{ "id": "gardenplan-realm", "realm": "gardenplan", "displayName": "GardenPlan", "displayNameHtml": "
GardenPlan
", "notBefore": 0, "defaultSignatureAlgorithm": "RS256", "revokeRefreshToken": false, "refreshTokenMaxReuse": 0, "accessTokenLifespan": 3600, "accessTokenLifespanForImplicitFlow": 900, "ssoSessionIdleTimeout": 3600, "ssoSessionMaxLifespan": 86400, "ssoSessionIdleTimeoutRememberMe": 0, "ssoSessionMaxLifespanRememberMe": 0, "offlineSessionIdleTimeout": 2592000, "offlineSessionMaxLifespanEnabled": false, "offlineSessionMaxLifespan": 5184000, "clientSessionIdleTimeout": 0, "clientSessionMaxLifespan": 0, "clientOfflineSessionIdleTimeout": 0, "clientOfflineSessionMaxLifespan": 0, "accessCodeLifespan": 60, "accessCodeLifespanUserAction": 300, "accessCodeLifespanLogin": 1800, "actionTokenGeneratedByAdminLifespan": 43200, "actionTokenGeneratedByUserLifespan": 3600, "oauth2DeviceCodeLifespan": 600, "oauth2DevicePollingInterval": 5, "enabled": true, "sslRequired": "external", "registrationAllowed": true, "registrationEmailAsUsername": false, "rememberMe": false, "verifyEmail": false, "loginWithEmailAllowed": true, "duplicateEmailsAllowed": false, "resetPasswordAllowed": false, "editUsernameAllowed": false, "bruteForceProtected": false, "permanentLockout": false, "maxTemporaryLockouts": 0, "maxFailureWaitSeconds": 900, "minimumQuickLoginWaitSeconds": 60, "waitIncrementSeconds": 60, "quickLoginCheckMilliSlots": 144, "quickLoginCheckMilliDetails": 200, "bruteForceStrategy": "MULTI_USER", "resetPasswordTimeout": 0, "defaultRole": { "id": "gardenplan-default-role", "name": "default-roles-gardenplan", "description": "${role_default-roles}", "type": "DEFAULT", "scope": "GLOBAL" }, "requiredCredentials": [ "password" ], "otpPolicyType": "totp", "otpPolicyAlgorithm": "HmacSHA1", "otpPolicyInitialCounter": 0, "otpPolicyDigits": 6, "otpPolicyLookAheadWindow": 1, "otpPolicyPeriod": 30, "otpSupportedApplications": [ "FreeOTP", "Google Authenticator" ], "localizationTexts": {}, "webAuthnChallengeUsage": "per-session", "identityProviderAliases": {}, "users": [ { "id": "test-user-001", "username": "testuser", "enabled": true, "emailVerified": true, "email": "testuser@gardenplan.local", "credentials": [ { "type": "password", "value": "testpassword123!", "temporary": false } ], "roles": { "client": { "symfony-app": [ "uma_authorization" ] }, "realm": [ "default-roles-gardenplan", "offline_access", "uma_authorization" ] } } ], "clients": [ { "id": "symfony-app-client", "clientId": "symfony-app", "name": "Symfony GardenPlan API", "description": "Backend REST-API Client für GardenPlan", "enabled": true, "clientAuthenticatorType": "client-secret", "secret": "changeme_client_secret", "baseUrl": "http://localhost/", "redirectUris": [ "http://localhost/*", "http://127.0.0.1/*" ], "webOrigins": [ "+" ], "grantTypes": [ "authorization_code", "refresh_token", "client_credentials", "implicit" ], "standardFlowEnabled": true, "implicitFlowEnabled": true, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": true, "publicClient": false, "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { "client.secret.creation.time": "1700000000", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false", "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "login.jansendata": "{}" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, "defaultClientScopes": [ "web-origins", "roles", "profile", "email" ], "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id": "frontend-client", "clientId": "gardenplan-frontend", "name": "GardenPlan Frontend (React/Vue)", "description": "Frontend SPA Client für GardenPlan", "enabled": true, "publicClient": true, "baseUrl": "http://localhost:3000/", "redirectUris": [ "http://localhost:3000/*", "http://127.0.0.1:3000/*" ], "webOrigins": [ "http://localhost:3000", "http://127.0.0.1:3000" ], "grantTypes": [ "authorization_code", "implicit" ], "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { "oidc.ciba.grant.enabled": "false", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false", "backchannel.logout.session.required": "true" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": true, "defaultClientScopes": [ "web-origins", "roles", "profile", "email" ], "optionalClientScopes": [ "address", "phone", "offline_access", "microprofile-jwt" ] } ], "clientScopes": [ { "id": "scope-email", "name": "email", "description": "OpenID Connect built-in scope: email", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "consent.screen.text": "${emailScopeConsentText}", "display.on.consent.screen": "true" }, "icons": {}, "protocolMappers": [ { "id": "mapper-email", "name": "email", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-property-mapper", "consentRequired": false, "config": { "userinfo.token.claim": "true", "user.attribute": "email", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "email", "jsonType.label": "String", "multivalued": "false" } }, { "id": "mapper-email-verified", "name": "email verified", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-property-mapper", "consentRequired": false, "config": { "userinfo.token.claim": "true", "user.attribute": "emailVerified", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "email_verified", "jsonType.label": "boolean", "multivalued": "false" } } ] }, { "id": "scope-profile", "name": "profile", "description": "OpenID Connect built-in scope: profile", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "consent.screen.text": "${profileScopeConsentText}", "display.on.consent.screen": "true" }, "icons": {}, "protocolMappers": [ { "id": "mapper-profile-name", "name": "full name", "protocol": "openid-connect", "protocolMapper": "oidc-full-name-mapper", "consentRequired": false, "config": { "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true" } }, { "id": "mapper-username", "name": "username", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "user.attribute": "username", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "preferred_username", "jsonType.label": "String" } } ] }, { "id": "scope-roles", "name": "roles", "description": "OpenID Connect scope for role mapping", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "false", "display.on.consent.screen": "false" }, "icons": {}, "protocolMappers": [ { "id": "mapper-client-roles", "name": "client roles", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-client-role-mapper", "consentRequired": false, "config": { "multivalued": "true", "user.attribute": "foo", "access.token.claim": "true", "claim.name": "resource_access.${client_id}.roles", "jsonType.label": "String" } }, { "id": "mapper-realm-roles", "name": "realm roles", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-realm-role-mapper", "consentRequired": false, "config": { "multivalued": "true", "user.attribute": "foo", "access.token.claim": "true", "claim.name": "realm_access.roles", "jsonType.label": "String" } } ] }, { "id": "scope-web-origins", "name": "web-origins", "description": "OpenID Connect scope for web origins", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "false", "consent.screen.text": "", "display.on.consent.screen": "false" }, "icons": {}, "protocolMappers": [ { "id": "mapper-web-origins", "name": "allowed web origins", "protocol": "openid-connect", "protocolMapper": "oidc-allowed-origins-mapper", "consentRequired": false, "config": {} } ] }, { "id": "scope-offline-access", "name": "offline_access", "description": "OpenID Connect built-in scope: offline_access", "protocol": "openid-connect", "attributes": { "consent.screen.text": "${offlineAccessScopeConsentText}", "display.on.consent.screen": "true" }, "icons": {} } ], "defaultDefaultClientScopes": [ "role_list", "profile", "email", "roles", "web-origins" ], "defaultOptionalClientScopes": [ "offline_access", "address", "phone" ] }