diff --git a/.github/workflows/centralidp-chart-test.yaml b/.github/workflows/centralidp-chart-test.yaml index 6c9f01db..341ed2ed 100644 --- a/.github/workflows/centralidp-chart-test.yaml +++ b/.github/workflows/centralidp-chart-test.yaml @@ -23,10 +23,12 @@ on: push: paths: - 'charts/centralidp/**' + - 'import/**' branches: [ main ] pull_request: paths: - 'charts/centralidp/**' + - 'import/**' workflow_dispatch: inputs: node_image: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a28261d4..b68d5305 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -144,7 +144,7 @@ jobs: uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 with: context: . - file: {{ matrix.dockerfile }} + file: ${{ matrix.dockerfile }} platforms: linux/amd64, linux/arm64 pull: true push: ${{ github.event_name != 'pull_request' }} diff --git a/.github/workflows/sharedidp-chart-test.yaml b/.github/workflows/sharedidp-chart-test.yaml index 701134fa..efdee9ad 100644 --- a/.github/workflows/sharedidp-chart-test.yaml +++ b/.github/workflows/sharedidp-chart-test.yaml @@ -23,10 +23,12 @@ on: push: paths: - 'charts/sharedidp/**' + - 'import/**' branches: [ main ] pull_request: paths: - 'charts/sharedidp/**' + - 'import/**' workflow_dispatch: inputs: node_image: diff --git a/CHANGELOG.md b/CHANGELOG.md index bfa187fd..a572e093 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,27 @@ New features, fixed bugs, known defects and other noteworthy changes to each release of the Catena-X IAM * Keycloak instances. +## 3.0.0-rc.1 + +### Change + +* [upgraded to Keycloak v23.0.7](https://github.com/eclipse-tractusx/portal-iam/issues/62) +* realm configuration (centralidp) - [updated CX-Central realm](https://github.com/eclipse-tractusx/portal-iam/issues/66) +* set postgres version of chart dependency to 15 (changed to major tag for image to get latest minor updates) +* set resource limits and increased requests for seeding job (centralidp) +* changed imagePullPolicy for initContainers to IfNotPresent + +### Technical Support + +* [added dependabot.yml file](https://github.com/eclipse-tractusx/portal/issues/219) +* [upgraded gh-actions and changed to pinned commit sha](https://github.com/eclipse-tractusx/portal/issues/225) +* helm test: updated version to upgrade from and k8s version +* helm-test: build images for init containers within workflow [(#89)](https://github.com/eclipse-tractusx/portal-iam/pull/89) +* combined helm chart release and image build for init containers [(#89)](https://github.com/eclipse-tractusx/portal-iam/pull/89) +* changed image build workflows for init containers: refactor those workflows to be only relevant for development phase, no latest tag anymore + +Please be aware that **this version is still in Release Candidate phase**: especially documentation is still WIP. + ## 2.1.0 ### Change @@ -74,8 +95,6 @@ The following issues were recently discovered: * Refresh token rotation causes page reload in frontend apps when using multiple tabs, see [User Token Lifespan](docs/consultation/workshop-20231005.md#user-token-lifespan) * Custom login themes break when inserting HTML/CSS/JavaScript code in the IdP display name -Please be aware that **this version is still in Release Candidate phase**: especially documentation is still WIP. - ## 2.0.0 ### Change diff --git a/charts/centralidp/README.md b/charts/centralidp/README.md index 66fd608c..e128564d 100644 --- a/charts/centralidp/README.md +++ b/charts/centralidp/README.md @@ -1,8 +1,8 @@ -# Helm chart for Catena-X Central Keycloak Instance +# Helm chart for Central Keycloak Instance -![Version: 2.1.0](https://img.shields.io/badge/Version-2.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.3](https://img.shields.io/badge/AppVersion-22.0.3-informational?style=flat-square) +![Version: 3.0.0-rc.1](https://img.shields.io/badge/Version-3.0.0--rc.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 23.0.7](https://img.shields.io/badge/AppVersion-23.0.7-informational?style=flat-square) -This helm chart installs the Helm chart for Catena-X Central Keycloak Instance. +This helm chart installs the Helm chart for Central Keycloak Instance. For further information please refer to the [technical documentation](../../docs/technical%20documentation). @@ -29,14 +29,14 @@ To use the helm chart as a dependency: dependencies: - name: centralidp repository: https://eclipse-tractusx.github.io/charts/dev - version: 2.1.0 + version: 3.0.0-rc.1 ``` ## Requirements | Repository | Name | Version | |------------|------|---------| -| https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami | keycloak | 16.1.6 | +| https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami | keycloak | 19.3.0 | ## Values @@ -59,8 +59,8 @@ dependencies: | keycloak.extraVolumeMounts[1].name | string | `"realms"` | | | keycloak.extraVolumeMounts[1].mountPath | string | `"/realms"` | | | keycloak.initContainers[0].name | string | `"import"` | | -| keycloak.initContainers[0].image | string | `"docker.io/tractusx/portal-iam:v2.1.0"` | | -| keycloak.initContainers[0].imagePullPolicy | string | `"Always"` | | +| keycloak.initContainers[0].image | string | `"docker.io/tractusx/portal-iam:v3.0.0-rc.1"` | | +| keycloak.initContainers[0].imagePullPolicy | string | `"IfNotPresent"` | | | keycloak.initContainers[0].command[0] | string | `"sh"` | | | keycloak.initContainers[0].args[0] | string | `"-c"` | | | keycloak.initContainers[0].args[1] | string | `"echo \"Copying themes...\"\ncp -R /import/themes/catenax-central/* /themes\necho \"Copying realms...\"\ncp -R /import/catenax-central/realms/* /realms\n"` | | @@ -88,6 +88,8 @@ dependencies: | keycloak.rbac.rules[0].verbs[0] | string | `"get"` | | | keycloak.rbac.rules[0].verbs[1] | string | `"list"` | | | keycloak.postgresql.enabled | bool | `true` | PostgreSQL chart configuration (recommended for demonstration purposes only); default configurations: host: "centralidp-postgresql-primary", port: 5432; Switch to enable or disable the PostgreSQL helm chart. | +| keycloak.postgresql.image | object | `{"tag":"15-debian-11"}` | Setting to Postgres version 15 as that is the aligned version, https://eclipse-tractusx.github.io/docs/release/trg-5/trg-5-07/#aligning-dependency-versions). Keycloak helm-chart from Bitnami has moved on to version 16. | +| keycloak.postgresql.commonLabels."app.kubernetes.io/version" | string | `"15"` | | | keycloak.postgresql.auth.username | string | `"kccentral"` | Non-root username. | | keycloak.postgresql.auth.database | string | `"iamcentralidp"` | Database name. | | keycloak.postgresql.auth.existingSecret | string | `"centralidp-postgres"` | Secret containing the passwords for root usernames postgres and non-root username kccentral. | @@ -104,7 +106,7 @@ dependencies: | secrets.postgresql.auth.existingSecret.password | string | `""` | Password for the non-root username 'kccentral'. Secret-key 'password'. | | secrets.postgresql.auth.existingSecret.replicationPassword | string | `""` | Password for the non-root username 'repl_user'. Secret-key 'replication-password'. | | seeding.enabled | bool | `false` | Seeding job to upgrade CX_Central realm: enable to upgrade the configuration of the CX-Central realm from previous version; Please also refer to the 'Post-Upgrade Configuration' section in the README.md for configuration possibly not covered by the seeding job | -| seeding.image | string | `"docker.io/tractusx/portal-iam-seeding:v2.1.0-iam"` | | +| seeding.image | string | `"docker.io/tractusx/portal-iam-seeding:v3.0.0-rc.1-iam"` | | | seeding.imagePullPolicy | string | `"IfNotPresent"` | | | seeding.portContainer | int | `8080` | | | seeding.authRealm | string | `"master"` | | @@ -113,13 +115,13 @@ dependencies: | seeding.instanceName | string | `"central"` | | | seeding.excludedUserAttributes.attribute0 | string | `"bpn"` | | | seeding.excludedUserAttributes.attribute1 | string | `"organisation"` | | -| seeding.resources | object | `{"requests":{"cpu":"15m","memory":"105M"}}` | We recommend not to specify default resource limits and to leave this as a conscious choice for the user. If you do want to specify resource limits, uncomment the following lines and adjust them as necessary. | +| seeding.resources | object | `{"limits":{"cpu":"225m","memory":"200M"},"requests":{"cpu":"75m","memory":"200M"}}` | We recommend to review the default resource limits as this should a conscious choice. | | seeding.extraVolumes[0].name | string | `"realms"` | | | seeding.extraVolumes[0].emptyDir | object | `{}` | | | seeding.extraVolumeMounts[0].name | string | `"realms"` | | | seeding.extraVolumeMounts[0].mountPath | string | `"app/realms"` | | | seeding.initContainers[0].name | string | `"init-cx-central"` | | -| seeding.initContainers[0].image | string | `"docker.io/tractusx/portal-iam:v2.1.0"` | | +| seeding.initContainers[0].image | string | `"docker.io/tractusx/portal-iam:v3.0.0-rc.1"` | | | seeding.initContainers[0].imagePullPolicy | string | `"IfNotPresent"` | | | seeding.initContainers[0].command[0] | string | `"sh"` | | | seeding.initContainers[0].args[0] | string | `"-c"` | | @@ -146,13 +148,19 @@ This is done by setting the 'example.org' placeholder in the CX-Operator' Identi Please see notes at [Values.seeding](values.yaml#L146) for upgrading the configuration of the CX-Central realm. +### To 3.0.0 + +This major changes from the Keycloak version from 22.0.3 to 23.0.7 and bumps the PostgresSQL version of the subchart from 15.4.0 to the latest available version of 15. + +No major issues are expected during the upgrade. + ### To 2.1.0 No specific upgrade notes. ### To 2.0.0 -This major changes from Keycloak version 16.1.1 to version 22.0.3. +This major changes from the Keycloak version from 16.1.1 to version 22.0.3. Please have a look at the [CHANGELOG](../../CHANGELOG.md#200) for a more detailed description. diff --git a/charts/centralidp/values.yaml b/charts/centralidp/values.yaml index d0689221..2ec63d79 100644 --- a/charts/centralidp/values.yaml +++ b/charts/centralidp/values.yaml @@ -48,7 +48,7 @@ keycloak: mountPath: "/realms" initContainers: - name: import - image: docker.io/tractusx/portal-iam:pr63 + image: docker.io/tractusx/portal-iam:v3.0.0-rc.1 imagePullPolicy: IfNotPresent command: - sh @@ -156,7 +156,7 @@ seeding: # Please also refer to the 'Post-Upgrade Configuration' section in the README.md # for configuration possibly not covered by the seeding job enabled: false - image: "docker.io/tractusx/portal-iam-seeding:v2.1.0-iam" + image: "docker.io/tractusx/portal-iam-seeding:v3.0.0-rc.1-iam" imagePullPolicy: "IfNotPresent" portContainer: 8080 authRealm: "master" @@ -183,7 +183,7 @@ seeding: mountPath: "app/realms" initContainers: - name: init-cx-central - image: docker.io/tractusx/portal-iam:pr63 + image: docker.io/tractusx/portal-iam:v3.0.0-rc.1 imagePullPolicy: IfNotPresent command: - sh diff --git a/charts/sharedidp/README.md b/charts/sharedidp/README.md index 7e2da90f..6f86ff59 100644 --- a/charts/sharedidp/README.md +++ b/charts/sharedidp/README.md @@ -1,8 +1,8 @@ -# Helm chart for Catena-X Shared Keycloak Instance +# Helm chart for Shared Keycloak Instance -![Version: 2.1.0](https://img.shields.io/badge/Version-2.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.3](https://img.shields.io/badge/AppVersion-22.0.3-informational?style=flat-square) +![Version: 3.0.0-rc.1](https://img.shields.io/badge/Version-3.0.0--rc.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 23.0.7](https://img.shields.io/badge/AppVersion-23.0.7-informational?style=flat-square) -This helm chart installs the Helm chart for Catena-X Shared Keycloak Instance. +This helm chart installs the Helm chart for Shared Keycloak Instance. For further information please refer to the [technical documentation](../../docs/technical%20documentation). @@ -29,14 +29,14 @@ To use the helm chart as a dependency: dependencies: - name: sharedidp repository: https://eclipse-tractusx.github.io/charts/dev - version: 2.1.0 + version: 3.0.0-rc.1 ``` ## Requirements | Repository | Name | Version | |------------|------|---------| -| https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami | keycloak | 16.1.6 | +| https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami | keycloak | 19.3.0 | ## Values @@ -63,8 +63,8 @@ dependencies: | keycloak.extraVolumeMounts[2].name | string | `"realms"` | | | keycloak.extraVolumeMounts[2].mountPath | string | `"/realms"` | | | keycloak.initContainers[0].name | string | `"import"` | | -| keycloak.initContainers[0].image | string | `"docker.io/tractusx/portal-iam:v2.1.0"` | | -| keycloak.initContainers[0].imagePullPolicy | string | `"Always"` | | +| keycloak.initContainers[0].image | string | `"docker.io/tractusx/portal-iam:v3.0.0-rc.1"` | | +| keycloak.initContainers[0].imagePullPolicy | string | `"IfNotPresent"` | | | keycloak.initContainers[0].command[0] | string | `"sh"` | | | keycloak.initContainers[0].args[0] | string | `"-c"` | | | keycloak.initContainers[0].args[1] | string | `"echo \"Copying themes-catenax-shared...\"\ncp -R /import/themes/catenax-shared/* /themes-catenax-shared\necho \"Copying themes-catenax-shared-portal...\"\ncp -R /import/themes/catenax-shared-portal/* /themes-catenax-shared-portal\necho \"Copying realms...