{ "id": "test", "realm": "test", "enabled": true, "sslRequired": "external", "registrationAllowed": true, "resetPasswordAllowed": true, "editUsernameAllowed" : true, "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=", "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB", "requiredCredentials": [ "password" ], "defaultRoles": [ "user" ], "smtpServer": { "from": "auto@keycloak.org", "host": "localhost", "port":"3025" }, "users" : [ { "username" : "test-user@localhost", "enabled": true, "email" : "test-user@localhost", "firstName": "Tom", "lastName": "Brady", "credentials" : [ { "type" : "password", "value" : "password" } ], "realmRoles": ["user", "offline_access"], "clientRoles": { "test-app": [ "customer-user" ], "account": [ "view-profile", "manage-account" ] } }, { "username" : "john-doh@localhost", "enabled": true, "email" : "john-doh@localhost", "firstName": "John", "lastName": "Doh", "credentials" : [ { "type" : "password", "value" : "password" } ], "realmRoles": ["user"], "clientRoles": { "test-app": [ "customer-user" ], "account": [ "view-profile", "manage-account" ] } }, { "username" : "keycloak-user@localhost", "enabled": true, "email" : "keycloak-user@localhost", "credentials" : [ { "type" : "password", "value" : "password" } ], "realmRoles": ["user"], "clientRoles": { "test-app": [ "customer-user" ], "account": [ "view-profile", "manage-account" ] } }, { "username" : "topGroupUser", "enabled": true, "email" : "top@redhat.com", "credentials" : [ { "type" : "password", "value" : "password" } ], "groups": [ "/topGroup" ] }, { "username" : "level2GroupUser", "enabled": true, "email" : "level2@redhat.com", "credentials" : [ { "type" : "password", "value" : "password" } ], "groups": [ "/topGroup/level2group" ] }, { "username" : "roleRichUser", "enabled": true, "email" : "rich.roles@redhat.com", "credentials" : [ { "type" : "password", "value" : "password" } ], "groups": [ "/roleRichGroup/level2group" ], "clientRoles": { "test-app-scope": [ "test-app-allowed-by-scope", "test-app-disallowed-by-scope" ] } } ], "scopeMappings": [ { "client": "third-party", "roles": ["user"] }, { "client": "test-app", "roles": ["user"] }, { "client": "test-app-scope", "roles": ["user", "admin"] } ], "clients": [ { "clientId": "test-app", "enabled": true, "baseUrl": "http://localhost:8180/auth/realms/master/app/auth", "redirectUris": [ "http://localhost:8180/auth/realms/master/app/auth/*" ], "adminUrl": "http://localhost:8180/auth/realms/master/app/admin", "secret": "password" }, { "clientId" : "test-app-scope", "enabled": true, "redirectUris": [ "http://localhost:8180/auth/realms/master/app/*" ], "secret": "password", "fullScopeAllowed": "false" }, { "clientId" : "third-party", "enabled": true, "consentRequired": true, "redirectUris": [ "http://localhost:8180/auth/realms/master/app/*" ], "secret": "password" }, { "clientId": "test-app-authz", "enabled": true, "baseUrl": "/test-app-authz", "adminUrl": "/test-app-authz", "bearerOnly": false, "authorizationSettings": { "allowRemoteResourceManagement": true, "policyEnforcementMode": "ENFORCING", "resources": [ { "name": "Admin Resource", "uri": "/protected/admin/*", "type": "http://test-app-authz/protected/admin", "scopes": [ { "name": "admin-access" } ] }, { "name": "Protected Resource", "uri": "/*", "type": "http://test-app-authz/protected/resource", "scopes": [ { "name": "resource-access" } ] }, { "name": "Premium Resource", "uri": "/protected/premium/*", "type": "urn:test-app-authz:protected:resource", "scopes": [ { "name": "premium-access" } ] }, { "name": "Main Page", "type": "urn:test-app-authz:protected:resource", "scopes": [ { "name": "urn:test-app-authz:page:main:actionForAdmin" }, { "name": "urn:test-app-authz:page:main:actionForUser" }, { "name": "urn:test-app-authz:page:main:actionForPremiumUser" } ] } ], "policies": [ { "name": "Any Admin Policy", "description": "Defines that adminsitrators can do something", "type": "role", "config": { "roles": "[{\"id\":\"admin\"}]" } }, { "name": "Any User Policy", "description": "Defines that any user can do something", "type": "role", "config": { "roles": "[{\"id\":\"user\"}]" } }, { "name": "Only Premium User Policy", "description": "Defines that only premium users can do something", "type": "role", "logic": "POSITIVE", "config": { "roles": "[{\"id\":\"customer-user-premium\"}]" } }, { "name": "All Users