
  1389.       "config": {}
  1390.     },
  1391.     {
  1392.       "alias": "UPDATE_PROFILE",
  1393.       "name": "Update Profile",
  1394.       "providerId": "UPDATE_PROFILE",
  1395.       "enabled": true,
  1396.       "defaultAction": false,
  1397.       "priority": 40,
  1398.       "config": {}
  1399.     },
  1400.     {
  1401.       "alias": "VERIFY_EMAIL",
  1402.       "name": "Verify Email",
  1403.       "providerId": "VERIFY_EMAIL",
  1404.       "enabled": true,
  1405.       "defaultAction": false,
  1406.       "priority": 50,
  1407.       "config": {}
  1408.     }
  1409.   ],
  1410.   "browserFlow": "browser",
  1411.   "registrationFlow": "registration",
  1412.   "directGrantFlow": "direct grant",
  1413.   "resetCredentialsFlow": "reset credentials",
  1414.   "clientAuthenticationFlow": "clients",
  1415.   "dockerAuthenticationFlow": "docker auth",
  1416.   "attributes": {
  1417.     "_browser_header.xXSSProtection": "1; mode=block",
  1418.     "_browser_header.strictTransportSecurity": "max-age=31536000; includeSubDomains",
  1419.     "_browser_header.xFrameOptions": "SAMEORIGIN",
  1420.     "quickLoginCheckMilliSeconds": "1000",
  1421.     "permanentLockout": "false",
  1422.     "_browser_header.xRobotsTag": "none",
  1423.     "maxFailureWaitSeconds": "900",
  1424.     "minimumQuickLoginWaitSeconds": "60",
  1425.     "failureFactor": "30",
  1426.     "actionTokenGeneratedByUserLifespan": "300",
  1427.     "maxDeltaTimeSeconds": "43200",
  1428.     "_browser_header.xContentTypeOptions": "nosniff",
  1429.     "actionTokenGeneratedByAdminLifespan": "43200",
  1430.     "offlineSessionMaxLifespan": "5184000",
  1431.     "_browser_header.contentSecurityPolicyReportOnly": "",
  1432.     "bruteForceProtected": "false",
  1433.     "_browser_header.contentSecurityPolicy": "frame-src 'self'; frame-ancestors 'self'; object-src 'none';",
  1434.     "offlineSessionMaxLifespanEnabled": "false",
  1435.     "waitIncrementSeconds": "60"
  1436.   },
  1437.   "keycloakVersion": "5.0.0",
  1438.   "userManagedAccessAllowed": false
  1439. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!