\"\ncp -R /import/catenax-shared/realms/* /realms\n"` | | @@ -94,6 +94,8 @@ dependencies: | keycloak.rbac.rules[0].verbs[0] | string | `"get"` | | | keycloak.rbac.rules[0].verbs[1] | string | `"list"` | | | keycloak.postgresql.enabled | bool | `true` | PostgreSQL chart configuration (recommended for demonstration purposes only); default configurations: host: "sharedidp-postgresql-primary", port: 5432; Switch to enable or disable the PostgreSQL helm chart. | +| keycloak.postgresql.image | object | `{"tag":"15-debian-11"}` | Setting to Postgres version 15 as that is the aligned version, https://eclipse-tractusx.github.io/docs/release/trg-5/trg-5-07/#aligning-dependency-versions). Keycloak helm-chart from Bitnami has moved on to version 16. | +| keycloak.postgresql.commonLabels."app.kubernetes.io/version" | string | `"15"` | | | keycloak.postgresql.auth.username | string | `"kcshared"` | Non-root username. | | keycloak.postgresql.auth.database | string | `"iamsharedidp"` | Database name. | | keycloak.postgresql.auth.existingSecret | string | `"sharedidp-postgres"` | Secret containing the passwords for root usernames postgres and non-root username kcshared. | @@ -136,13 +138,19 @@ Generate client-secrets for the service account with access type 'confidential'. ## Upgrade +### To 3.0.0 + +This major changes from the Keycloak version from 22.0.3 to 23.0.7 and bumps the PostgresSQL version of the subchart from 15.4.0 to the latest available version of 15. + +No major issues are expected during the upgrade. + ### To 2.1.0 No specific upgrade notes. ### To 2.0.0 -This major changes from Keycloak version 16.1.1 to version 22.0.3. +This major changes from the Keycloak version from 16.1.1 to version 22.0.3. Please have a look at the [CHANGELOG](../../CHANGELOG.md#200) for a more detailed description. diff --git a/charts/sharedidp/values.yaml b/charts/sharedidp/values.yaml index a2ac7182..2d08e4a0 100644 --- a/charts/sharedidp/values.yaml +++ b/charts/sharedidp/values.yaml @@ -52,7 +52,7 @@ keycloak: mountPath: "/realms" initContainers: - name: import - image: docker.io/tractusx/portal-iam:pr63 + image: docker.io/tractusx/portal-iam:v3.0.0-rc.1 imagePullPolicy: IfNotPresent command: - sh diff --git a/consortia/argocd-app-templates/centralidp/appsetup-beta.yaml b/consortia/argocd-app-templates/centralidp/appsetup-beta.yaml index 0eb74242..1a9b86c5 100644 --- a/consortia/argocd-app-templates/centralidp/appsetup-beta.yaml +++ b/consortia/argocd-app-templates/centralidp/appsetup-beta.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/centralidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/centralidp/appsetup-int.yaml b/consortia/argocd-app-templates/centralidp/appsetup-int.yaml index 9757221f..f40b95d1 100644 --- a/consortia/argocd-app-templates/centralidp/appsetup-int.yaml +++ b/consortia/argocd-app-templates/centralidp/appsetup-int.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/centralidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/centralidp/appsetup-pen.yaml b/consortia/argocd-app-templates/centralidp/appsetup-pen.yaml index 62cde58d..c47950ef 100644 --- a/consortia/argocd-app-templates/centralidp/appsetup-pen.yaml +++ b/consortia/argocd-app-templates/centralidp/appsetup-pen.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/centralidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/centralidp/appsetup-rc.yaml b/consortia/argocd-app-templates/centralidp/appsetup-rc.yaml index 54ffa6f7..660304d3 100644 --- a/consortia/argocd-app-templates/centralidp/appsetup-rc.yaml +++ b/consortia/argocd-app-templates/centralidp/appsetup-rc.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/centralidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/centralidp/appsetup-stable.yaml b/consortia/argocd-app-templates/centralidp/appsetup-stable.yaml index 715e5646..212050b5 100644 --- a/consortia/argocd-app-templates/centralidp/appsetup-stable.yaml +++ b/consortia/argocd-app-templates/centralidp/appsetup-stable.yaml @@ -29,7 +29,7 @@ spec: source: path: '' repoURL: 'https://eclipse-tractusx.github.io/charts/dev' - targetRevision: 2.1.0 + targetRevision: 3.0.0-rc.1 plugin: env: - name: HELM_VALUES @@ -37,7 +37,7 @@ spec: keycloak: initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh @@ -83,7 +83,7 @@ spec: enabled: true initContainers: - name: init-cx-central - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/argocd-app-templates/centralidp/appsetup-templateconsortia.yaml b/consortia/argocd-app-templates/centralidp/appsetup-templateconsortia.yaml index cd0ef091..6397b275 100644 --- a/consortia/argocd-app-templates/centralidp/appsetup-templateconsortia.yaml +++ b/consortia/argocd-app-templates/centralidp/appsetup-templateconsortia.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/centralidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/centralidp/appsetup-templategeneric.yaml b/consortia/argocd-app-templates/centralidp/appsetup-templategeneric.yaml index 0f0808f3..b559cc28 100644 --- a/consortia/argocd-app-templates/centralidp/appsetup-templategeneric.yaml +++ b/consortia/argocd-app-templates/centralidp/appsetup-templategeneric.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/centralidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/centralidp/appsetup-upgrade.yaml b/consortia/argocd-app-templates/centralidp/appsetup-upgrade.yaml deleted file mode 100644 index f73ad63a..00000000 --- a/consortia/argocd-app-templates/centralidp/appsetup-upgrade.yaml +++ /dev/null @@ -1,38 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2024 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: centralidp-upgrade -spec: - destination: - namespace: product-iam - server: 'https://kubernetes.default.svc' - source: - path: charts/centralidp - repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 - plugin: - env: - - name: AVP_SECRET - value: vault-secret - - name: helm_args - value: '-f values.yaml -f ../../consortia/environments/centralidp/values-upgrade.yaml' - project: project-portal diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-beta.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-beta.yaml index e4276233..19083dfa 100644 --- a/consortia/argocd-app-templates/sharedidp/appsetup-beta.yaml +++ b/consortia/argocd-app-templates/sharedidp/appsetup-beta.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/sharedidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-int.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-int.yaml index f607f44c..fef9c994 100644 --- a/consortia/argocd-app-templates/sharedidp/appsetup-int.yaml +++ b/consortia/argocd-app-templates/sharedidp/appsetup-int.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/sharedidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-pen.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-pen.yaml index 0e5af4e3..53f45c93 100644 --- a/consortia/argocd-app-templates/sharedidp/appsetup-pen.yaml +++ b/consortia/argocd-app-templates/sharedidp/appsetup-pen.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/sharedidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-rc.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-rc.yaml index 744fb6ef..8f7f61ea 100644 --- a/consortia/argocd-app-templates/sharedidp/appsetup-rc.yaml +++ b/consortia/argocd-app-templates/sharedidp/appsetup-rc.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/sharedidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-stable.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-stable.yaml index cb9940be..bfdf4209 100644 --- a/consortia/argocd-app-templates/sharedidp/appsetup-stable.yaml +++ b/consortia/argocd-app-templates/sharedidp/appsetup-stable.yaml @@ -29,7 +29,7 @@ spec: source: path: '' repoURL: 'https://eclipse-tractusx.github.io/charts/dev' - targetRevision: 2.1.0 + targetRevision: 3.0.0-rc.1 plugin: env: - name: HELM_VALUES @@ -56,7 +56,7 @@ spec: mountPath: "/secrets" initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-templateconsortia.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-templateconsortia.yaml index 2ebc809e..b039872c 100644 --- a/consortia/argocd-app-templates/sharedidp/appsetup-templateconsortia.yaml +++ b/consortia/argocd-app-templates/sharedidp/appsetup-templateconsortia.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/sharedidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-templategeneric.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-templategeneric.yaml index f7b72444..bed7fc7c 100644 --- a/consortia/argocd-app-templates/sharedidp/appsetup-templategeneric.yaml +++ b/consortia/argocd-app-templates/sharedidp/appsetup-templategeneric.yaml @@ -28,7 +28,7 @@ spec: source: path: charts/sharedidp repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 + targetRevision: v3.0.0-rc.1 plugin: env: - name: AVP_SECRET diff --git a/consortia/argocd-app-templates/sharedidp/appsetup-upgrade.yaml b/consortia/argocd-app-templates/sharedidp/appsetup-upgrade.yaml deleted file mode 100644 index cbfbeb9e..00000000 --- a/consortia/argocd-app-templates/sharedidp/appsetup-upgrade.yaml +++ /dev/null @@ -1,38 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2024 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: sharedidp-upgrade -spec: - destination: - namespace: product-iam - server: 'https://kubernetes.default.svc' - source: - path: charts/sharedidp - repoURL: 'https://github.com/eclipse-tractusx/portal-iam.git' - targetRevision: v2.1.0 - plugin: - env: - - name: AVP_SECRET - value: vault-secret - - name: helm_args - value: '-f values.yaml -f ../../consortia/environments/sharedidp/values-upgrade.yaml' - project: project-portal \ No newline at end of file diff --git a/consortia/environments/centralidp/values-beta.yaml b/consortia/environments/centralidp/values-beta.yaml index deded43b..eab324c2 100644 --- a/consortia/environments/centralidp/values-beta.yaml +++ b/consortia/environments/centralidp/values-beta.yaml @@ -22,7 +22,7 @@ keycloak: proxy: edge initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh @@ -69,7 +69,7 @@ seeding: enabled: false initContainers: - name: init-cx-central - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/centralidp/values-int.yaml b/consortia/environments/centralidp/values-int.yaml index aa861839..77fbe81e 100644 --- a/consortia/environments/centralidp/values-int.yaml +++ b/consortia/environments/centralidp/values-int.yaml @@ -22,7 +22,7 @@ keycloak: proxy: edge initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh @@ -69,7 +69,7 @@ seeding: enabled: false initContainers: - name: init-cx-central - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/centralidp/values-pen.yaml b/consortia/environments/centralidp/values-pen.yaml index 97a4a1bb..f10abe0e 100644 --- a/consortia/environments/centralidp/values-pen.yaml +++ b/consortia/environments/centralidp/values-pen.yaml @@ -22,7 +22,7 @@ keycloak: proxy: edge initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh @@ -69,7 +69,7 @@ seeding: enabled: false initContainers: - name: init-cx-central - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/centralidp/values-rc.yaml b/consortia/environments/centralidp/values-rc.yaml index b16de4da..ad15fdd6 100644 --- a/consortia/environments/centralidp/values-rc.yaml +++ b/consortia/environments/centralidp/values-rc.yaml @@ -22,7 +22,7 @@ keycloak: proxy: edge initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh @@ -69,7 +69,7 @@ seeding: enabled: true initContainers: - name: init-cx-central - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/centralidp/values-templateconsortia.yaml b/consortia/environments/centralidp/values-templateconsortia.yaml index 3e6f5555..29dbf255 100644 --- a/consortia/environments/centralidp/values-templateconsortia.yaml +++ b/consortia/environments/centralidp/values-templateconsortia.yaml @@ -22,7 +22,7 @@ keycloak: proxy: edge initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh @@ -67,10 +67,10 @@ secrets: seeding: enabled: false - image: "docker.io/tractusx/portal-iam-seeding:v2.1.0-iam" + image: "docker.io/tractusx/portal-iam-seeding:v3.0.0-rc.1-iam" initContainers: - name: init-cx-central - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/centralidp/values-templategeneric.yaml b/consortia/environments/centralidp/values-templategeneric.yaml index 97b0b447..6c592b24 100644 --- a/consortia/environments/centralidp/values-templategeneric.yaml +++ b/consortia/environments/centralidp/values-templategeneric.yaml @@ -22,7 +22,7 @@ keycloak: proxy: edge initContainers: - name: import - image: docker.io/tractusx/portal-iam:v2.1.0 + image: docker.io/tractusx/portal-iam:v3.0.0-rc.1 imagePullPolicy: Always command: - sh @@ -67,10 +67,10 @@ secrets: seeding: enabled: false - image: "docker.io/tractusx/portal-iam-seeding:v2.1.0-iam" + image: "docker.io/tractusx/portal-iam-seeding:v3.0.0-rc.1-iam" initContainers: - name: init-cx-central - image: docker.io/tractusx/portal-iam:v2.1.0 + image: docker.io/tractusx/portal-iam:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/centralidp/values-upgrade.yaml b/consortia/environments/centralidp/values-upgrade.yaml deleted file mode 100644 index 986dbc25..00000000 --- a/consortia/environments/centralidp/values-upgrade.yaml +++ /dev/null @@ -1,29 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2024 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -secrets: - auth: - existingSecret: - adminpassword: "" - postgresql: - auth: - existingSecret: - postgrespassword: "" - password: "" - replicationPassword: "" \ No newline at end of file diff --git a/consortia/environments/sharedidp/values-beta.yaml b/consortia/environments/sharedidp/values-beta.yaml index 3e5b144e..303c919f 100644 --- a/consortia/environments/sharedidp/values-beta.yaml +++ b/consortia/environments/sharedidp/values-beta.yaml @@ -41,7 +41,7 @@ keycloak: mountPath: "/secrets" initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/sharedidp/values-int.yaml b/consortia/environments/sharedidp/values-int.yaml index 227e8258..603a8bfd 100644 --- a/consortia/environments/sharedidp/values-int.yaml +++ b/consortia/environments/sharedidp/values-int.yaml @@ -41,7 +41,7 @@ keycloak: mountPath: "/secrets" initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/sharedidp/values-pen.yaml b/consortia/environments/sharedidp/values-pen.yaml index cfe06d27..f234ba35 100644 --- a/consortia/environments/sharedidp/values-pen.yaml +++ b/consortia/environments/sharedidp/values-pen.yaml @@ -41,7 +41,7 @@ keycloak: mountPath: "/secrets" initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/sharedidp/values-rc.yaml b/consortia/environments/sharedidp/values-rc.yaml index 0be6507f..c9913760 100644 --- a/consortia/environments/sharedidp/values-rc.yaml +++ b/consortia/environments/sharedidp/values-rc.yaml @@ -41,7 +41,7 @@ keycloak: mountPath: "/secrets" initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/sharedidp/values-templateconsortia.yaml b/consortia/environments/sharedidp/values-templateconsortia.yaml index c4fae096..bdbca6be 100644 --- a/consortia/environments/sharedidp/values-templateconsortia.yaml +++ b/consortia/environments/sharedidp/values-templateconsortia.yaml @@ -41,7 +41,7 @@ keycloak: mountPath: "/secrets" initContainers: - name: import - image: docker.io/tractusx/portal-iam-consortia:v2.1.0 + image: docker.io/tractusx/portal-iam-consortia:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/sharedidp/values-templategeneric.yaml b/consortia/environments/sharedidp/values-templategeneric.yaml index f9cb255e..7770ab7f 100644 --- a/consortia/environments/sharedidp/values-templategeneric.yaml +++ b/consortia/environments/sharedidp/values-templategeneric.yaml @@ -36,7 +36,7 @@ keycloak: mountPath: "/realms" initContainers: - name: import - image: docker.io/tractusx/portal-iam:v2.1.0 + image: docker.io/tractusx/portal-iam:v3.0.0-rc.1 imagePullPolicy: Always command: - sh diff --git a/consortia/environments/sharedidp/values-upgrade.yaml b/consortia/environments/sharedidp/values-upgrade.yaml deleted file mode 100644 index 28f5d21b..00000000 --- a/consortia/environments/sharedidp/values-upgrade.yaml +++ /dev/null @@ -1,29 +0,0 @@ -############################################################### -# Copyright (c) 2021, 2024 Contributors to the Eclipse Foundation -# -# See the NOTICE file(s) distributed with this work for additional -# information regarding copyright ownership. -# -# This program and the accompanying materials are made available under the -# terms of the Apache License, Version 2.0 which is available at -# https://www.apache.org/licenses/LICENSE-2.0. -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -# -# SPDX-License-Identifier: Apache-2.0 -############################################################### - -secrets: - auth: - existingSecret: - adminpassword: "" - postgresql: - auth: - existingSecret: - postgrespassword: "" - password: "" - replicationPassword: "" diff --git a/import/realm-config/consortia/catenax-central/beta/CX-Central-realm.json b/import/realm-config/consortia/catenax-central/beta/CX-Central-realm.json index 40a71e98..553b7d1b 100644 --- a/import/realm-config/consortia/catenax-central/beta/CX-Central-realm.json +++ b/import/realm-config/consortia/catenax-central/beta/CX-Central-realm.json @@ -111,6 +111,7 @@ "security-admin-console": [], "sa-cl6-cx-17": [], "sa-cl10-cx-1": [], + "sa-cl24-01": [], "sa-cl16-cx-1": [], "Cl2-CX-Portal": [ { @@ -162,9 +163,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -182,24 +180,20 @@ "view_service_offering", "view_autosetup_status", "add_connectors", - "upload_documents", "view_own_user_account", "view_use_cases", "view_idp", - "view_services", "add_tech_user_management", "view_membership", "update_own_user_account", "add_service_offering", "view_service_subscriptions", "activate_subscription", - "view_tech_roles", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "view_subscription", "delete_notifications", "view_connectors", @@ -234,14 +228,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", - "name": "setup_client", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "34742e28-1497-4222-ad1f-93ab9feac92e", "name": "view_app_subscription", @@ -313,6 +299,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "8b4aa267-bb7e-40c9-8cd2-f82603fa066a", + "name": "update_application_bpn_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "19c0e799-4ffd-4709-8b38-45540c677e50", "name": "view_autosetup_status", @@ -327,9 +322,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -337,17 +329,16 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_technical_setup", - "view_tech_user_management", - "app_management", - "view_tech_roles", - "view_certificates", "view_app_language", "technical_roles_management", "CX User", + "view_technical_setup", + "view_tech_user_management", "edit_apps", + "app_management", "view_use_cases", - "view_apps" + "view_apps", + "view_certificates" ] } }, @@ -361,9 +352,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -383,9 +371,6 @@ "unsubscribe_apps", "view_user_management", "subscribe_apps", - "view_services", - "view_dataspaces", - "filter_apps", "view_service_subscriptions", "view_notifications", "view_certificates", @@ -409,14 +394,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "03acc78a-0301-4518-a548-d5bd782c3d13", - "name": "decision_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", "name": "add_connectors", @@ -479,14 +456,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "15bd8123-3469-4505-93ff-a5bd3b929495", - "name": "subscribe_service_offering", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "66f4b417-25d4-47d7-b3d2-e6eb80bcba5e", "name": "create_partner_registration", @@ -548,15 +517,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", - "name": "view_tech_roles", - "description": "View technical user roles", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", "name": "view_client_roles", @@ -575,14 +535,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "29ac8c4d-5296-467c-91fa-3a0d7487c912", - "name": "request_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", "name": "delete_user_account", @@ -676,9 +628,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -717,8 +666,6 @@ "delete_tech_user_management", "subscribe_service", "delete_own_user_account", - "request_ssicredential", - "my_user_account", "delete_user_account", "view_apps", "view_subscription", @@ -743,9 +690,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -753,16 +697,15 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_service_subscriptions", - "activate_subscription", - "view_certificates", "subscribe_service", "CX User", "view_service_offering", "unsubscribe_apps", + "view_service_subscriptions", "unsubscribe_services", - "subscribe_apps", - "view_services" + "activate_subscription", + "view_certificates", + "subscribe_apps" ] } }, @@ -770,6 +713,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "b01f9c19-adde-4bca-be36-d2e21cedc37a", + "name": "store_didDocument", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", "name": "delete_apps", @@ -797,6 +749,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "3b336c72-0f9c-440e-8427-16028439c5e6", + "name": "update_application_membership_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", "name": "view_service_marketplace", @@ -812,9 +773,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -826,7 +784,6 @@ "view_documents", "delete_connectors", "upload_certificates", - "setup_client", "view_app_subscription", "delete_documents", "view_company_data", @@ -840,15 +797,12 @@ "view_user_management", "view_idp", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -860,21 +814,16 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", - "view_dataspaces", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "unsubscribe_services", "view_apps", "modify_connectors", @@ -900,9 +849,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -912,22 +858,18 @@ "Cl2-CX-Portal": [ "view_documents", "view_membership", - "view_dataspaces", "update_own_user_account", - "filter_apps", "view_company_data", "view_notifications", "view_certificates", "view_service_marketplace", "view_service_offering", "delete_own_user_account", - "my_user_account", "view_own_user_account", "view_apps", "view_user_management", "view_subscription", "delete_notifications", - "view_services", "view_partner_network" ], "Cl3-CX-Semantic": [ @@ -971,9 +913,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1004,14 +943,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "39c00d2f-491f-4658-96ef-9f47920afea6", - "name": "upload_documents", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", "name": "view_use_cases", @@ -1030,15 +961,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", - "name": "view_services", - "description": "view service marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", "name": "update_application_checklist_value", @@ -1083,15 +1005,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", - "name": "view_dataspaces", - "description": "View dataspace marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b06c2999-6008-4fb6-a22f-93fdac150656", "name": "decline_app_release", @@ -1109,24 +1022,12 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", - "name": "filter_apps", - "description": "Users with this role can filter apps in the App Marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "765bced5-b422-4f91-b35f-19d648595e6a", "name": "Purchaser", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1135,7 +1036,6 @@ ], "Cl2-CX-Portal": [ "delete_certificates", - "subscribe_service_offering", "CX User", "upload_certificates", "unsubscribe_apps", @@ -1173,11 +1073,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" - ], "Cl5-CX-Custodian": [ "delete_wallet", "add_wallet", @@ -1187,6 +1082,9 @@ "Cl1-CX-Registration": [ "view_registration" ], + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential" + ], "Cl2-CX-Portal": [ "decline_new_partner", "update_company_role", @@ -1194,7 +1092,6 @@ "delete_connectors", "update_service_offering", "invite_new_partner", - "setup_client", "view_app_subscription", "delete_documents", "app_management", @@ -1203,24 +1100,20 @@ "view_app_language", "modify_user_account", "view_autosetup_status", - "decision_ssicredential", "add_connectors", "view_own_user_account", "view_user_management", "view_idp", "add_apps", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "view_service_subscriptions", "activate_subscription", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -1237,24 +1130,19 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", "decline_service_release", - "view_dataspaces", "decline_app_release", "add_service_offering", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "create_notifications", "edit_apps", "unsubscribe_services", @@ -1295,17 +1183,17 @@ "attributes": {} }, { - "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", - "name": "delete_own_user_account", + "id": "cae19290-f11e-4532-b046-e07e302078e2", + "name": "send_mail", + "description": "", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, { - "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", - "name": "my_user_account", - "description": "view my own user account details", + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", @@ -1455,24 +1343,63 @@ ], "Cl7-CX-BPDM": [ { - "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", - "name": "delete_company_data", + "id": "da4b989c-d2fb-4276-bec7-bdad739e0864", + "name": "write_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", - "name": "add_company_data", + "id": "8d2f5f1a-bb4f-42fd-9947-18f799174bd8", + "name": "read_changelog_member", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", - "name": "view_company_data", + "id": "810ced5e-4eb9-42d7-90e0-2f5dd3aaa2a2", + "name": "read_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "b0cf08cf-3b00-4ed2-9871-79093200029e", + "name": "read_metadata", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "fc598e8a-eb9b-44e6-8c5b-c2870fefcd95", + "name": "read_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "33725fd2-bc24-4355-8c9e-979b352c0444", + "name": "read_partner_member", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "36db1cdc-308a-43d5-a3cb-43c676ca4eee", + "name": "write_metadata", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", @@ -1697,24 +1624,81 @@ "sa-cl6-cx-23": [], "Cl16-CX-BPDMGate": [ { - "id": "891e715a-7fdb-4dbe-a177-998a383ee836", - "name": "view_company_data", + "id": "af471823-bcca-4267-bbf6-c3183380358f", + "name": "read_output_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "33e96ab8-df1f-4fc1-bdda-3509e3e76e2e", + "name": "read_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "b280b367-6ba5-4ba1-8a64-8f61877c9f17", + "name": "read_input_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "27ce5626-0186-4ced-8e14-ecfcbc2f4330", + "name": "read_sharing_state", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e8516251-0f90-4d1a-9a6c-7fd44d52ecc0", + "name": "write_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e5cd5783-d48a-4d25-acf9-13fb8138715a", + "name": "read_input_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "364db9ec-ceb2-47b8-a892-f70bae1c89c5", + "name": "write_sharing_state", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", - "name": "update_company_data", + "id": "1d16924d-fca4-495b-a227-0cbf80b31d96", + "name": "read_stats", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", - "name": "view_shared_data", + "id": "3378cc71-3097-40f9-aaab-7ec66fa9bc54", + "name": "write_input_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", @@ -1726,9 +1710,7 @@ "sa-cl6-cx-26": [], "sa-cl6-cx-27": [], "sa-cl6-cx-28": [], - "sa-cl7-cx-1": [], "sa-cl5-custodian-internaltest": [], - "sa-cl7-cx-2": [], "sa-cl7-cx-3": [], "sa-cl7-cx-4": [], "sa-cl21-01": [], @@ -1738,7 +1720,6 @@ "sa-cl1-cx-1": [], "sa-cl6-cx-20": [], "sa_testAutomation": [], - "sa-cl5-custodian-3": [], "Cl15-BOSCH-AFQM": [ { "id": "07e4c7f0-f7c1-420a-8788-81eb42b5a8cd", @@ -1749,8 +1730,6 @@ "attributes": {} } ], - "sa-cl5-custodian-4": [], - "sa-cl5-custodian-1": [], "sa-cl5-custodian-2": [], "sa-cl6-cx-18": [], "sa-cl6-cx-19": [], @@ -1799,9 +1778,11 @@ "sa-cl2-02": [], "sa-cl6-cx-8": [], "sa-cl2-01": [], + "sa-cl2-04": [], "sa-cl6-cx-6": [], "sa-cl2-03": [], "sa-cl6-cx-5": [], + "sa-cl2-05": [], "account-console": [], "sa-cl22-01": [], "Cl18-CX-Pal": [ @@ -1814,6 +1795,62 @@ "attributes": {} } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "id": "1627e267-4422-46a8-b261-e26b5d852a33", + "name": "decision_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "793ed13a-2297-4182-9d75-e91b003e42a5", + "name": "view_use_case_participation", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "9e96cc27-03a7-4b7d-b3b8-aa886b81fd15", + "name": "revoke_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "48c621d7-1056-4d6c-ae9b-7da255066124", + "name": "revoke_credentials_issuer", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "2337ed3b-e46f-4b85-b3f3-7e244a20e85e", + "name": "request_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "763f8a43-d6f6-4b76-98a8-5082d3345f27", + "name": "view_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + } + ], "sa-cl6-cx-30": [], "Cl17-CX-Part": [ { @@ -1879,15 +1916,14 @@ ], "technical_roles_management": [ { - "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", - "name": "BPDM Management", + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" + "Cl3-CX-Semantic": [ + "view_semantic_model" ] } }, @@ -1896,14 +1932,22 @@ "attributes": {} }, { - "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", - "name": "CX Membership Info", + "id": "5d4a663d-d188-4df8-a86d-b2ae40920ab8", + "name": "BPDM Sharing Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_membership" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_input_changelog", + "read_sharing_state", + "write_output_partner", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -1912,14 +1956,17 @@ "attributes": {} }, { - "id": "4776c000-7232-4804-a133-aff0c01966ba", - "name": "Semantic Model Management", + "id": "21f929c1-a547-46a5-8660-6eb5d5091ba5", + "name": "BPDM Sharing Input Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl3-CX-Semantic": [ - "view_semantic_model" + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "read_input_partner", + "read_stats" ] } }, @@ -1928,16 +1975,14 @@ "attributes": {} }, { - "id": "ffdc000a-7b44-4117-8794-c87492a50604", - "name": "BPDM Gate Read & Write", - "description": "", + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "Cl2-CX-Portal": [ + "create_partner_registration", + "configure_partner_registration" ] } }, @@ -1946,13 +1991,18 @@ "attributes": {} }, { - "id": "20f2c41a-dacd-4505-877a-bb899066a767", - "name": "BPDM Pool", + "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", + "name": "Offer Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" + "Cl2-CX-Portal": [ + "view_tech_user_management", + "add_service_offering", + "add_connectors", + "app_management", + "activate_subscription" ] } }, @@ -1961,14 +2011,21 @@ "attributes": {} }, { - "id": "75211526-5c5e-4c6d-a377-627402c3f1b3", - "name": "BPDM Gate Read", - "description": "", + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data" + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ], + "Cl21-CX-DF": [ + "view_discovery_endpoint" + ], + "Cl2-CX-Portal": [ + "view_connectors" ] } }, @@ -1977,14 +2034,15 @@ "attributes": {} }, { - "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", - "name": "Identity Wallet Management", + "id": "281b856c-b74a-4753-99bb-bdcd810a212e", + "name": "IRS Management", + "description": "", "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" + "Cl20-CX-IRS": [ + "view_irs", + "admin_irs" ] } }, @@ -1993,14 +2051,14 @@ "attributes": {} }, { - "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", - "name": "Registration External", + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", "composite": true, "composites": { "client": { "Cl2-CX-Portal": [ - "create_partner_registration", - "configure_partner_registration" + "view_membership" ] } }, @@ -2009,18 +2067,36 @@ "attributes": {} }, { - "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", - "name": "Offer Management", + "id": "8805517d-63db-4d08-b6f2-cd8038929111", + "name": "BPDM Pool Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_tech_user_management", - "add_service_offering", - "add_connectors", - "app_management", - "activate_subscription" + "Cl7-CX-BPDM": [ + "write_partner", + "read_changelog_member", + "read_changelog", + "read_metadata", + "read_partner", + "read_partner_member", + "write_metadata" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" ] } }, @@ -2029,15 +2105,19 @@ "attributes": {} }, { - "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", - "name": "BPDM Partner Gate", + "id": "62f6d094-b5ad-4a64-9ce3-e1ee425f1491", + "name": "BPDM Sharing Input Manager", + "description": "", "composite": true, "composites": { "client": { "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "read_input_changelog", + "read_sharing_state", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -2046,21 +2126,17 @@ "attributes": {} }, { - "id": "d5781775-3fbd-4f46-84ea-b19164393205", - "name": "Dataspace Discovery", + "id": "ab1aedcb-9ae9-4a89-bb07-64ebb24d950e", + "name": "BPDM Sharing Output Consumer", + "description": "", "composite": true, "composites": { "client": { - "Cl22-CX-BPND": [ - "add_bpn_discovery", - "delete_bpn_discovery", - "view_bpn_discovery" - ], - "Cl21-CX-DF": [ - "view_discovery_endpoint" - ], - "Cl2-CX-Portal": [ - "view_connectors" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_sharing_state", + "read_stats" ] } }, @@ -2069,15 +2145,16 @@ "attributes": {} }, { - "id": "281b856c-b74a-4753-99bb-bdcd810a212e", - "name": "IRS Management", + "id": "cb9628e5-1ffa-4aa3-a8e8-3cfa8119ce30", + "name": "BPDM Pool Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl20-CX-IRS": [ - "view_irs", - "admin_irs" + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_changelog", + "read_metadata" ] } }, @@ -2086,12 +2163,7 @@ "attributes": {} } ], - "Cl12-CX-TestManager": [], "sa-cl6-cx-29": [], - "sa-beta-cx7": [], - "sa-beta-cx6": [], - "sa-beta-cx5": [], - "sa-beta-cx4": [], "Cl20-CX-IRS": [ { "id": "ee61636e-de19-41cb-be70-ec4c730c474c", @@ -2112,10 +2184,7 @@ "attributes": {} } ], - "sa-beta-cx3": [], "sa-cl5-cx-1": [], - "sa-beta-cx2": [], - "sa-beta-cx1": [], "Cl16-CX-CRisk": [ { "id": "3fc6e7e8-9115-4d0f-a0ab-3f950321af11", @@ -2265,9 +2334,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl1-CX-Registration": [ "add_company_data", "view_registration", @@ -2532,24 +2598,6 @@ "attributes": {} } ], - "Cl9-CDQ-Fraud": [ - { - "id": "9f5d6884-a643-4846-bddc-39adeda9aef2", - "name": "fraud_app_manager", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - }, - { - "id": "2d7ea02b-114a-40d6-9c2c-ef57cc7eef67", - "name": "fraud_app_user", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - } - ], "sa-cl6-cx-9": [], "account": [ { @@ -2672,10 +2720,11 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppMicrosoftAuthenticatorName", "totpAppFreeOTPName", - "totpAppGoogleName" + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName" ], + "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": [ "ES256" @@ -2688,6 +2737,7 @@ "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": [ "ES256" @@ -2700,6 +2750,7 @@ "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "webAuthnPolicyPasswordlessExtraOrigins": [], "users": [ { "id" : "6529834b-a4c1-4b11-a200-d77e5fe7443f", @@ -3534,15 +3585,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ], - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3559,11 +3601,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3670,6 +3707,53 @@ "notBefore": 0, "groups": [] }, + { + "id": "2f44169e-c974-4655-a5bf-eea00ba7e654", + "createdTimestamp": 1712762205184, + "username": "service-account-sa-cl2-04", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-04", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential", + "view_use_case_participation", + "revoke_credential", + "revoke_credentials_issuer", + "request_ssicredential", + "view_certificates" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e8bc6470-28ee-4c40-a2d9-27c6e78f303b", + "createdTimestamp": 1712764191865, + "username": "service-account-sa-cl2-05", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-05", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "store_didDocument" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "319d6b7f-bd88-4103-8124-e8ac4c791acf", "createdTimestamp": 1681915810810, @@ -3726,6 +3810,30 @@ "notBefore": 0, "groups": [] }, + { + "id": "e4a7204c-2fa8-4909-baa9-3fbc2fa6ec12", + "createdTimestamp": 1712762654440, + "username": "service-account-sa-cl24-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl24-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_membership_credential", + "send_mail", + "update_application_bpn_credential", + "create_notifications" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", "createdTimestamp": 1658347753956, @@ -3787,35 +3895,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", - "createdTimestamp": 1651615151516, - "username": "service-account-sa-cl5-custodian-1", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-1", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "update_wallets", - "view_wallet", - "update_wallet", - "view_wallets" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", "createdTimestamp": 1657558751239, @@ -3849,60 +3928,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "0e1028a6-99c2-46ad-a323-9917ebe7346b", - "createdTimestamp": 1657571043337, - "username": "service-account-sa-cl5-custodian-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-3", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "300de02c-e667-4528-ac99-a3749c214bd2", - "createdTimestamp": 1657571107848, - "username": "service-account-sa-cl5-custodian-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-4", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "8b7b0192-b24f-41b3-b7b7-b49efcc49e34", "createdTimestamp": 1654613733324, @@ -4754,9 +4779,6 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "technical_roles_management": [ "Semantic Model Management", "Identity Wallet Management", @@ -4773,85 +4795,42 @@ "groups": [] }, { - "id": "b1d71881-2aa8-4a67-b8ce-c101d6290832", - "createdTimestamp": 1657541056572, - "username": "service-account-sa-cl7-cx-1", + "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", + "createdTimestamp": 1664293185323, + "username": "service-account-sa-cl7-cx-3", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-1", + "serviceAccountClientId": "sa-cl7-cx-3", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin" ] }, "notBefore": 0, "groups": [] }, { - "id": "1e60cc6d-17cd-442c-ace7-ec94067c5f85", - "createdTimestamp": 1658900179675, - "username": "service-account-sa-cl7-cx-2", + "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", + "createdTimestamp": 1664293263973, + "username": "service-account-sa-cl7-cx-4", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-2", + "serviceAccountClientId": "sa-cl7-cx-4", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", - "createdTimestamp": 1664293185323, - "username": "service-account-sa-cl7-cx-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-3", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", - "createdTimestamp": 1664293263973, - "username": "service-account-sa-cl7-cx-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-4", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4871,14 +4850,9 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" - ], - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -4898,8 +4872,8 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4920,8 +4894,8 @@ ], "clientRoles": { "technical_roles_management": [ - "BPDM Management", - "BPDM Partner Gate" + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -5103,16 +5077,6 @@ ] } ], - "Cl16-CX-BPDMGate": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "update_company_data", - "view_shared_data", - "view_company_data" - ] - } - ], "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ { "client": "https://catenax-beta-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", @@ -5132,15 +5096,6 @@ ] } ], - "Cl7-CX-BPDM": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "add_company_data", - "view_company_data" - ] - } - ], "technical_roles_management": [ { "client": "sa-cl3-cx-1", @@ -5149,46 +5104,43 @@ "Semantic Model Management", "Identity Wallet Management" ] - } - ], - "Cl5-CX-Custodian": [ + }, { - "client": "sa-cl5-custodian-1", + "client": "sa-cl7-cx-3", "roles": [ - "update_wallets", - "update_wallet", - "view_wallets", - "view_wallet" + "BPDM Pool Admin" ] }, { - "client": "sa-cl5-custodian-2", + "client": "sa-cl7-cx-4", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-3", + "client": "sa-cl7-cx-5", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + }, + { + "client": "sa-cl7-cx-6", + "roles": [ + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-4", + "client": "sa-cl7-cx-7", + "roles": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-2", "roles": [ "delete_wallet", "delete_wallets", @@ -5210,6 +5162,19 @@ ] } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "client": "sa-cl2-04", + "roles": [ + "view_use_case_participation", + "revoke_credentials_issuer", + "view_certificates", + "request_ssicredential", + "revoke_credential", + "decision_ssicredential" + ] + } + ], "account": [ { "client": "account-console", @@ -5233,6 +5198,21 @@ "update_application_checklist_value" ] }, + { + "client": "sa-cl2-05", + "roles": [ + "store_didDocument" + ] + }, + { + "client": "sa-cl24-01", + "roles": [ + "send_mail", + "create_notifications", + "update_application_membership_credential", + "update_application_bpn_credential" + ] + }, { "client": "sa-cl8-cx-1", "roles": [ @@ -5602,73 +5582,6 @@ "microprofile-jwt" ] }, - { - "id": "2a82462c-5745-43bb-859c-f5a2e74611de", - "clientId": "Cl12-CX-TestManager", - "name": "Testdaten-Manager", - "description": "Testdaten Manager SSO", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [ - "+" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", "clientId": "Cl13-CX-Battery", @@ -5920,6 +5833,11 @@ { "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "clientId": "Cl16-CX-BPDMGate", + "name": "", + "description": "Portal Gate", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -6643,6 +6561,57 @@ "microprofile-jwt" ] }, + { + "id": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "clientId": "Cl24-CX-SSI-CredentialIssuer", + "name": "", + "description": "Client for SSI Credential Issuer", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, { "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "clientId": "Cl2-CX-Portal", @@ -6948,6 +6917,11 @@ { "id": "04cd6d38-674f-4588-980a-8f120bddcc44", "clientId": "Cl7-CX-BPDM", + "name": "", + "description": " BPDM Pool", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7011,107 +6985,42 @@ ] }, { - "id": "3fbe1a86-143d-4d52-8138-01aa23875664", - "clientId": "Cl9-CDQ-Fraud", + "id": "6a9209c2-ec16-476b-9a9f-61474610b790", + "clientId": "https://catenax-beta-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "**********", "redirectUris": [ - "https://fraud-dashboard.beta.demo.catena-x.net/*", - "https://keycloak.catenax-cdq.com/auth/*" + "https://catenax-beta-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-beta-dismantler-s66pftcc.aws-live-eu10" ], "webOrigins": [ - "+" + "https://catenax-beta-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, + "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "saml.force.post.binding": "true", "saml.multivalued.roles": "false", - "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", + "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", + "backchannel.logout.session.required": "false", "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6a9209c2-ec16-476b-9a9f-61474610b790", - "clientId": "https://catenax-beta-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "https://catenax-beta-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-beta-dismantler-s66pftcc.aws-live-eu10" - ], - "webOrigins": [ - "https://catenax-beta-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": true, - "protocol": "saml", - "attributes": { - "saml.force.post.binding": "true", - "saml.multivalued.roles": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", - "oidc.ciba.grant.enabled": "false", - "backchannel.logout.session.required": "false", - "client_credentials.use_refresh_token": "false", - "saml.signature.algorithm": "RSA_SHA256", + "saml.signature.algorithm": "RSA_SHA256", "require.pushed.authorization.requests": "false", "saml.client.signature": "true", "id.token.as.detached.signature": "false", @@ -7422,8 +7331,9 @@ ] }, { - "id": "35134e77-f548-4b87-970c-cc0626496fcd", - "clientId": "sa-beta-cx1", + "id": "c33cfdab-5838-4c38-bd84-15b63502d604", + "clientId": "sa-cl10-cx-1", + "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7471,7 +7381,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "07f8b416-f24d-4cba-91f8-fd3ae0af4657", + "id": "429be913-0d7c-4bb1-b429-ed7b18822645", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7486,22 +7396,22 @@ } }, { - "id": "72681be8-4baf-475d-a9b9-47dee5326981", - "name": "BPN", + "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "2ac54aee-ac44-4a48-ae4a-bbdb5288c7f9", + "id": "d13abc34-92f7-4b7f-8684-f923f5798627", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7514,21 +7424,6 @@ "claim.name": "client_id", "jsonType.label": "String" } - }, - { - "id": "7cb8edc7-02f4-4c7c-84b4-b91cbac2d5e4", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7545,8 +7440,9 @@ ] }, { - "id": "b9ee94c4-f8de-40ba-8ea0-36d3ca28d3b5", - "clientId": "sa-beta-cx2", + "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", + "clientId": "sa-cl16-cx-1", + "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7594,7 +7490,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "296af6dd-9c38-41f4-b485-5f5eea375ccc", + "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7609,7 +7505,7 @@ } }, { - "id": "e00b42b8-8bcc-4b18-9999-86212378c5b1", + "id": "2722c105-eb0a-4af2-85c6-13499e443d99", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7624,7 +7520,7 @@ } }, { - "id": "24194317-3f62-417a-8442-62009cbf029e", + "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7637,21 +7533,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "ab7d3b61-de21-4527-b021-7b2d75182fee", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7668,14 +7549,17 @@ ] }, { - "id": "624a56df-7370-46f6-b00f-44791184bb28", - "clientId": "sa-beta-cx3", + "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", + "clientId": "sa-cl1-cx-1", + "description": "Service Account for Invicti DAST scan", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7705,8 +7589,8 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "saml.client.signature": "false", "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", @@ -7717,37 +7601,22 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09c3a032-eab0-4f2c-96df-b7c1b13d3634", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "62d698d8-24d6-4b3a-b533-c4bffdb65db1", - "name": "Client Host", + "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "2a1ab4a4-c250-49e0-9676-86564dea3062", + "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7762,17 +7631,17 @@ } }, { - "id": "f5071021-acc5-42be-98e1-8bccd62e8f1b", - "name": "Client IP Address", + "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -7791,14 +7660,17 @@ ] }, { - "id": "fb3deae9-5f34-4e9d-9a33-376f083f03c4", - "clientId": "sa-beta-cx4", + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7813,8 +7685,8 @@ "attributes": { "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.multivalued.roles": "false", "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -7828,34 +7700,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "daf63cfb-4e69-43f3-9c4e-7c9f91131364", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "53742f0f-0df2-4f2f-b6bd-e407d4bd0894", + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7870,32 +7727,32 @@ } }, { - "id": "343fe132-c419-484d-a7f7-a2316f855cec", - "name": "Client IP Address", + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "15332471-4d69-48fa-9bab-e51218faa13d", - "name": "Client ID", + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -7914,8 +7771,9 @@ ] }, { - "id": "8b05ebaa-0fa1-45fc-bc5c-8d75e2fa8166", - "clientId": "sa-beta-cx5", + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7959,41 +7817,41 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "4c831a50-2f22-407f-ac33-3b5bc19d824b", - "name": "Client ID", + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "764d1b6f-ecc1-46b7-8feb-e962fe8facd5", - "name": "BPN", + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "client_id", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "df7255f2-200f-4ebb-94bb-7edf96e2e127", + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -8006,21 +7864,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "b421ee98-98c8-41e2-8594-646b9ac40c67", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -8037,8 +7880,9 @@ ] }, { - "id": "062617f4-5efb-4f85-932f-26193737321e", - "clientId": "sa-beta-cx6", + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -8074,855 +7918,59 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "86a03690-8af2-4c80-ba47-94d05fc1cc47", - "name": "Client ID", + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "8657ab97-ddb1-4775-8d44-a3ccbfea213f", - "name": "Client Host", + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "6543b216-4e97-4dd9-a855-021de0d8b316", - "name": "Client IP Address", + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b167ce59-73d8-4f6c-a175-5cc742526628", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2b1424ac-3e67-42c7-be77-69aa57fe0834", - "clientId": "sa-beta-cx7", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "965eb625-e855-49f4-bb55-c0d73666d410", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "581a3217-3127-4484-a4c7-1491371a7b48", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "cf552528-6cb5-43a5-91c9-aac399e96730", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "ba208341-0e41-4dea-8397-619376833c3a", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "c33cfdab-5838-4c38-bd84-15b63502d604", - "clientId": "sa-cl10-cx-1", - "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "429be913-0d7c-4bb1-b429-ed7b18822645", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "d13abc34-92f7-4b7f-8684-f923f5798627", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", - "clientId": "sa-cl16-cx-1", - "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "2722c105-eb0a-4af2-85c6-13499e443d99", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", - "clientId": "sa-cl1-cx-1", - "description": "Service Account for Invicti DAST scan", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", - "clientId": "sa-cl1-reg-2", - "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", - "clientId": "sa-cl2-01", - "description": "Technical User Clearinghouse update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", - "clientId": "sa-cl2-02", - "description": "Technical User SelfDescription (SD) update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -9050,16 +8098,24 @@ ] }, { - "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", - "clientId": "sa-cl21-01", - "description": "Technical User Discovery Finder", + "id": "beb01d13-04e2-4a2b-a909-8b4166b3dcf7", + "clientId": "sa-cl2-04", + "name": "", + "description": "Technical User SSI Credential Issuer - Portal to SSI Credential Issuer (portal helm chart: backend.processesworker.issuerComponent.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9068,61 +8124,29 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712762205", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", + "oauth2.device.authorization.grant.enabled": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "id": "514cd3f7-8b0d-4a41-ae75-2b30b2be13f6", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -9130,38 +8154,39 @@ } }, { - "id": "8f318235-669e-4236-b8ea-f596b802f672", - "name": "BPN", + "id": "8502e4e1-3d19-47c0-8b8e-7f394228dbbe", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", - "name": "Client Host", + "id": "a045a68f-caca-4605-a438-ba2e0bcfad38", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9174,16 +8199,24 @@ ] }, { - "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", - "clientId": "sa-cl22-01", - "description": "Technical User BPN Discovery", + "id": "19b62d82-9df7-4bbd-9edc-8534bb0a7e68", + "clientId": "sa-cl2-05", + "name": "", + "description": "Technical User Dim Layer - Dim Layer to Portal (dim helm chart: processesworker.callback.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9192,100 +8225,69 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712764102", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09824b45-f47e-4213-90d5-7aec6a078314", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", - "name": "Client ID", + "id": "32f11424-4cff-472f-99bd-df98787216fe", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", - "name": "Client Host", + "id": "1e3f26ac-3578-4a04-adfa-6838d54560f8", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "36e185ed-3af8-489d-a94b-a280ae205e03", - "name": "Client IP Address", + "id": "4c0a8ac0-09e8-445e-9f2b-769750bc09a8", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9298,17 +8300,15 @@ ] }, { - "id": "7beaee76-d447-4531-9433-fd9ce19d1460", - "clientId": "sa-cl3-cx-1", - "name": "Technical User CX internal - communication GitHub and Semantic Hub", + "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9321,10 +8321,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9338,9 +8338,9 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" @@ -9350,51 +8350,52 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "702c92a9-9f89-4130-9d37-c1620529ca13", - "name": "BPN", + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.attribute": "bpn", + "user.session.note": "client_id", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "userinfo.token.claim": "true" + "claim.name": "client_id", + "jsonType.label": "String" } }, { - "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", - "name": "Client ID", + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", - "name": "Client IP Address", + "id": "8f318235-669e-4236-b8ea-f596b802f672", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9423,9 +8424,9 @@ ] }, { - "id": "d5a29608-9579-4af4-b895-458ff5b03276", - "clientId": "sa-cl3-cx-2", - "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", + "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9444,10 +8445,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9461,19 +8462,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "id": "09824b45-f47e-4213-90d5-7aec6a078314", "name": "BPN", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", @@ -9488,7 +8489,7 @@ } }, { - "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9503,32 +8504,32 @@ } }, { - "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", - "name": "Client IP Address", + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", - "name": "Client Host", + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -9547,18 +8548,24 @@ ] }, { - "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", - "clientId": "sa-cl5-custodian-1", - "description": "Technical User for SD Hub Call to Custodian for SD signature", + "id": "8ac37496-cca9-41ba-9684-cf7348f880d5", + "clientId": "sa-cl24-01", + "name": "", + "description": "Technical User for SSI Credential Issuer (credential issuer helm chart: processesworker.portal.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ - "*" + "/*" + ], + "webOrigins": [ + "/*" ], - "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9567,110 +8574,83 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "oauth2.device.authorization.grant.enabled": "false", + "client.secret.creation.time": "1712762654", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "30897db9-574e-49ee-b968-ede77a6baf67", - "name": "Client ID", + "id": "c176820f-4e65-4b63-90d5-31a058b31698", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "00879247-75ce-491f-abed-52a6a810f685", - "name": "Client Host", + "id": "1cbf20be-7fff-44c4-9eb5-a6868b2fb122", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", - "name": "Client IP Address", + "id": "471d6ae7-39a3-44f5-ac90-f31be999eb08", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "0c387b1e-5a80-47c8-82f5-693e3af79425", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "acr", + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", - "clientId": "sa-cl5-custodian-2", - "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technical User CX internal - communication GitHub and Semantic Hub", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9720,86 +8700,88 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", - "name": "Client Host", + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" + "claim.name": "bpn", + "userinfo.token.claim": "true" } }, { - "id": "728abacc-c436-4d67-b699-92957a69b519", - "name": "Client IP Address", + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "98c6f360-6714-455a-bc94-4fa0b5072866", - "name": "BPN", + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", - "name": "Client ID", + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "0dfcbe31-2482-46d7-bb09-0722b0e1c4f9", - "clientId": "sa-cl5-custodian-3", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "d5a29608-9579-4af4-b895-458ff5b03276", + "clientId": "sa-cl3-cx-2", + "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9837,82 +8819,91 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, + "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3e1df311-abd2-4878-9f0a-426fd1a50c0d", - "name": "Client IP Address", + "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "17a2ea60-79e2-4d57-8db7-9931b0e1a674", - "name": "Client Host", + "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "d6203b9c-6b72-44d0-8609-83077dd6a2e0", - "name": "Client ID", + "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "1db97b73-9663-4eb5-99ed-d103c4bda113", - "name": "BPN", + "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "7612bab1-3617-485e-8461-f1d2a7a6a92e", - "clientId": "sa-cl5-custodian-4", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "name": "", + "description": "Technical