ホーム エクスプローラ ヘルプ
サインイン
rht
/
acs-playbooks
2
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: 2cdb768485
ブランチ タグ
acs-playbooks
/
roles
/
deploy-rhsso
/
files
/
rhsso-client.yml

rhsso-client.yml 991 B
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536 
  1. apiVersion: keycloak.org/v1alpha1
    2. 

  2. kind: KeycloakClient
    3. 

  3. metadata:
    4. 

  4.   name: rhacs-client
    5. 

  5.   namespace: openshift-sso
    6. 

  6.   labels:
    7. 

  7.     app: sso
    8. 

  8. spec:
    9. 

  9.   realmSelector:
    10. 

  10.      matchLabels:
    11. 

  11.       app: sso
    12. 

  12.   client:
    13. 

  13.     clientId: rhacs
    14. 

  14.     secret: averysecretsecret
    15. 

  15.     defaultClientScopes:
    16. 

  16.       - email
    17. 

  17.       - offline_access
    18. 

  18.       - profile
    19. 

  19.       - roles
    20. 

  20.     protocolMappers:
    21. 

  21.       - name: groups
    22. 

  22.         protocol: openid-connect
    23. 

  23.         protocolMapper: oidc-usermodel-client-role-mapper
    24. 

  24.         consentRequired: false
    25. 

  25.         config:
    26. 

  26.           "multivalued": "true"
    27. 

  27.           "userinfo.token.claim": "true"
    28. 

  28.           "access.token.claim": "true"
    29. 

  29.           "claim.name": "groups"
    30. 

  30.           "jsonType.label": "JSON"
    31. 

  31.           "usermodel.clientRoleMapping.clientId": "rhacs"
    32. 

  32.     implicitFlowEnabled: True
    33. 

  33.     standardFlowEnabled: True
    34. 

  34.     redirectUris:
    35. 

  35.       - https://central-rhacs.apps.ocp4.example.com/sso/providers/oidc/callback
    36. 

  36.       - https://central-rhacs.apps.ocp4.example.com/auth/response/oidc
    37.