digitaldemocratic/dd-sso/init/keycloak/jsons/realm.json

{
  "id" : "master",
  "realm" : "master",
  "displayName" : "Keycloak",
  "displayNameHtml" : "<div class=\"kc-logo-text\"><span>Keycloak</span></div>",
  "notBefore" : 0,
  "defaultSignatureAlgorithm" : "RS256",
  "revokeRefreshToken" : false,
  "refreshTokenMaxReuse" : 0,
  "accessTokenLifespan" : 300,
  "accessTokenLifespanForImplicitFlow" : 900,
  "ssoSessionIdleTimeout" : 1800,
  "ssoSessionMaxLifespan" : 36000,
  "ssoSessionIdleTimeoutRememberMe" : 0,
  "ssoSessionMaxLifespanRememberMe" : 0,
  "offlineSessionIdleTimeout" : 2592000,
  "offlineSessionMaxLifespanEnabled" : false,
  "offlineSessionMaxLifespan" : 5184000,
  "clientSessionIdleTimeout" : 0,
  "clientSessionMaxLifespan" : 0,
  "clientOfflineSessionIdleTimeout" : 0,
  "clientOfflineSessionMaxLifespan" : 0,
  "accessCodeLifespan" : 60,
  "accessCodeLifespanUserAction" : 300,
  "accessCodeLifespanLogin" : 1800,
  "actionTokenGeneratedByAdminLifespan" : 43200,
  "actionTokenGeneratedByUserLifespan" : 300,
  "enabled" : true,
  "sslRequired" : "external",
  "registrationAllowed" : false,
  "registrationEmailAsUsername" : false,
  "rememberMe" : false,
  "verifyEmail" : false,
  "loginWithEmailAllowed" : true,
  "duplicateEmailsAllowed" : false,
  "resetPasswordAllowed" : false,
  "editUsernameAllowed" : false,
  "bruteForceProtected" : false,
  "permanentLockout" : false,
  "maxFailureWaitSeconds" : 900,
  "minimumQuickLoginWaitSeconds" : 60,
  "waitIncrementSeconds" : 60,
  "quickLoginCheckMilliSeconds" : 1000,
  "maxDeltaTimeSeconds" : 43200,
  "failureFactor" : 30,
  "defaultRoles" : [ "offline_access", "uma_authorization" ],
  "requiredCredentials" : [
    "password"
  ],
  "otpPolicyType" : "totp",
  "otpPolicyAlgorithm" : "HmacSHA1",
  "otpPolicyInitialCounter" : 0,
  "otpPolicyDigits" : 6,
  "otpPolicyLookAheadWindow" : 1,
  "otpPolicyPeriod" : 30,
  "otpSupportedApplications" : [
    "FreeOTP",
    "Google Authenticator"
  ],
  "webAuthnPolicyRpEntityName" : "keycloak",
  "webAuthnPolicySignatureAlgorithms" : [
    "ES256"
  ],
  "webAuthnPolicyRpId" : "",
  "webAuthnPolicyAttestationConveyancePreference" : "not specified",
  "webAuthnPolicyAuthenticatorAttachment" : "not specified",
  "webAuthnPolicyRequireResidentKey" : "not specified",
  "webAuthnPolicyUserVerificationRequirement" : "not specified",
  "webAuthnPolicyCreateTimeout" : 0,
  "webAuthnPolicyAvoidSameAuthenticatorRegister" : false,
  "webAuthnPolicyAcceptableAaguids" : [ ],
  "webAuthnPolicyPasswordlessRpEntityName" : "keycloak",
  "webAuthnPolicyPasswordlessSignatureAlgorithms" : [
    "ES256"
  ],
  "webAuthnPolicyPasswordlessRpId" : "",
  "webAuthnPolicyPasswordlessAttestationConveyancePreference" : "not specified",
  "webAuthnPolicyPasswordlessAuthenticatorAttachment" : "not specified",
  "webAuthnPolicyPasswordlessRequireResidentKey" : "not specified",
  "webAuthnPolicyPasswordlessUserVerificationRequirement" : "not specified",
  "webAuthnPolicyPasswordlessCreateTimeout" : 0,
  "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister" : false,
  "webAuthnPolicyPasswordlessAcceptableAaguids" : [ ],
  "browserSecurityHeaders" : {
    "contentSecurityPolicyReportOnly" : "",
    "xContentTypeOptions" : "nosniff",
    "xRobotsTag" : "none",
    "xFrameOptions" : "SAMEORIGIN",
