You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
87 lines
2.7 KiB
Django/Jinja
87 lines
2.7 KiB
Django/Jinja
#jinja2: trim_blocks:False
|
|
{
|
|
"clientId": "{{ client_id }}",
|
|
"rootUrl": "{{ client_root_url }}",
|
|
"adminUrl": "{{ client_admin_url }}",
|
|
"baseUrl": "{{ client_base_url | default('') }}",
|
|
"surrogateAuthRequired": false,
|
|
"enabled": true,
|
|
"alwaysDisplayInConsole": false,
|
|
"clientAuthenticatorType": "client-secret",
|
|
"redirectUris": [
|
|
{% for uri in client_redirect_uri %}
|
|
"{{ uri }}",
|
|
{% endfor %}
|
|
],
|
|
"webOrigins": [
|
|
{% for uri in client_web_origins %}
|
|
"{{ uri }}"
|
|
{% endfor %}
|
|
],
|
|
"notBefore": 0,
|
|
"bearerOnly": false,
|
|
"consentRequired": false,
|
|
"standardFlowEnabled": true,
|
|
"implicitFlowEnabled": false,
|
|
"directAccessGrantsEnabled": true,
|
|
"serviceAccountsEnabled": false,
|
|
"publicClient": false,
|
|
"frontchannelLogout": false,
|
|
"protocol": "{{ keycloak_clientscope_protocol }}",
|
|
"attributes": {
|
|
"saml.assertion.signature": "false",
|
|
"id.token.as.detached.signature": "false",
|
|
"access.token.lifespan": "{{ keycloak_accesstoken_ttl | default(3600) }}",
|
|
"saml.multivalued.roles": "false",
|
|
"saml.force.post.binding": "false",
|
|
"saml.encrypt": "false",
|
|
"oauth2.device.authorization.grant.enabled": "false",
|
|
"saml.server.signature": "false",
|
|
"backchannel.logout.revoke.offline.tokens": "false",
|
|
"saml.server.signature.keyinfo.ext": "false",
|
|
"use.refresh.tokens": "true",
|
|
"exclude.session.state.from.auth.response": "false",
|
|
"oidc.ciba.grant.enabled": "false",
|
|
"saml.artifact.binding": "false",
|
|
"backchannel.logout.session.required": "true",
|
|
"client_credentials.use_refresh_token": "false",
|
|
"saml_force_name_id_format": "false",
|
|
"saml.client.signature": "false",
|
|
"tls.client.certificate.bound.access.tokens": "false",
|
|
"saml.authnstatement": "false",
|
|
"display.on.consent.screen": "false",
|
|
"saml.onetimeuse.condition": "false"
|
|
},
|
|
"authenticationFlowBindingOverrides": {},
|
|
"fullScopeAllowed": true,
|
|
"nodeReRegistrationTimeout": -1,
|
|
"protocolMappers": [
|
|
{
|
|
"name": "docker-v2-allow-all-mapper",
|
|
"protocol": "docker-v2",
|
|
"protocolMapper": "docker-v2-allow-all-mapper",
|
|
"consentRequired": false,
|
|
"config": {}
|
|
}
|
|
],
|
|
"defaultClientScopes": [
|
|
"web-origins",
|
|
"profile",
|
|
"roles",
|
|
"{{ keycloak_clientscope_name }}",
|
|
"email"
|
|
],
|
|
"optionalClientScopes": [
|
|
"address",
|
|
"phone",
|
|
"offline_access",
|
|
"microprofile-jwt"
|
|
],
|
|
"access": {
|
|
"view": true,
|
|
"configure": true,
|
|
"manage": true
|
|
},
|
|
"secret": '{{ keycloak_client_secret_vault }}'
|
|
}
|