libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions
keycloak-scim/docs/documentation/server_admin/images
History
Ben Cresitello-Dittmar 057d8a00ac Implement Authentication Method Reference (AMR) claim from OIDC specification 
This implements a method for configuring authenticator reference values for Keycloak authenticator executions and a protocol mapper for populating the AMR claim in the resulting OIDC tokens.

This implementation adds a default configuration item to each authenticator execution, allowing administrators to configure an authenticator reference value. Upon successful completion of an authenticator during an authentication flow, Keycloak tracks the execution ID in a user session note.

The protocol mapper pulls the list of completed authenticators from the user session notes and loads the associated configurations for each authenticator execution. It then captures the list of authenticator references from these configs and sets it in the AMR claim of the resulting tokens.

Closes #19190

Signed-off-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org>
2024-01-03 14:59:05 -03:00
..
account-console-applications.png
account-console-device.png
account-console-intro.png
account-console-linked.png
account-console-signing-in-webauthn-2factor.png
account-console-signing-in-webauthn-passwordless.png
account-console-signing-in.png
account-service-apps.png
account-service-authenticator.png
account-service-federated-identity.png
account-service-password.png
account-service-profile.png
account-service-sessions.png
add-client-oidc.png
add-client-saml.png
add-event-types.png
add-identity-provider.png
add-mapper.png
add-provider-dialog.png
add-provider-select.png
add-realm-menu.png
add-user-script.png
add-user.png
admin-console.png
admin-events-filter.png
admin-events-representation.png
admin-events-settings.png
admin-events.png
audience_mapper.png
authentication-step-up-condition-1.png
authentication-step-up-condition-2.png
authentication-step-up-flow.png
authentication-user-session-limits-browser.png
authentication-user-session-limits-resetcred.png
bitbucket-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
bitbucket-app-page.png
bitbucket-developer-applications.png
bitbucket-register-app.png
browser-flow.png
brute-force.png
capability-config.png
client-advanced-settings-oidc.png
client-credentials-jwt.png
client-credentials.png
client-installation.png
client-oidc-keys.png
client-oidc-map-acr-to-loa.png
client-scope.png
client-scopes-default.png
client-scopes-evaluate.png
client-scopes-list.png
client-scopes-phone.png
client-sessions.png
client-settings-oidc.png
client-settings-saml.png
clients.png
composite-role.png
config-authenticator-reference.png Implement Authentication Method Reference (AMR) claim from OIDC specification 2024-01-03 14:59:05 -03:00
Create-authentication-execution.png
create-oidc-client-profile.png
create-oidc-client-secret-rotation-condition.png
create-oidc-client-secret-rotation-executor.png
create-oidc-client-secret-rotation-policy.png
create-realm.png
Create-top-level-flow.png
credentials.png
default-groups.png
default-required-actions.png
default-roles.png
delete-account-client-role.png
delete-account-confirm.png
delete-account-landing-screen.png
delete-account-page.png
delete-user.png
deny-access-execution-cond.png
deny-access-flow.png
deny-access-role-condition.png
domain-mode.png
effective-role-mappings.png
email-simple-example.png
email-tab.png
enable-delete-account-action.png
event-listeners.png
facebook-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
facebook-add-new-app.png
facebook-app-settings-website.png
facebook-app-settings.png
facebook-create-app-id.png
failed-password-policy.png
fine-grain-add-view-leads.png
fine-grain-add-view-users.png
fine-grain-assign-query-clients.png
fine-grain-client-assign-user-policy.png
fine-grain-client-manage-permissions.png
fine-grain-client-permissions-tab-off.png
fine-grain-client-permissions-tab-on.png
fine-grain-client-user-policy.png
fine-grain-client.png
fine-grain-group-permissions-tab-on.png
fine-grain-map-roles-permission.png
fine-grain-sales-admin-login.png
fine-grain-sales-application-roles.png
fine-grain-users-permissions.png
fine-grain-view-leads-permissions.png
fine-grain-view-leads-role-tab.png
forgot-password-link.png
forgot-password-page.png
full-client-scope.png
general-tab.png
generate-client-keys.png
github-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
