{ "realm": "meldestelle", "enabled": true, "displayName": "Meldestelle Authentication", "displayNameHtml": "
Meldestelle
", "sslRequired": "external", "registrationAllowed": false, "registrationEmailAsUsername": false, "rememberMe": true, "verifyEmail": false, "loginWithEmailAllowed": true, "duplicateEmailsAllowed": false, "resetPasswordAllowed": true, "editUsernameAllowed": false, "bruteForceProtected": true, "permanentLockout": false, "maxFailureWaitSeconds": 900, "minimumQuickLoginWaitSeconds": 60, "waitIncrementSeconds": 60, "quickLoginCheckMilliSeconds": 1000, "maxDeltaTimeSeconds": 43200, "failureFactor": 5, "defaultSignatureAlgorithm": "RS256", "offlineSessionMaxLifespan": 5184000, "offlineSessionMaxLifespanEnabled": false, "accessTokenLifespan": 300, "accessTokenLifespanForImplicitFlow": 900, "ssoSessionIdleTimeout": 1800, "ssoSessionMaxLifespan": 36000, "refreshTokenMaxReuse": 0, "accessCodeLifespan": 60, "accessCodeLifespanUserAction": 300, "accessCodeLifespanLogin": 1800, "actionTokenGeneratedByAdminLifespan": 43200, "actionTokenGeneratedByUserLifespan": 300, "oauth2DeviceCodeLifespan": 600, "oauth2DevicePollingInterval": 5, "internationalizationEnabled": true, "supportedLocales": ["de", "en"], "defaultLocale": "de", "roles": { "realm": [ { "name": "ADMIN", "description": "Administrator role with full system access", "composite": false, "clientRole": false }, { "name": "USER", "description": "Standard user role with limited access", "composite": false, "clientRole": false }, { "name": "MONITORING", "description": "Monitoring role for system health checks", "composite": false, "clientRole": false }, { "name": "GUEST", "description": "Guest role with minimal access", "composite": false, "clientRole": false } ] }, "clients": [ { "clientId": "api-gateway", "name": "API Gateway Client", "description": "OAuth2 client for the Meldestelle API Gateway", "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "K5RqonwVOaxPKaXVH4mbthSRbjRh5tOK", "redirectUris": [ "http://localhost:8081/*", "http://localhost:3000/*", "https://app.meldestelle.at/*" ], "webOrigins": [ "http://localhost:8081", "http://localhost:3000", "https://app.meldestelle.at" ], "protocol": "openid-connect", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": true, "authorizationServicesEnabled": false, "fullScopeAllowed": true, "frontchannelLogout": true, "attributes": { "access.token.lifespan": "300", "client.secret.creation.time": "0", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.session.required": "true", "backchannel.logout.revoke.offline.tokens": "false" }, "protocolMappers": [ { "name": "realm-roles", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-realm-role-mapper", "consentRequired": false, "config": { "multivalued": "true", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "realm_access.roles", "jsonType.label": "String" } }, { "name": "client-roles", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-client-role-mapper", "consentRequired": false, "config": { "multivalued": "true", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "resource_access.${client_id}.roles", "jsonType.label": "String" } }, { "name": "username", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-property-mapper", "consentRequired": false, "config": { "userinfo.token.claim": "true", "user.attribute": "username", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "preferred_username", "jsonType.label": "String" } }, { "name": "email", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-property-mapper", "consentRequired": false, "config": { "userinfo.token.claim": "true", "user.attribute": "email", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "email", "jsonType.label": "String" } }, { "name": "full-name", "protocol": "openid-connect", "protocolMapper": "oidc-full-name-mapper", "consentRequired": false, "config": { "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true" } } ] }, { "clientId": "web-app", "name": "Web Application Client", "description": "Public client for web frontend", "enabled": true, "publicClient": true, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "redirectUris": [ "http://localhost:4000/*", "http://localhost:3000/*", "https://app.meldestelle.at/*" ], "webOrigins": [ "http://localhost:4000", "http://localhost:3000", "https://app.meldestelle.at" ], "protocol": "openid-connect", "attributes": { "pkce.code.challenge.method": "S256" } } ], "users": [ { "username": "admin", "enabled": true, "emailVerified": true, "firstName": "System", "lastName": "Administrator", "email": "admin@meldestelle.local", "credentials": [ { "type": "password", "value": "Change_Me_In_Production!", "temporary": true } ], "realmRoles": ["ADMIN", "USER"], "clientRoles": { "api-gateway": ["ADMIN"] } } ], "groups": [], "defaultRoles": ["USER", "GUEST"], "requiredCredentials": ["password"], "passwordPolicy": "length(8)", "otpPolicyType": "totp", "otpPolicyAlgorithm": "HmacSHA1", "otpPolicyInitialCounter": 0, "otpPolicyDigits": 6, "otpPolicyLookAheadWindow": 1, "otpPolicyPeriod": 30, "otpSupportedApplications": ["FreeOTP", "Google Authenticator"], "webAuthnPolicyRpEntityName": "meldestelle", "webAuthnPolicySignatureAlgorithms": ["ES256", "RS256"], "smtpServer": {}, "eventsEnabled": true, "eventsListeners": ["jboss-logging"], "enabledEventTypes": [ "LOGIN", "LOGIN_ERROR", "LOGOUT", "REGISTER", "REGISTER_ERROR", "UPDATE_PASSWORD", "UPDATE_PASSWORD_ERROR" ], "adminEventsEnabled": true, "adminEventsDetailsEnabled": true, "identityProviders": [], "identityProviderMappers": [], "components": { "org.keycloak.keys.KeyProvider": [ { "name": "rsa-generated", "providerId": "rsa-generated", "subComponents": {}, "config": { "priority": ["100"] } }, { "name": "hmac-generated", "providerId": "hmac-generated", "subComponents": {}, "config": { "priority": ["100"], "algorithm": ["HS256"] } }, { "name": "aes-generated", "providerId": "aes-generated", "subComponents": {}, "config": { "priority": ["100"] } } ] }, "authenticationFlows": [], "authenticatorConfig": [], "requiredActions": [], "browserFlow": "browser", "registrationFlow": "registration", "directGrantFlow": "direct grant", "resetCredentialsFlow": "reset credentials", "clientAuthenticationFlow": "clients", "dockerAuthenticationFlow": "docker auth", "attributes": { "frontendUrl": "", "acr.loa.map": "{}", "clientOfflineSessionMaxLifespan": "0", "clientSessionIdleTimeout": "0", "clientSessionMaxLifespan": "0", "clientOfflineSessionIdleTimeout": "0" } }