Policy", "description": "Defines that all users can do something", "type": "aggregate", "decisionStrategy": "AFFIRMATIVE", "config": { "applyPolicies": "[\"Any User Policy\",\"Any Admin Policy\",\"Only Premium User Policy\"]" } }, { "name": "Premium Resource Permission", "description": "A policy that defines access to premium resources", "type": "resource", "decisionStrategy": "UNANIMOUS", "config": { "resources": "[\"Premium Resource\"]", "applyPolicies": "[\"Only Premium User Policy\"]" } }, { "name": "Administrative Resource Permission", "description": "A policy that defines access to administrative resources", "type": "resource", "decisionStrategy": "UNANIMOUS", "config": { "resources": "[\"Admin Resource\"]", "applyPolicies": "[\"Any Admin Policy\"]" } }, { "name": "Protected Resource Permission", "description": "A policy that defines access to any protected resource", "type": "resource", "decisionStrategy": "AFFIRMATIVE", "config": { "resources": "[\"Protected Resource\"]", "applyPolicies": "[\"All Users Policy\"]" } }, { "name": "Action 1 on Main Page Resource Permission", "description": "A policy that defines access to action 1 on the main page", "type": "scope", "decisionStrategy": "AFFIRMATIVE", "config": { "scopes": "[\"urn:test-app-authz:page:main:actionForAdmin\"]", "applyPolicies": "[\"Any Admin Policy\"]" } }, { "name": "Action 2 on Main Page Resource Permission", "description": "A policy that defines access to action 2 on the main page", "type": "scope", "decisionStrategy": "AFFIRMATIVE", "config": { "scopes": "[\"urn:test-app-authz:page:main:actionForUser\"]", "applyPolicies": "[\"Any User Policy\"]" } }, { "name": "Action 3 on Main Page Resource Permission", "description": "A policy that defines access to action 3 on the main page", "type": "scope", "decisionStrategy": "AFFIRMATIVE", "config": { "scopes": "[\"urn:test-app-authz:page:main:actionForPremiumUser\"]", "applyPolicies": "[\"Only Premium User Policy\"]" } } ] }, "redirectUris": [ "/test-app-authz/*" ], "secret": "secret" } ], "roles" : { "realm" : [ { "name": "user", "description": "Have User privileges" }, { "name": "admin", "description": "Have Administrator privileges" }, { "name": "customer-user-premium", "description": "Have User Premium privileges" }, { "name": "sample-realm-role", "description": "Sample realm role" }, { "name": "realm-composite-role", "description": "Realm composite role containing client role", "composite" : true, "composites" : { "realm" : [ "sample-realm-role" ], "client" : { "test-app" : [ "sample-client-role" ], "account" : [ "view-profile" ] } } } ], "client" : { "test-app" : [ { "name": "customer-user", "description": "Have Customer User privileges" }, { "name": "customer-admin", "description": "Have Customer Admin privileges" }, { "name": "sample-client-role", "description": "Sample client role" }, { "name": "customer-admin-composite-role", "description": "Have Customer Admin privileges via composite role", "composite" : true, "composites" : { "realm" : [ "customer-user-premium" ], "client" : { "test-app" : [ "customer-admin" ] } } } ], "test-app-scope" : [ { "name": "test-app-allowed-by-scope", "description": "Role allowed by scope in test-app-scope" }, { "name": "test-app-disallowed-by-scope", "description": "Role disallowed by scope in test-app-scope" } ] } }, "groups" : [ { "name": "topGroup", "attributes": { "topAttribute": ["true"] }, "realmRoles": ["user"], "subGroups": [ { "name": "level2group", "realmRoles": ["admin"], "clientRoles": { "test-app": ["customer-user"] }, "attributes": { "level2Attribute": ["true"] } } ] }, { "name": "roleRichGroup", "attributes": { "topAttribute": ["true"] }, "realmRoles": ["user", "realm-composite-role"], "clientRoles": { "account": ["manage-account"] }, "subGroups": [ { "name": "level2group", "realmRoles": ["admin"], "clientRoles": { "test-app": ["customer-user", "customer-admin-composite-role"] }, "attributes": { "level2Attribute": ["true"] } } ] } ], "clientScopeMappings": { "test-app": [ { "client": "third-party", "roles": ["customer-user"] }, { "client": "test-app-scope", "roles": ["customer-admin-composite-role"] } ], "test-app-scope": [ { "client": "test-app-scope", "roles": ["test-app-allowed-by-scope"] } ] }, "internationalizationEnabled": true, "supportedLocales": ["en", "de"], "defaultLocale": "en", "eventsListeners": ["jboss-logging", "event-queue"] }