{
"id": "test",
"realm": "test",
"notBefore": 0,
"revokeRefreshToken": false,
"accessTokenLifespan": 300,
"accessTokenLifespanForImplicitFlow": 900,
"ssoSessionIdleTimeout": 1800,
"ssoSessionMaxLifespan": 36000,
"offlineSessionIdleTimeout": 2592000,
"accessCodeLifespan": 60,
"accessCodeLifespanUserAction": 300,
"accessCodeLifespanLogin": 1800,
"enabled": true,
"sslRequired": "external",
"registrationAllowed": true,
"registrationEmailAsUsername": false,
"rememberMe": false,
"verifyEmail": false,
"resetPasswordAllowed": true,
"editUsernameAllowed": true,
"bruteForceProtected": false,
"maxFailureWaitSeconds": 900,
"minimumQuickLoginWaitSeconds": 60,
"waitIncrementSeconds": 60,
"quickLoginCheckMilliSeconds": 1000,
"maxDeltaTimeSeconds": 43200,
"failureFactor": 30,
"groups": [
{
"id": "2aa57ddd-e48f-4a62-bb8e-53ebe2ff1057",
"name": "topGroup",
"path": "/topGroup",
"attributes": {
"topAttribute": [
"true"
]
},
"realmRoles": [
"user"
],
"clientRoles": {},
"subGroups": [
{
"id": "8e91afd4-b8e4-4de4-ba37-1edc7298d518",
"name": "level2group",
"path": "/topGroup/level2group",
"attributes": {
"level2Attribute": [
"true"
]
},
"realmRoles": [
"admin"
],
"clientRoles": {
"test-app": [
"customer-user"
]
},
"subGroups": []
}
]
}
],
"clients": [
{
"clientId": "test-app",
"enabled": true,
"baseUrl": "http://localhost:8180/auth/realms/master/app/auth",
"redirectUris": [
"http://localhost:8180/auth/realms/master/app/auth/*"
],
"adminUrl": "http://localhost:8180/auth/realms/master/app/admin",
"secret": "password"
}
],
"defaultRoles": [
"user",
"offline_access",
"uma_authorization"
],
"requiredCredentials": [
"password"
],
"passwordPolicy": "hashIterations(20000)",
"otpPolicyType": "totp",
"otpPolicyAlgorithm": "HmacSHA1",
"otpPolicyInitialCounter": 0,
"otpPolicyDigits": 6,
"otpPolicyLookAheadWindow": 1,
"otpPolicyPeriod": 30,
"browserSecurityHeaders": {
"xContentTypeOptions": "nosniff",
"xFrameOptions": "SAMEORIGIN",
"contentSecurityPolicy": "frame-src 'self'"
},
"smtpServer": {
"host": "0.0.0.0",
"from": "auto@keycloak.org",
"port": "3025"
},
"userFederationProviders": [
{
"id": "1fc3afd2-4c18-48dd-9055-b4bbae9229b7",
"displayName": "test-ldap",
"providerName": "ldap",
"config": {
"serverPrincipal": "HTTP/localhost@KEYCLOAK.ORG",
"debug": "true",
"pagination": "true",
"keyTab": "/Users/williamburke/jboss/keycloak/p1b-repo/keycloak/testsuite/integration-deprecated/target/test-classes/kerberos/http.keytab",
"connectionPooling": "true",
"usersDn": "ou=People,dc=keycloak,dc=org",
"useKerberosForPasswordAuthentication": "false",
"kerberosRealm": "KEYCLOAK.ORG",
"bindCredential": "secret",
"bindDn": "uid=admin,ou=system",
"allowPasswordAuthentication": "true",
"vendor": "other",
"editMode": "WRITABLE",
"allowKerberosAuthentication": "false",
"connectionUrl": "ldap://localhost:10389",
"syncRegistrations": "true",
"baseDn": "dc=keycloak,dc=org",
"batchSizeForSync": "3",
"updateProfileFirstLogin": "true"
},
"priority": 0,
"fullSyncPeriod": -1,
"changedSyncPeriod": -1,
"lastSync": 0
}
],
"userFederationMappers": [
{
"id": "b2fc2d9c-2ea8-417f-96db-2565be62a646",
"name": "last name",
"federationProviderDisplayName": "test-ldap",
"federationMapperType": "user-attribute-ldap-mapper",
"config": {
"always.read.value.from.ldap": "true",
"read.only": "false",
"ldap.attribute": "sn",
"is.mandatory.in.ldap": "true",
"user.model.attribute": "lastName"
}
},
{
"id": "6dc25318-dc20-4927-ba19-9293ab31aa28",
"name": "zipCodeMapper",
"federationProviderDisplayName": "test-ldap",
"federationMapperType": "user-attribute-ldap-mapper",
"config": {
"always.read.value.from.ldap": "false",
"read.only": "false",
"ldap.attribute": "postalCode",
"is.mandatory.in.ldap": "false",
"user.model.attribute": "postal_code"
}
},
{
"id": "7afa12a2-f36e-4f87-b715-e941773c8534",
"name": "username",
"federationProviderDisplayName": "test-ldap",
"federationMapperType": "user-attribute-ldap-mapper",
"config": {
"always.read.value.from.ldap": "false",
"read.only": "false",
"ldap.attribute": "uid",
"is.mandatory.in.ldap": "true",
"user.model.attribute": "username"
}
},
{
"id": "abfe054c-6d2a-4870-a239-1a312c3e5a94",
"name": "creation date",
"federationProviderDisplayName": "test-ldap",
"federationMapperType": "user-attribute-ldap-mapper",
"config": {
"always.read.value.from.ldap": "true",