github-app-page.png
github-developer-applications.png
github-register-app.png
gitlab-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
gitlab-app-page.png
gitlab-developer-applications.png
google-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
google-client-credentials.png
google-create-credentials.png
google-create-oauth-id.png
google-dashboard.png
google-developer-console.png
google-oauth-consent-screen.png
group-membership.png
group.png
groups.png
groups_account_console.png
identity-provider-login-page.png
identity-provider-mapper.png
identity-provider-mappers.png
identity-providers.png
identity_broker_flow.png
import-client-cert.png
import-client-saml.png
initial-welcome-page.png
instagram-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
instagram-app-settings.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
instagram-create-instagram-app-id.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
kerberos-browser-flow.png
kerberos-provider.png
kerberos-trust-basic.png
keycloak-sssd-freeipa-integration-overview.png
keycloak_logo.png
keys-tab.png
ldap-kerberos.png
ldap-vault.png
linked-in-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
linked-in-app-settings.png
linked-in-create-app.png
linked-in-developer-network.png
localization.png
login-events-config.png
login-events-filter.png
login-events-settings.png
login-events.png
login-page.png
login-tab-remember-me.png
login-tab.png
mapper-config.png
mappers-oidc.png
master_realm.png
meta-add-product.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
meta-add-use-case.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
meta-create-app.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
meta-select-app-type.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
microsoft-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
microsoft-app-register.png
microsoft-app-settings.png
New-flow.png
oidc-add-identity-provider.png
oidc-client-secret-rotation-policy.png
openshift-4-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
openshift-4-result.png
openshift-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
otp-policy.png
password-policy.png
Passwordless-browser-login-common.png
Passwordless-browser-login.png
paypal-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
paypal-developer-applications.png
paypal-register-app.png
realm-oidc-map-acr-to-loa.png
recaptcha-config.png
registration-flow.png
registration-form-with-required-tac.png
registration-form.png
registration-link.png
remember-me.png
require-tac-agreement-at-registration.png
reset-credentials-flow.png
reset-credentials-required-actions.png
revocation.png
role.png
roles.png
saml-add-identity-provider.png
search-user-event.png
security-headers.png
sessions-tab.png
sessions.png
stack-overflow-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
stack-overflow-app-register.png
stack-overflow-app-settings.png
themes-tab.png
tokens-tab.png
twitter-add-identity-provider.png Update Social Identity Providers documentation (#24601) 2023-11-16 17:58:53 +01:00
twitter-app-create.png
twitter-app-register.png
twitter-details.png
twitter-keys.png
update-server-config-dialog.png
update-server-config-select.png
user-attributes.png
user-credentials-set-password.png
user-credentials.png
user-details.png
user-events-settings.png
user-events.png
user-federation.png
user-groups.png
user-profile-annotation.png
user-profile-attribute-group-list.png
user-profile-attribute-list-order.png
user-profile-create-attribute-group.png
user-profile-create-attribute.png
user-profile-enabling.png
user-profile-json-config.png
user-profile-permission.png
user-profile-register-verify-profile-action.png
user-profile-select-options-custom-validator.png Addressing Server Admin review comments 2023-11-13 15:48:02 +01:00
user-profile-select-options-simple-i18n.png
user-profile-select-options-simple.png
user-profile-tab.png
user-profile-update-profile.png
user-profile-validation.png
user-required-action.png
user-role-mappings.png
user-search.png
user-sessions.png
users.png
webauthn-browser-flow-conditional-with-OTP.png
webauthn-browser-flow-conditional.png
webauthn-browser-flow-required.png
webauthn-loginless-flow.png
webauthn-passwordless-flow.png
x509-browser-flow-bindings.png
x509-browser-flow.png
x509-client-auth.png
x509-configuration.png
x509-directgrant-execution.png
x509-directgrant-flow-bindings.png
x509-directgrant-flow.png
x509-execution.png