    "contentSecurityPolicy" : "frame-src 'self'; frame-ancestors 'self' *.DDDOMAIN localhost; object-src 'none';",
    "xXSSProtection" : "1; mode=block",
    "strictTransportSecurity" : "max-age=31536000; includeSubDomains"
  },
  "smtpServer" : { },
  "loginTheme" : "dd",
  "accountTheme" : "account-avatar",
  "eventsEnabled": true,
  "eventsExpiration": 604800,
  "eventsListeners" : [
    "jboss-logging"
  ],
  "enabledEventTypes": [
    "SEND_RESET_PASSWORD",
    "UPDATE_CONSENT_ERROR",
    "GRANT_CONSENT",
    "VERIFY_PROFILE_ERROR",
    "REMOVE_TOTP",
    "REVOKE_GRANT",
    "UPDATE_TOTP",
    "LOGIN_ERROR",
    "CLIENT_LOGIN",
    "RESET_PASSWORD_ERROR",
    "IMPERSONATE_ERROR",
    "CODE_TO_TOKEN_ERROR",
    "CUSTOM_REQUIRED_ACTION",
    "OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR",
    "RESTART_AUTHENTICATION",
    "IMPERSONATE",
    "UPDATE_PROFILE_ERROR",
    "LOGIN",
    "OAUTH2_DEVICE_VERIFY_USER_CODE",
    "UPDATE_PASSWORD_ERROR",
    "CLIENT_INITIATED_ACCOUNT_LINKING",
    "TOKEN_EXCHANGE",
    "AUTHREQID_TO_TOKEN",
    "LOGOUT",
    "REGISTER",
    "DELETE_ACCOUNT_ERROR",
    "CLIENT_REGISTER",
    "IDENTITY_PROVIDER_LINK_ACCOUNT",
    "DELETE_ACCOUNT",
    "UPDATE_PASSWORD",
    "CLIENT_DELETE",
    "FEDERATED_IDENTITY_LINK_ERROR",
    "IDENTITY_PROVIDER_FIRST_LOGIN",
    "CLIENT_DELETE_ERROR",
    "VERIFY_EMAIL",
    "CLIENT_LOGIN_ERROR",
    "RESTART_AUTHENTICATION_ERROR",
    "EXECUTE_ACTIONS",
    "REMOVE_FEDERATED_IDENTITY_ERROR",
    "TOKEN_EXCHANGE_ERROR",
    "PERMISSION_TOKEN",
    "SEND_IDENTITY_PROVIDER_LINK_ERROR",
    "EXECUTE_ACTION_TOKEN_ERROR",
    "SEND_VERIFY_EMAIL",
    "OAUTH2_DEVICE_AUTH",
    "EXECUTE_ACTIONS_ERROR",
    "REMOVE_FEDERATED_IDENTITY",
    "OAUTH2_DEVICE_CODE_TO_TOKEN",
    "IDENTITY_PROVIDER_POST_LOGIN",
    "IDENTITY_PROVIDER_LINK_ACCOUNT_ERROR",
    "OAUTH2_DEVICE_VERIFY_USER_CODE_ERROR",
    "UPDATE_EMAIL",
    "REGISTER_ERROR",
    "REVOKE_GRANT_ERROR",
    "EXECUTE_ACTION_TOKEN",
    "LOGOUT_ERROR",
    "UPDATE_EMAIL_ERROR",
    "CLIENT_UPDATE_ERROR",
    "AUTHREQID_TO_TOKEN_ERROR",
    "UPDATE_PROFILE",
    "CLIENT_REGISTER_ERROR",
    "FEDERATED_IDENTITY_LINK",
    "SEND_IDENTITY_PROVIDER_LINK",
    "SEND_VERIFY_EMAIL_ERROR",
    "RESET_PASSWORD",
    "CLIENT_INITIATED_ACCOUNT_LINKING_ERROR",
    "OAUTH2_DEVICE_AUTH_ERROR",
    "UPDATE_CONSENT",
    "REMOVE_TOTP_ERROR",
    "VERIFY_EMAIL_ERROR",
    "SEND_RESET_PASSWORD_ERROR",
    "CLIENT_UPDATE",
    "CUSTOM_REQUIRED_ACTION_ERROR",
    "IDENTITY_PROVIDER_POST_LOGIN_ERROR",
    "UPDATE_TOTP_ERROR",
    "CODE_TO_TOKEN",
    "VERIFY_PROFILE",
    "GRANT_CONSENT_ERROR",
    "IDENTITY_PROVIDER_FIRST_LOGIN_ERROR"
  ],
  "adminEventsEnabled" : false,
  "adminEventsDetailsEnabled" : false,
  "identityProviders" : [ ],
  "identityProviderMappers" : [ ],
  "internationalizationEnabled" : true,
  "supportedLocales" : [
    "en",
    "ca",
    "es"
  ],
  "defaultLocale" : "ca",
  "browserFlow" : "browser",
  "registrationFlow" : "registration",
  "directGrantFlow" : "direct grant",
  "resetCredentialsFlow" : "reset credentials",
  "clientAuthenticationFlow" : "clients",
  "dockerAuthenticationFlow" : "docker auth",
  "attributes" : {
    "clientOfflineSessionMaxLifespan" : "0",
    "clientSessionIdleTimeout" : "0",
    "clientSessionMaxLifespan" : "0",
    "clientOfflineSessionIdleTimeout" : "0"
  },
  "userManagedAccessAllowed" : true
}