| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 |
- apiVersion: keycloak.org/v1alpha1
- kind: KeycloakClient
- metadata:
- name: rhacs-client
- namespace: openshift-sso
- labels:
- app: sso
- spec:
- realmSelector:
- matchLabels:
- app: sso
- client:
- clientId: rhacs
- secret: averysecretsecret
- defaultClientScopes:
- - email
- - web-origins
- - acr
- - profile
- - roles
- optionalClientScopes:
- - address
- - phone
- - offline_access
- - microprofile-jwt
- protocolMappers:
- - name: "realm roles"
- protocol: openid-connect
- protocolMapper: oidc-usermodel-realm-role-mapper
- consentRequired: false
- config:
- "multivalued": "true"
- "userinfo.token.claim": "true"
- "access.token.claim": "true"
- "claim.name": "realm_access.roles"
- "jsonType.label": "String"
- - name: groups
- protocol: openid-connect
- protocolMapper: oidc-usermodel-realm-role-mapper
- consentRequired: false
- config:
- "multivalued": "true"
- "userinfo.token.claim": "true"
- "access.token.claim": "true"
- "claim.name": "groups"
- "jsonType.label": "JSON"
- standardFlowEnabled: True
- directAccessGrantsEnabled: True
- frontChannelLogout: True
- fullScopeAllowed: True
- implicitFlowEnabled: True
- redirectUris:
- - https://central-rhacs.apps.ocp4.example.com/sso/providers/oidc/callback
- - https://central-rhacs.apps.ocp4.example.com/auth/response/oidc
|