"read.only": "true",
"ldap.attribute": "createTimestamp",
"is.mandatory.in.ldap": "false",
"user.model.attribute": "createTimestamp"
}
},
{
"id": "6aef95e5-736e-4b1e-98d0-332f61f94ff9",
"name": "first name",
"federationProviderDisplayName": "test-ldap",
"federationMapperType": "user-attribute-ldap-mapper",
"config": {
"always.read.value.from.ldap": "true",
"read.only": "false",
"ldap.attribute": "cn",
"is.mandatory.in.ldap": "true",
"user.model.attribute": "firstName"
}
},
{
"id": "0601e4a2-fd63-4f6a-ae3b-13cc6f4f4f1c",
"name": "email",
"federationProviderDisplayName": "test-ldap",
"federationMapperType": "user-attribute-ldap-mapper",
"config": {
"always.read.value.from.ldap": "false",
"read.only": "false",
"ldap.attribute": "mail",
"is.mandatory.in.ldap": "false",
"user.model.attribute": "email"
}
},
{
"id": "fa308910-3be9-4bd8-8256-66cf04d8fcd2",
"name": "modify date",
"federationProviderDisplayName": "test-ldap",
"federationMapperType": "user-attribute-ldap-mapper",
"config": {
"always.read.value.from.ldap": "true",
"read.only": "true",
"ldap.attribute": "modifyTimestamp",
"is.mandatory.in.ldap": "false",
"user.model.attribute": "modifyTimestamp"
}
}
],
"eventsEnabled": false,
"eventsListeners": [
"jboss-logging"
],
"enabledEventTypes": [],
"adminEventsEnabled": false,
"adminEventsDetailsEnabled": false,
"internationalizationEnabled": true,
"supportedLocales": [
"de",
"en"
],
"defaultLocale": "en",
"authenticationFlows": [
{
"id": "b12463a9-5d33-4f27-b010-4005db77e602",
"alias": "Handle Existing Account",
"description": "Handle what to do if there is existing account with same email/username like authenticated identity provider",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "idp-confirm-link",
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "idp-email-verification",
"requirement": "ALTERNATIVE",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"requirement": "ALTERNATIVE",
"priority": 30,
"flowAlias": "Verify Existing Account by Re-authentication",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "c1684fc8-a99d-4e19-a795-478e4d793fb5",
"alias": "Verify Existing Account by Re-authentication",
"description": "Reauthentication of existing account",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "idp-username-password-form",
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "auth-otp-form",
"requirement": "OPTIONAL",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "09af30d8-8c2a-45a4-a2be-b7617e9d0185",
"alias": "browser",
"description": "browser based authentication",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "auth-cookie",
"requirement": "ALTERNATIVE",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "auth-spnego",
"requirement": "DISABLED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "identity-provider-redirector",
"requirement": "ALTERNATIVE",
"priority": 25,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"requirement": "ALTERNATIVE",
"priority": 30,
"flowAlias": "forms",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "6cdf31d0-9c91-4ea6-8e37-da6e8fa7544c",
"alias": "clients",
"description": "Base authentication for clients",
"providerId": "client-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "client-secret",
"requirement": "ALTERNATIVE",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "client-jwt",
"requirement": "ALTERNATIVE",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "c9a38de8-4c0c-496a-9936-b9753f73bfcc",
"alias": "direct grant",
"description": "OpenID Connect Resource Owner Grant",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "direct-grant-validate-username",
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "direct-grant-validate-password",
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "direct-grant-validate-otp",
"requirement": "OPTIONAL",
"priority": 30,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "3755e297-7907-4c14-8c5f-d77e2bfe4b5d",
"alias": "first broker login",
"description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticatorConfig": "review profile config",
"authenticator": "idp-review-profile",
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticatorConfig": "create unique user config",
"authenticator": "idp-create-user-if-unique",
