9 "description": "User role for administration tasks in the portal.",
12 "containerId": "onap",
19 "containerId": "onap",
26 "containerId": "onap",
30 "name": "onap_designer",
31 "description": "User role for designer tasks in the portal.",
34 "containerId": "onap",
38 "name": "offline_access",
39 "description": "${role_offline-access}",
42 "containerId": "onap",
46 "name": "onap_operator",
47 "description": "User role for operator tasks in the portal.",
50 "containerId": "onap",
54 "name": "uma_authorization",
55 "description": "${role_uma_authorization}",
58 "containerId": "onap",
62 "name": "default-roles-onap",
63 "description": "${role_default-roles}",
78 "containerId": "onap",
95 "clientId": "oauth2-proxy",
96 "name": "Oauth2 Proxy",
101 "surrogateAuthRequired": false,
103 "alwaysDisplayInConsole": false,
104 "clientAuthenticatorType": "client-secret",
105 "secret": "5YSOkJz99WHv8enDZPknzJuGqVSerELp",
112 "consentRequired": false,
113 "standardFlowEnabled": true,
114 "implicitFlowEnabled": false,
115 "directAccessGrantsEnabled": true,
116 "serviceAccountsEnabled": false,
117 "publicClient": false,
118 "frontchannelLogout": true,
119 "protocol": "openid-connect",
121 "tls-client-certificate-bound-access-tokens": "false",
122 "oidc.ciba.grant.enabled": "false",
123 "backchannel.logout.session.required": "true",
124 "client_credentials.use_refresh_token": "false",
126 "require.pushed.authorization.requests": "false",
127 "oauth2.device.authorization.grant.enabled": "false",
128 "display.on.consent.screen": "false",
129 "backchannel.logout.revoke.offline.tokens": "false",
130 "token.response.type.bearer.lower-case": "false",
131 "use.refresh.tokens": "true"
133 "authenticationFlowBindingOverrides": {},
134 "fullScopeAllowed": true,
135 "nodeReRegistrationTimeout": -1,
139 "protocol": "openid-connect",
140 "protocolMapper": "oidc-usermodel-attribute-mapper",
141 "consentRequired": false,
143 "multivalued": "false",
144 "userinfo.token.claim": "true",
145 "user.attribute": "sdc_user",
146 "id.token.claim": "true",
147 "access.token.claim": "true",
148 "claim.name": "sdc_user",
149 "jsonType.label": "String"
153 "defaultClientScopes": [
160 "optionalClientScopes": [
169 "clientId": "portal-app",
170 "surrogateAuthRequired": false,
172 "alwaysDisplayInConsole": false,
173 "clientAuthenticatorType": "client-secret",
175 "{{ .Values.portalUrl }}/*",
183 "consentRequired": false,
184 "standardFlowEnabled": true,
185 "implicitFlowEnabled": false,
186 "directAccessGrantsEnabled": true,
187 "serviceAccountsEnabled": false,
188 "publicClient": true,
189 "frontchannelLogout": false,
190 "protocol": "openid-connect",
192 "oidc.ciba.grant.enabled": "false",
193 "backchannel.logout.session.required": "true",
194 "post.logout.redirect.uris": "{{ .Values.portalUrl }}/*",
195 "oauth2.device.authorization.grant.enabled": "false",
196 "display.on.consent.screen": "false",
197 "backchannel.logout.revoke.offline.tokens": "false"
199 "authenticationFlowBindingOverrides": {},
200 "fullScopeAllowed": true,
201 "nodeReRegistrationTimeout": -1,
204 "name": "User-Roles",
205 "protocol": "openid-connect",
206 "protocolMapper": "oidc-usermodel-realm-role-mapper",
207 "consentRequired": false,
209 "id.token.claim": "true",
210 "access.token.claim": "true",
211 "claim.name": "roles",
212 "multivalued": "true",
213 "userinfo.token.claim": "true"
218 "protocol": "openid-connect",
219 "protocolMapper": "oidc-usermodel-attribute-mapper",
220 "consentRequired": false,
222 "userinfo.token.claim": "true",
223 "user.attribute": "sdc_user",
224 "id.token.claim": "true",
225 "access.token.claim": "true",
226 "claim.name": "sdc_user",
227 "jsonType.label": "String"
231 "defaultClientScopes": [
238 "optionalClientScopes": [
246 "clientId" : "portal-bff",
247 "surrogateAuthRequired" : false,
249 "alwaysDisplayInConsole" : false,
250 "clientAuthenticatorType" : "client-secret",
251 "secret" : "pKOuVH1bwRZoNzp5P5t4GV8CqcCJYVtr",
252 "redirectUris" : [ ],
255 "bearerOnly" : false,
256 "consentRequired" : false,
257 "standardFlowEnabled" : false,
258 "implicitFlowEnabled" : false,
259 "directAccessGrantsEnabled" : false,
260 "serviceAccountsEnabled" : true,
261 "publicClient" : false,
262 "frontchannelLogout" : false,
263 "protocol" : "openid-connect",
265 "saml.force.post.binding" : "false",
266 "saml.multivalued.roles" : "false",
267 "frontchannel.logout.session.required" : "false",
268 "oauth2.device.authorization.grant.enabled" : "false",
269 "backchannel.logout.revoke.offline.tokens" : "false",
270 "saml.server.signature.keyinfo.ext" : "false",
271 "use.refresh.tokens" : "true",
272 "oidc.ciba.grant.enabled" : "false",
273 "backchannel.logout.session.required" : "true",
274 "client_credentials.use_refresh_token" : "false",
275 "require.pushed.authorization.requests" : "false",
276 "saml.client.signature" : "false",
277 "saml.allow.ecp.flow" : "false",
278 "id.token.as.detached.signature" : "false",
279 "saml.assertion.signature" : "false",
280 "client.secret.creation.time" : "1665048112",
281 "saml.encrypt" : "false",
282 "saml.server.signature" : "false",
283 "exclude.session.state.from.auth.response" : "false",
284 "saml.artifact.binding" : "false",
285 "saml_force_name_id_format" : "false",
286 "acr.loa.map" : "{}",
287 "tls.client.certificate.bound.access.tokens" : "false",
288 "saml.authnstatement" : "false",
289 "display.on.consent.screen" : "false",
290 "token.response.type.bearer.lower-case" : "false",
291 "saml.onetimeuse.condition" : "false"
293 "authenticationFlowBindingOverrides" : { },
294 "fullScopeAllowed" : true,
295 "nodeReRegistrationTimeout" : -1,
296 "protocolMappers" : [ {
297 "name" : "Client Host",
298 "protocol" : "openid-connect",
299 "protocolMapper" : "oidc-usersessionmodel-note-mapper",
300 "consentRequired" : false,
302 "user.session.note" : "clientHost",
303 "id.token.claim" : "true",
304 "access.token.claim" : "true",
305 "claim.name" : "clientHost",
306 "jsonType.label" : "String"
309 "name" : "Client IP Address",
310 "protocol" : "openid-connect",
311 "protocolMapper" : "oidc-usersessionmodel-note-mapper",
312 "consentRequired" : false,
314 "user.session.note" : "clientAddress",
315 "id.token.claim" : "true",
316 "access.token.claim" : "true",
317 "claim.name" : "clientAddress",
318 "jsonType.label" : "String"
321 "defaultClientScopes" : [ "web-origins", "acr", "profile", "roles", "email" ],
322 "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ]
327 "createdTimestamp" : 1664965113698,
328 "username" : "onap-admin",
331 "emailVerified" : false,
333 "sdc_user" : [ "cs0008" ]
337 "createdDate" : 1664965134586,
338 "secretData" : "{\"value\":\"nD4K4x8HEgk6xlWIAgzZOE+EOjdbovJfEa7N3WXwIMCWCfdXpn7Riys7hZhI1NbKcc9QPI9j8LQB/JSuZVcXKA==\",\"salt\":\"T8X9A9tT2cyLvEjHFo+zuQ==\",\"additionalParameters\":{}}",
339 "credentialData" : "{\"hashIterations\":27500,\"algorithm\":\"pbkdf2-sha256\",\"additionalParameters\":{}}"
341 "disableableCredentialTypes" : [ ],
342 "requiredActions" : [ ],
343 "realmRoles" : [ "default-roles-onap", "onap_admin" ],
347 "createdTimestamp" : 1665048354760,
348 "username" : "onap-designer",
351 "emailVerified" : false,
353 "sec_user" : [ "cs0008" ]
356 "disableableCredentialTypes" : [ ],
357 "requiredActions" : [ ],
358 "realmRoles" : [ "default-roles-onap", "onap_designer" ],
362 "createdTimestamp" : 1665048547054,
363 "username" : "onap-operator",
366 "emailVerified" : false,
368 "sdc_user" : [ "cs0008" ]
371 "disableableCredentialTypes" : [ ],
372 "requiredActions" : [ ],
373 "realmRoles" : [ "default-roles-onap", "onap_operator" ],
377 "createdTimestamp" : 1665048112458,
378 "username" : "service-account-portal-bff",
381 "emailVerified" : false,
382 "serviceAccountClientId" : "portal-bff",
384 "disableableCredentialTypes" : [ ],
385 "requiredActions" : [ ],
386 "realmRoles" : [ "default-roles-onap" ],
388 "realm-management" : [ "manage-realm", "manage-users" ]
397 "description": "Membership to a group",
398 "protocol": "openid-connect",
400 "include.in.token.scope": "true",
401 "display.on.consent.screen": "true",
403 "consent.screen.text": ""
408 "protocol": "openid-connect",
409 "protocolMapper": "oidc-group-membership-mapper",
410 "consentRequired": false,
412 "full.path": "false",
413 "id.token.claim": "true",
414 "access.token.claim": "true",
415 "claim.name": "groups",
416 "userinfo.token.claim": "true"
423 "frontendUrl": "{{ .Values.KEYCLOAK_URL }}",
424 "acr.loa.map": "{\"ABC\":\"5\"}"