"requirement": "ALTERNATIVE",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"requirement": "ALTERNATIVE",
"priority": 30,
"flowAlias": "Handle Existing Account",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "f35b2f00-3e84-4f2e-b48e-3e4159d88a06",
"alias": "forms",
"description": "Username, password, otp and other auth forms.",
"providerId": "basic-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "auth-username-password-form",
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "auth-otp-form",
"requirement": "OPTIONAL",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "441b4480-1ace-483a-bffb-f0cb6659fe32",
"alias": "registration",
"description": "registration flow",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "registration-page-form",
"requirement": "REQUIRED",
"priority": 10,
"flowAlias": "registration form",
"userSetupAllowed": false,
"autheticatorFlow": true
}
]
},
{
"id": "c7de2a37-29a1-471a-9b51-699a69032b00",
"alias": "registration form",
"description": "registration form",
"providerId": "form-flow",
"topLevel": false,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "registration-user-creation",
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "registration-profile-action",
"requirement": "REQUIRED",
"priority": 40,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "registration-password-action",
"requirement": "REQUIRED",
"priority": 50,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "registration-recaptcha-action",
"requirement": "DISABLED",
"priority": 60,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "d362be0a-df20-4ce7-9288-f8448e0c4647",
"alias": "reset credentials",
"description": "Reset credentials for a user if they forgot their password or something",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "reset-credentials-choose-user",
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "reset-credential-email",
"requirement": "REQUIRED",
"priority": 20,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "reset-password",
"requirement": "REQUIRED",
"priority": 30,
"userSetupAllowed": false,
"autheticatorFlow": false
},
{
"authenticator": "reset-otp",
"requirement": "OPTIONAL",
"priority": 40,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
},
{
"id": "c2d7a1ae-57c9-4f3b-a4ce-55c3f0d9869f",
"alias": "saml ecp",
"description": "SAML ECP Profile Authentication Flow",
"providerId": "basic-flow",
"topLevel": true,
"builtIn": true,
"authenticationExecutions": [
{
"authenticator": "http-basic-authenticator",
"requirement": "REQUIRED",
"priority": 10,
"userSetupAllowed": false,
"autheticatorFlow": false
}
]
}
],
"authenticatorConfig": [
{
"id": "a2490828-becb-435f-9c3c-318b3939bf64",
"alias": "create unique user config",
"config": {
"require.password.update.after.registration": "false"
}
},
{
"id": "78421671-f733-4901-82bc-58bf50c43206",
"alias": "review profile config",
"config": {
"update.profile.on.first.login": "missing"
}
}
],
"requiredActions": [
{
"alias": "CONFIGURE_TOTP",
"name": "Configure OTP",
"providerId": "CONFIGURE_TOTP",
"enabled": true,
"defaultAction": false,
"config": {}
},
{
"alias": "UPDATE_PASSWORD",
"name": "Update Password",
"providerId": "UPDATE_PASSWORD",
"enabled": true,
"defaultAction": false,
"config": {}
},
{
"alias": "UPDATE_PROFILE",
"name": "Update Profile",
"providerId": "UPDATE_PROFILE",
"enabled": true,
"defaultAction": false,
"config": {}
},
{
"alias": "VERIFY_EMAIL",
"name": "Verify Email",
"providerId": "VERIFY_EMAIL",
"enabled": true,
"defaultAction": false,
"config": {}
},
{
"alias": "terms_and_conditions",
"name": "Terms and Conditions",
"providerId": "terms_and_conditions",
"enabled": false,
"defaultAction": false,
"config": {}
}
],
"browserFlow": "browser",
"registrationFlow": "registration",
"directGrantFlow": "direct grant",
"resetCredentialsFlow": "reset credentials",
"clientAuthenticationFlow": "clients",
"attributes": {
"_browser_header.xFrameOptions": "SAMEORIGIN",
"failureFactor": "30",
"quickLoginCheckMilliSeconds": "1000",
"maxDeltaTimeSeconds": "43200",
"_browser_header.xContentTypeOptions": "nosniff",
"bruteForceProtected": "false",
"maxFailureWaitSeconds": "900",
"_browser_header.contentSecurityPolicy": "frame-src 'self'",
"minimumQuickLoginWaitSeconds": "60",
"waitIncrementSeconds": "60"
}
}