User for Portal to call Managed Identity Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9962,7 +8953,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "783956fc-c81e-4da3-871c-436eec1fa555", + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9977,37 +8968,37 @@ } }, { - "id": "f230563b-4e92-47e6-94d4-5d7ac8eef916", - "name": "BPN", + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "45b77e95-5844-48c4-ba44-6c883bed55b8", - "name": "Client IP Address", + "id": "98c6f360-6714-455a-bc94-4fa0b5072866", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "653db152-0505-4fcc-8d9e-51eee203610b", + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -13764,243 +12755,6 @@ "microprofile-jwt" ] }, - { - "id": "6e2f3a74-9277-4265-a0bd-8f8f41ba0530", - "clientId": "sa-cl7-cx-1", - "description": "Technical user created for BPDM / CDQ connect (SPOC: Peter Schenkel)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "33ef0160-e559-4fde-8faa-657140437026", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "61c367f1-dcd7-4190-9d63-97c0b3ae5afc", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "1c8aad27-8158-498b-bf99-e6de92799b6d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "d1c857fb-0c7d-4b6d-b6e8-34bf4de76d6d", - "clientId": "sa-cl7-cx-2", - "description": "Technical user for BPDM connection to Fraud App (Michael Wirth & CGI: Fabio)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "23db4b23-856e-4f3b-a1e2-f935d2373d0d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "5db07b78-2eb9-405d-a0eb-9ab0e94a1e4d", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "b01e802a-984a-4c95-a5f7-db4f3fd4b16b", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "09b70efe-f7e1-4880-a375-de44e2e1b38a", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "f6627ae5-54ac-4e53-871d-875de8879e51", "clientId": "sa-cl7-cx-3", @@ -14048,7 +12802,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14157,7 +12911,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14375,7 +13129,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14484,7 +13238,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -17224,14 +15978,6 @@ "autheticatorFlow": false, "userSetupAllowed": false }, - { - "authenticator": "registration-profile-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - }, { "authenticator": "registration-password-action", "authenticatorFlow": false, diff --git a/import/realm-config/consortia/catenax-central/dev/CX-Central-realm.json b/import/realm-config/consortia/catenax-central/dev/CX-Central-realm.json index d5c4b8d9..42de631d 100644 --- a/import/realm-config/consortia/catenax-central/dev/CX-Central-realm.json +++ b/import/realm-config/consortia/catenax-central/dev/CX-Central-realm.json @@ -111,6 +111,7 @@ "security-admin-console": [], "sa-cl6-cx-17": [], "sa-cl10-cx-1": [], + "sa-cl24-01": [], "sa-cl16-cx-1": [], "Cl2-CX-Portal": [ { @@ -162,9 +163,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -182,24 +180,20 @@ "view_service_offering", "view_autosetup_status", "add_connectors", - "upload_documents", "view_own_user_account", "view_use_cases", "view_idp", - "view_services", "add_tech_user_management", "view_membership", "update_own_user_account", "add_service_offering", "view_service_subscriptions", "activate_subscription", - "view_tech_roles", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "view_subscription", "delete_notifications", "view_connectors", @@ -234,14 +228,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", - "name": "setup_client", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "34742e28-1497-4222-ad1f-93ab9feac92e", "name": "view_app_subscription", @@ -313,6 +299,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "8b4aa267-bb7e-40c9-8cd2-f82603fa066a", + "name": "update_application_bpn_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "19c0e799-4ffd-4709-8b38-45540c677e50", "name": "view_autosetup_status", @@ -327,9 +322,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -337,17 +329,16 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_technical_setup", - "view_tech_user_management", - "app_management", - "view_tech_roles", - "view_certificates", "view_app_language", "technical_roles_management", "CX User", + "view_technical_setup", + "view_tech_user_management", "edit_apps", + "app_management", "view_use_cases", - "view_apps" + "view_apps", + "view_certificates" ] } }, @@ -361,9 +352,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -383,9 +371,6 @@ "unsubscribe_apps", "view_user_management", "subscribe_apps", - "view_services", - "view_dataspaces", - "filter_apps", "view_service_subscriptions", "view_notifications", "view_certificates", @@ -409,14 +394,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "03acc78a-0301-4518-a548-d5bd782c3d13", - "name": "decision_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", "name": "add_connectors", @@ -479,14 +456,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "15bd8123-3469-4505-93ff-a5bd3b929495", - "name": "subscribe_service_offering", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "66f4b417-25d4-47d7-b3d2-e6eb80bcba5e", "name": "create_partner_registration", @@ -548,15 +517,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", - "name": "view_tech_roles", - "description": "View technical user roles", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", "name": "view_client_roles", @@ -575,14 +535,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "29ac8c4d-5296-467c-91fa-3a0d7487c912", - "name": "request_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", "name": "delete_user_account", @@ -676,9 +628,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -717,8 +666,6 @@ "delete_tech_user_management", "subscribe_service", "delete_own_user_account", - "request_ssicredential", - "my_user_account", "delete_user_account", "view_apps", "view_subscription", @@ -743,9 +690,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -753,16 +697,15 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_service_subscriptions", - "activate_subscription", - "view_certificates", "subscribe_service", "CX User", "view_service_offering", "unsubscribe_apps", + "view_service_subscriptions", "unsubscribe_services", - "subscribe_apps", - "view_services" + "activate_subscription", + "view_certificates", + "subscribe_apps" ] } }, @@ -770,6 +713,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "b01f9c19-adde-4bca-be36-d2e21cedc37a", + "name": "store_didDocument", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", "name": "delete_apps", @@ -797,6 +749,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "3b336c72-0f9c-440e-8427-16028439c5e6", + "name": "update_application_membership_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", "name": "view_service_marketplace", @@ -812,9 +773,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -826,7 +784,6 @@ "view_documents", "delete_connectors", "upload_certificates", - "setup_client", "view_app_subscription", "delete_documents", "view_company_data", @@ -840,15 +797,12 @@ "view_user_management", "view_idp", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -860,21 +814,16 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", - "view_dataspaces", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "unsubscribe_services", "view_apps", "modify_connectors", @@ -900,9 +849,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -912,22 +858,18 @@ "Cl2-CX-Portal": [ "view_documents", "view_membership", - "view_dataspaces", "update_own_user_account", - "filter_apps", "view_company_data", "view_notifications", "view_certificates", "view_service_marketplace", "view_service_offering", "delete_own_user_account", - "my_user_account", "view_own_user_account", "view_apps", "view_user_management", "view_subscription", "delete_notifications", - "view_services", "view_partner_network" ], "Cl3-CX-Semantic": [ @@ -971,9 +913,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1004,14 +943,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "39c00d2f-491f-4658-96ef-9f47920afea6", - "name": "upload_documents", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", "name": "view_use_cases", @@ -1030,15 +961,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", - "name": "view_services", - "description": "view service marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", "name": "update_application_checklist_value", @@ -1083,15 +1005,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", - "name": "view_dataspaces", - "description": "View dataspace marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b06c2999-6008-4fb6-a22f-93fdac150656", "name": "decline_app_release", @@ -1109,24 +1022,12 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", - "name": "filter_apps", - "description": "Users with this role can filter apps in the App Marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "765bced5-b422-4f91-b35f-19d648595e6a", "name": "Purchaser", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1135,7 +1036,6 @@ ], "Cl2-CX-Portal": [ "delete_certificates", - "subscribe_service_offering", "CX User", "upload_certificates", "unsubscribe_apps", @@ -1173,11 +1073,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" - ], "Cl5-CX-Custodian": [ "delete_wallet", "add_wallet", @@ -1187,6 +1082,9 @@ "Cl1-CX-Registration": [ "view_registration" ], + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential" + ], "Cl2-CX-Portal": [ "decline_new_partner", "update_company_role", @@ -1194,7 +1092,6 @@ "delete_connectors", "update_service_offering", "invite_new_partner", - "setup_client", "view_app_subscription", "delete_documents", "app_management", @@ -1203,24 +1100,20 @@ "view_app_language", "modify_user_account", "view_autosetup_status", - "decision_ssicredential", "add_connectors", "view_own_user_account", "view_user_management", "view_idp", "add_apps", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "view_service_subscriptions", "activate_subscription", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -1237,24 +1130,19 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", "decline_service_release", - "view_dataspaces", "decline_app_release", "add_service_offering", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "create_notifications", "edit_apps", "unsubscribe_services", @@ -1295,17 +1183,17 @@ "attributes": {} }, { - "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", - "name": "delete_own_user_account", + "id": "cae19290-f11e-4532-b046-e07e302078e2", + "name": "send_mail", + "description": "", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, { - "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", - "name": "my_user_account", - "description": "view my own user account details", + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", @@ -1455,24 +1343,63 @@ ], "Cl7-CX-BPDM": [ { - "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", - "name": "delete_company_data", + "id": "da4b989c-d2fb-4276-bec7-bdad739e0864", + "name": "write_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", - "name": "add_company_data", + "id": "8d2f5f1a-bb4f-42fd-9947-18f799174bd8", + "name": "read_changelog_member", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", - "name": "view_company_data", + "id": "810ced5e-4eb9-42d7-90e0-2f5dd3aaa2a2", + "name": "read_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "b0cf08cf-3b00-4ed2-9871-79093200029e", + "name": "read_metadata", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "fc598e8a-eb9b-44e6-8c5b-c2870fefcd95", + "name": "read_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "33725fd2-bc24-4355-8c9e-979b352c0444", + "name": "read_partner_member", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "36db1cdc-308a-43d5-a3cb-43c676ca4eee", + "name": "write_metadata", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", @@ -1697,24 +1624,81 @@ "sa-cl6-cx-23": [], "Cl16-CX-BPDMGate": [ { - "id": "891e715a-7fdb-4dbe-a177-998a383ee836", - "name": "view_company_data", + "id": "af471823-bcca-4267-bbf6-c3183380358f", + "name": "read_output_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "33e96ab8-df1f-4fc1-bdda-3509e3e76e2e", + "name": "read_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "b280b367-6ba5-4ba1-8a64-8f61877c9f17", + "name": "read_input_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "27ce5626-0186-4ced-8e14-ecfcbc2f4330", + "name": "read_sharing_state", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e8516251-0f90-4d1a-9a6c-7fd44d52ecc0", + "name": "write_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e5cd5783-d48a-4d25-acf9-13fb8138715a", + "name": "read_input_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "364db9ec-ceb2-47b8-a892-f70bae1c89c5", + "name": "write_sharing_state", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", - "name": "update_company_data", + "id": "1d16924d-fca4-495b-a227-0cbf80b31d96", + "name": "read_stats", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", - "name": "view_shared_data", + "id": "3378cc71-3097-40f9-aaab-7ec66fa9bc54", + "name": "write_input_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", @@ -1726,9 +1710,7 @@ "sa-cl6-cx-26": [], "sa-cl6-cx-27": [], "sa-cl6-cx-28": [], - "sa-cl7-cx-1": [], "sa-cl5-custodian-internaltest": [], - "sa-cl7-cx-2": [], "sa-cl7-cx-3": [], "sa-cl7-cx-4": [], "sa-cl21-01": [], @@ -1738,7 +1720,6 @@ "sa-cl1-cx-1": [], "sa-cl6-cx-20": [], "sa_testAutomation": [], - "sa-cl5-custodian-3": [], "Cl15-BOSCH-AFQM": [ { "id": "07e4c7f0-f7c1-420a-8788-81eb42b5a8cd", @@ -1749,8 +1730,6 @@ "attributes": {} } ], - "sa-cl5-custodian-4": [], - "sa-cl5-custodian-1": [], "sa-cl5-custodian-2": [], "sa-cl6-cx-18": [], "sa-cl6-cx-19": [], @@ -1799,9 +1778,11 @@ "sa-cl2-02": [], "sa-cl6-cx-8": [], "sa-cl2-01": [], + "sa-cl2-04": [], "sa-cl6-cx-6": [], "sa-cl2-03": [], "sa-cl6-cx-5": [], + "sa-cl2-05": [], "account-console": [], "sa-cl22-01": [], "Cl18-CX-Pal": [ @@ -1814,6 +1795,62 @@ "attributes": {} } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "id": "1627e267-4422-46a8-b261-e26b5d852a33", + "name": "decision_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "793ed13a-2297-4182-9d75-e91b003e42a5", + "name": "view_use_case_participation", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "9e96cc27-03a7-4b7d-b3b8-aa886b81fd15", + "name": "revoke_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "48c621d7-1056-4d6c-ae9b-7da255066124", + "name": "revoke_credentials_issuer", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "2337ed3b-e46f-4b85-b3f3-7e244a20e85e", + "name": "request_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "763f8a43-d6f6-4b76-98a8-5082d3345f27", + "name": "view_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + } + ], "sa-cl6-cx-30": [], "Cl17-CX-Part": [ { @@ -1879,15 +1916,14 @@ ], "technical_roles_management": [ { - "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", - "name": "BPDM Management", + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" + "Cl3-CX-Semantic": [ + "view_semantic_model" ] } }, @@ -1896,14 +1932,22 @@ "attributes": {} }, { - "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", - "name": "CX Membership Info", + "id": "5d4a663d-d188-4df8-a86d-b2ae40920ab8", + "name": "BPDM Sharing Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_membership" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_input_changelog", + "read_sharing_state", + "write_output_partner", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -1912,14 +1956,17 @@ "attributes": {} }, { - "id": "4776c000-7232-4804-a133-aff0c01966ba", - "name": "Semantic Model Management", + "id": "21f929c1-a547-46a5-8660-6eb5d5091ba5", + "name": "BPDM Sharing Input Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl3-CX-Semantic": [ - "view_semantic_model" + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "read_input_partner", + "read_stats" ] } }, @@ -1928,16 +1975,14 @@ "attributes": {} }, { - "id": "ffdc000a-7b44-4117-8794-c87492a50604", - "name": "BPDM Gate Read & Write", - "description": "", + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "Cl2-CX-Portal": [ + "create_partner_registration", + "configure_partner_registration" ] } }, @@ -1946,13 +1991,18 @@ "attributes": {} }, { - "id": "20f2c41a-dacd-4505-877a-bb899066a767", - "name": "BPDM Pool", + "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", + "name": "Offer Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" + "Cl2-CX-Portal": [ + "view_tech_user_management", + "add_service_offering", + "add_connectors", + "app_management", + "activate_subscription" ] } }, @@ -1961,14 +2011,21 @@ "attributes": {} }, { - "id": "75211526-5c5e-4c6d-a377-627402c3f1b3", - "name": "BPDM Gate Read", - "description": "", + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data" + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ], + "Cl21-CX-DF": [ + "view_discovery_endpoint" + ], + "Cl2-CX-Portal": [ + "view_connectors" ] } }, @@ -1977,14 +2034,15 @@ "attributes": {} }, { - "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", - "name": "Identity Wallet Management", + "id": "281b856c-b74a-4753-99bb-bdcd810a212e", + "name": "IRS Management", + "description": "", "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" + "Cl20-CX-IRS": [ + "view_irs", + "admin_irs" ] } }, @@ -1993,14 +2051,14 @@ "attributes": {} }, { - "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", - "name": "Registration External", + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", "composite": true, "composites": { "client": { "Cl2-CX-Portal": [ - "create_partner_registration", - "configure_partner_registration" + "view_membership" ] } }, @@ -2009,18 +2067,36 @@ "attributes": {} }, { - "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", - "name": "Offer Management", + "id": "8805517d-63db-4d08-b6f2-cd8038929111", + "name": "BPDM Pool Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_tech_user_management", - "add_service_offering", - "add_connectors", - "app_management", - "activate_subscription" + "Cl7-CX-BPDM": [ + "write_partner", + "read_changelog_member", + "read_changelog", + "read_metadata", + "read_partner", + "read_partner_member", + "write_metadata" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" ] } }, @@ -2029,15 +2105,19 @@ "attributes": {} }, { - "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", - "name": "BPDM Partner Gate", + "id": "62f6d094-b5ad-4a64-9ce3-e1ee425f1491", + "name": "BPDM Sharing Input Manager", + "description": "", "composite": true, "composites": { "client": { "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "read_input_changelog", + "read_sharing_state", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -2046,21 +2126,17 @@ "attributes": {} }, { - "id": "d5781775-3fbd-4f46-84ea-b19164393205", - "name": "Dataspace Discovery", + "id": "ab1aedcb-9ae9-4a89-bb07-64ebb24d950e", + "name": "BPDM Sharing Output Consumer", + "description": "", "composite": true, "composites": { "client": { - "Cl22-CX-BPND": [ - "add_bpn_discovery", - "delete_bpn_discovery", - "view_bpn_discovery" - ], - "Cl21-CX-DF": [ - "view_discovery_endpoint" - ], - "Cl2-CX-Portal": [ - "view_connectors" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_sharing_state", + "read_stats" ] } }, @@ -2069,15 +2145,16 @@ "attributes": {} }, { - "id": "281b856c-b74a-4753-99bb-bdcd810a212e", - "name": "IRS Management", + "id": "cb9628e5-1ffa-4aa3-a8e8-3cfa8119ce30", + "name": "BPDM Pool Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl20-CX-IRS": [ - "view_irs", - "admin_irs" + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_changelog", + "read_metadata" ] } }, @@ -2086,12 +2163,7 @@ "attributes": {} } ], - "Cl12-CX-TestManager": [], "sa-cl6-cx-29": [], - "sa-beta-cx7": [], - "sa-beta-cx6": [], - "sa-beta-cx5": [], - "sa-beta-cx4": [], "Cl20-CX-IRS": [ { "id": "ee61636e-de19-41cb-be70-ec4c730c474c", @@ -2112,10 +2184,7 @@ "attributes": {} } ], - "sa-beta-cx3": [], "sa-cl5-cx-1": [], - "sa-beta-cx2": [], - "sa-beta-cx1": [], "Cl16-CX-CRisk": [ { "id": "3fc6e7e8-9115-4d0f-a0ab-3f950321af11", @@ -2265,9 +2334,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl1-CX-Registration": [ "add_company_data", "view_registration", @@ -2532,24 +2598,6 @@ "attributes": {} } ], - "Cl9-CDQ-Fraud": [ - { - "id": "9f5d6884-a643-4846-bddc-39adeda9aef2", - "name": "fraud_app_manager", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - }, - { - "id": "2d7ea02b-114a-40d6-9c2c-ef57cc7eef67", - "name": "fraud_app_user", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - } - ], "sa-cl6-cx-9": [], "account": [ { @@ -2672,10 +2720,11 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppMicrosoftAuthenticatorName", "totpAppFreeOTPName", - "totpAppGoogleName" + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName" ], + "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": [ "ES256" @@ -2688,6 +2737,7 @@ "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": [ "ES256" @@ -2700,6 +2750,7 @@ "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "webAuthnPolicyPasswordlessExtraOrigins": [], "users": [ { "id" : "6529834b-a4c1-4b11-a200-d77e5fe7443f", @@ -3534,15 +3585,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ], - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3559,11 +3601,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3670,6 +3707,53 @@ "notBefore": 0, "groups": [] }, + { + "id": "2f44169e-c974-4655-a5bf-eea00ba7e654", + "createdTimestamp": 1712762205184, + "username": "service-account-sa-cl2-04", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-04", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential", + "view_use_case_participation", + "revoke_credential", + "revoke_credentials_issuer", + "request_ssicredential", + "view_certificates" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e8bc6470-28ee-4c40-a2d9-27c6e78f303b", + "createdTimestamp": 1712764191865, + "username": "service-account-sa-cl2-05", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-05", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "store_didDocument" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "319d6b7f-bd88-4103-8124-e8ac4c791acf", "createdTimestamp": 1681915810810, @@ -3726,6 +3810,30 @@ "notBefore": 0, "groups": [] }, + { + "id": "e4a7204c-2fa8-4909-baa9-3fbc2fa6ec12", + "createdTimestamp": 1712762654440, + "username": "service-account-sa-cl24-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl24-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_membership_credential", + "send_mail", + "update_application_bpn_credential", + "create_notifications" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", "createdTimestamp": 1658347753956, @@ -3787,35 +3895,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", - "createdTimestamp": 1651615151516, - "username": "service-account-sa-cl5-custodian-1", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-1", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "update_wallets", - "view_wallet", - "update_wallet", - "view_wallets" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", "createdTimestamp": 1657558751239, @@ -3849,60 +3928,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "0e1028a6-99c2-46ad-a323-9917ebe7346b", - "createdTimestamp": 1657571043337, - "username": "service-account-sa-cl5-custodian-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-3", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "300de02c-e667-4528-ac99-a3749c214bd2", - "createdTimestamp": 1657571107848, - "username": "service-account-sa-cl5-custodian-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-4", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "8b7b0192-b24f-41b3-b7b7-b49efcc49e34", "createdTimestamp": 1654613733324, @@ -4754,9 +4779,6 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "technical_roles_management": [ "Semantic Model Management", "Identity Wallet Management", @@ -4773,85 +4795,42 @@ "groups": [] }, { - "id": "b1d71881-2aa8-4a67-b8ce-c101d6290832", - "createdTimestamp": 1657541056572, - "username": "service-account-sa-cl7-cx-1", + "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", + "createdTimestamp": 1664293185323, + "username": "service-account-sa-cl7-cx-3", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-1", + "serviceAccountClientId": "sa-cl7-cx-3", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin" ] }, "notBefore": 0, "groups": [] }, { - "id": "1e60cc6d-17cd-442c-ace7-ec94067c5f85", - "createdTimestamp": 1658900179675, - "username": "service-account-sa-cl7-cx-2", + "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", + "createdTimestamp": 1664293263973, + "username": "service-account-sa-cl7-cx-4", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-2", + "serviceAccountClientId": "sa-cl7-cx-4", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", - "createdTimestamp": 1664293185323, - "username": "service-account-sa-cl7-cx-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-3", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", - "createdTimestamp": 1664293263973, - "username": "service-account-sa-cl7-cx-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-4", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4871,14 +4850,9 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" - ], - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -4898,8 +4872,8 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4920,8 +4894,8 @@ ], "clientRoles": { "technical_roles_management": [ - "BPDM Management", - "BPDM Partner Gate" + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -5103,16 +5077,6 @@ ] } ], - "Cl16-CX-BPDMGate": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "update_company_data", - "view_shared_data", - "view_company_data" - ] - } - ], "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ { "client": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", @@ -5132,15 +5096,6 @@ ] } ], - "Cl7-CX-BPDM": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "add_company_data", - "view_company_data" - ] - } - ], "technical_roles_management": [ { "client": "sa-cl3-cx-1", @@ -5149,46 +5104,43 @@ "Semantic Model Management", "Identity Wallet Management" ] - } - ], - "Cl5-CX-Custodian": [ + }, { - "client": "sa-cl5-custodian-1", + "client": "sa-cl7-cx-3", "roles": [ - "update_wallets", - "update_wallet", - "view_wallets", - "view_wallet" + "BPDM Pool Admin" ] }, { - "client": "sa-cl5-custodian-2", + "client": "sa-cl7-cx-4", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-3", + "client": "sa-cl7-cx-5", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + }, + { + "client": "sa-cl7-cx-6", + "roles": [ + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-4", + "client": "sa-cl7-cx-7", + "roles": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-2", "roles": [ "delete_wallet", "delete_wallets", @@ -5210,6 +5162,19 @@ ] } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "client": "sa-cl2-04", + "roles": [ + "view_use_case_participation", + "revoke_credentials_issuer", + "view_certificates", + "request_ssicredential", + "revoke_credential", + "decision_ssicredential" + ] + } + ], "account": [ { "client": "account-console", @@ -5233,6 +5198,21 @@ "update_application_checklist_value" ] }, + { + "client": "sa-cl2-05", + "roles": [ + "store_didDocument" + ] + }, + { + "client": "sa-cl24-01", + "roles": [ + "send_mail", + "create_notifications", + "update_application_membership_credential", + "update_application_bpn_credential" + ] + }, { "client": "sa-cl8-cx-1", "roles": [ @@ -5602,73 +5582,6 @@ "microprofile-jwt" ] }, - { - "id": "2a82462c-5745-43bb-859c-f5a2e74611de", - "clientId": "Cl12-CX-TestManager", - "name": "Testdaten-Manager", - "description": "Testdaten Manager SSO", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [ - "+" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", "clientId": "Cl13-CX-Battery", @@ -5920,6 +5833,11 @@ { "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "clientId": "Cl16-CX-BPDMGate", + "name": "", + "description": "Portal Gate", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -6643,6 +6561,57 @@ "microprofile-jwt" ] }, + { + "id": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "clientId": "Cl24-CX-SSI-CredentialIssuer", + "name": "", + "description": "Client for SSI Credential Issuer", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, { "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "clientId": "Cl2-CX-Portal", @@ -6948,6 +6917,11 @@ { "id": "04cd6d38-674f-4588-980a-8f120bddcc44", "clientId": "Cl7-CX-BPDM", + "name": "", + "description": " BPDM Pool", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7011,107 +6985,42 @@ ] }, { - "id": "3fbe1a86-143d-4d52-8138-01aa23875664", - "clientId": "Cl9-CDQ-Fraud", + "id": "6a9209c2-ec16-476b-9a9f-61474610b790", + "clientId": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "**********", "redirectUris": [ - "https://fraud-dashboard.dev.demo.catena-x.net/*", - "https://keycloak.catenax-cdq.com/auth/*" + "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-dev-dismantler-s66pftcc.aws-live-eu10" ], "webOrigins": [ - "+" + "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, + "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "saml.force.post.binding": "true", "saml.multivalued.roles": "false", - "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", + "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", + "backchannel.logout.session.required": "false", "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6a9209c2-ec16-476b-9a9f-61474610b790", - "clientId": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-dev-dismantler-s66pftcc.aws-live-eu10" - ], - "webOrigins": [ - "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": true, - "protocol": "saml", - "attributes": { - "saml.force.post.binding": "true", - "saml.multivalued.roles": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", - "oidc.ciba.grant.enabled": "false", - "backchannel.logout.session.required": "false", - "client_credentials.use_refresh_token": "false", - "saml.signature.algorithm": "RSA_SHA256", + "saml.signature.algorithm": "RSA_SHA256", "require.pushed.authorization.requests": "false", "saml.client.signature": "true", "id.token.as.detached.signature": "false", @@ -7422,8 +7331,9 @@ ] }, { - "id": "35134e77-f548-4b87-970c-cc0626496fcd", - "clientId": "sa-beta-cx1", + "id": "c33cfdab-5838-4c38-bd84-15b63502d604", + "clientId": "sa-cl10-cx-1", + "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7471,7 +7381,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "07f8b416-f24d-4cba-91f8-fd3ae0af4657", + "id": "429be913-0d7c-4bb1-b429-ed7b18822645", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7486,22 +7396,22 @@ } }, { - "id": "72681be8-4baf-475d-a9b9-47dee5326981", - "name": "BPN", + "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "2ac54aee-ac44-4a48-ae4a-bbdb5288c7f9", + "id": "d13abc34-92f7-4b7f-8684-f923f5798627", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7514,21 +7424,6 @@ "claim.name": "client_id", "jsonType.label": "String" } - }, - { - "id": "7cb8edc7-02f4-4c7c-84b4-b91cbac2d5e4", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7545,8 +7440,9 @@ ] }, { - "id": "b9ee94c4-f8de-40ba-8ea0-36d3ca28d3b5", - "clientId": "sa-beta-cx2", + "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", + "clientId": "sa-cl16-cx-1", + "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7594,7 +7490,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "296af6dd-9c38-41f4-b485-5f5eea375ccc", + "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7609,7 +7505,7 @@ } }, { - "id": "e00b42b8-8bcc-4b18-9999-86212378c5b1", + "id": "2722c105-eb0a-4af2-85c6-13499e443d99", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7624,7 +7520,7 @@ } }, { - "id": "24194317-3f62-417a-8442-62009cbf029e", + "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7637,21 +7533,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "ab7d3b61-de21-4527-b021-7b2d75182fee", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7668,14 +7549,17 @@ ] }, { - "id": "624a56df-7370-46f6-b00f-44791184bb28", - "clientId": "sa-beta-cx3", + "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", + "clientId": "sa-cl1-cx-1", + "description": "Service Account for Invicti DAST scan", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7705,8 +7589,8 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "saml.client.signature": "false", "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", @@ -7717,37 +7601,22 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09c3a032-eab0-4f2c-96df-b7c1b13d3634", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "62d698d8-24d6-4b3a-b533-c4bffdb65db1", - "name": "Client Host", + "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "2a1ab4a4-c250-49e0-9676-86564dea3062", + "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7762,17 +7631,17 @@ } }, { - "id": "f5071021-acc5-42be-98e1-8bccd62e8f1b", - "name": "Client IP Address", + "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -7791,14 +7660,17 @@ ] }, { - "id": "fb3deae9-5f34-4e9d-9a33-376f083f03c4", - "clientId": "sa-beta-cx4", + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7813,8 +7685,8 @@ "attributes": { "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.multivalued.roles": "false", "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -7828,34 +7700,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "daf63cfb-4e69-43f3-9c4e-7c9f91131364", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "53742f0f-0df2-4f2f-b6bd-e407d4bd0894", + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7870,32 +7727,32 @@ } }, { - "id": "343fe132-c419-484d-a7f7-a2316f855cec", - "name": "Client IP Address", + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "15332471-4d69-48fa-9bab-e51218faa13d", - "name": "Client ID", + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -7914,8 +7771,9 @@ ] }, { - "id": "8b05ebaa-0fa1-45fc-bc5c-8d75e2fa8166", - "clientId": "sa-beta-cx5", + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7959,41 +7817,41 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "4c831a50-2f22-407f-ac33-3b5bc19d824b", - "name": "Client ID", + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "764d1b6f-ecc1-46b7-8feb-e962fe8facd5", - "name": "BPN", + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "client_id", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "df7255f2-200f-4ebb-94bb-7edf96e2e127", + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -8006,21 +7864,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "b421ee98-98c8-41e2-8594-646b9ac40c67", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -8037,8 +7880,9 @@ ] }, { - "id": "062617f4-5efb-4f85-932f-26193737321e", - "clientId": "sa-beta-cx6", + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -8074,855 +7918,59 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "86a03690-8af2-4c80-ba47-94d05fc1cc47", - "name": "Client ID", + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "8657ab97-ddb1-4775-8d44-a3ccbfea213f", - "name": "Client Host", + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "6543b216-4e97-4dd9-a855-021de0d8b316", - "name": "Client IP Address", + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b167ce59-73d8-4f6c-a175-5cc742526628", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2b1424ac-3e67-42c7-be77-69aa57fe0834", - "clientId": "sa-beta-cx7", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "965eb625-e855-49f4-bb55-c0d73666d410", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "581a3217-3127-4484-a4c7-1491371a7b48", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "cf552528-6cb5-43a5-91c9-aac399e96730", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "ba208341-0e41-4dea-8397-619376833c3a", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "c33cfdab-5838-4c38-bd84-15b63502d604", - "clientId": "sa-cl10-cx-1", - "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "429be913-0d7c-4bb1-b429-ed7b18822645", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "d13abc34-92f7-4b7f-8684-f923f5798627", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", - "clientId": "sa-cl16-cx-1", - "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "2722c105-eb0a-4af2-85c6-13499e443d99", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", - "clientId": "sa-cl1-cx-1", - "description": "Service Account for Invicti DAST scan", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", - "clientId": "sa-cl1-reg-2", - "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", - "clientId": "sa-cl2-01", - "description": "Technical User Clearinghouse update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", - "clientId": "sa-cl2-02", - "description": "Technical User SelfDescription (SD) update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -9050,16 +8098,24 @@ ] }, { - "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", - "clientId": "sa-cl21-01", - "description": "Technical User Discovery Finder", + "id": "beb01d13-04e2-4a2b-a909-8b4166b3dcf7", + "clientId": "sa-cl2-04", + "name": "", + "description": "Technical User SSI Credential Issuer - Portal to SSI Credential Issuer (portal helm chart: backend.processesworker.issuerComponent.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9068,61 +8124,29 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712762205", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", + "oauth2.device.authorization.grant.enabled": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "id": "514cd3f7-8b0d-4a41-ae75-2b30b2be13f6", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -9130,38 +8154,39 @@ } }, { - "id": "8f318235-669e-4236-b8ea-f596b802f672", - "name": "BPN", + "id": "8502e4e1-3d19-47c0-8b8e-7f394228dbbe", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", - "name": "Client Host", + "id": "a045a68f-caca-4605-a438-ba2e0bcfad38", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9174,16 +8199,24 @@ ] }, { - "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", - "clientId": "sa-cl22-01", - "description": "Technical User BPN Discovery", + "id": "19b62d82-9df7-4bbd-9edc-8534bb0a7e68", + "clientId": "sa-cl2-05", + "name": "", + "description": "Technical User Dim Layer - Dim Layer to Portal (dim helm chart: processesworker.callback.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9192,100 +8225,69 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712764102", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09824b45-f47e-4213-90d5-7aec6a078314", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", - "name": "Client ID", + "id": "32f11424-4cff-472f-99bd-df98787216fe", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", - "name": "Client Host", + "id": "1e3f26ac-3578-4a04-adfa-6838d54560f8", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "36e185ed-3af8-489d-a94b-a280ae205e03", - "name": "Client IP Address", + "id": "4c0a8ac0-09e8-445e-9f2b-769750bc09a8", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9298,17 +8300,15 @@ ] }, { - "id": "7beaee76-d447-4531-9433-fd9ce19d1460", - "clientId": "sa-cl3-cx-1", - "name": "Technical User CX internal - communication GitHub and Semantic Hub", + "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9321,10 +8321,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9338,9 +8338,9 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" @@ -9350,51 +8350,52 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "702c92a9-9f89-4130-9d37-c1620529ca13", - "name": "BPN", + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.attribute": "bpn", + "user.session.note": "client_id", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "userinfo.token.claim": "true" + "claim.name": "client_id", + "jsonType.label": "String" } }, { - "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", - "name": "Client ID", + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", - "name": "Client IP Address", + "id": "8f318235-669e-4236-b8ea-f596b802f672", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9423,9 +8424,9 @@ ] }, { - "id": "d5a29608-9579-4af4-b895-458ff5b03276", - "clientId": "sa-cl3-cx-2", - "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", + "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9444,10 +8445,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9461,19 +8462,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "id": "09824b45-f47e-4213-90d5-7aec6a078314", "name": "BPN", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", @@ -9488,7 +8489,7 @@ } }, { - "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9503,32 +8504,32 @@ } }, { - "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", - "name": "Client IP Address", + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", - "name": "Client Host", + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -9547,18 +8548,24 @@ ] }, { - "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", - "clientId": "sa-cl5-custodian-1", - "description": "Technical User for SD Hub Call to Custodian for SD signature", + "id": "8ac37496-cca9-41ba-9684-cf7348f880d5", + "clientId": "sa-cl24-01", + "name": "", + "description": "Technical User for SSI Credential Issuer (credential issuer helm chart: processesworker.portal.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ - "*" + "/*" + ], + "webOrigins": [ + "/*" ], - "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9567,110 +8574,83 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "oauth2.device.authorization.grant.enabled": "false", + "client.secret.creation.time": "1712762654", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "30897db9-574e-49ee-b968-ede77a6baf67", - "name": "Client ID", + "id": "c176820f-4e65-4b63-90d5-31a058b31698", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "00879247-75ce-491f-abed-52a6a810f685", - "name": "Client Host", + "id": "1cbf20be-7fff-44c4-9eb5-a6868b2fb122", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", - "name": "Client IP Address", + "id": "471d6ae7-39a3-44f5-ac90-f31be999eb08", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "0c387b1e-5a80-47c8-82f5-693e3af79425", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "acr", + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", - "clientId": "sa-cl5-custodian-2", - "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technical User CX internal - communication GitHub and Semantic Hub", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9720,86 +8700,88 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", - "name": "Client Host", + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" + "claim.name": "bpn", + "userinfo.token.claim": "true" } }, { - "id": "728abacc-c436-4d67-b699-92957a69b519", - "name": "Client IP Address", + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "98c6f360-6714-455a-bc94-4fa0b5072866", - "name": "BPN", + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", - "name": "Client ID", + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "0dfcbe31-2482-46d7-bb09-0722b0e1c4f9", - "clientId": "sa-cl5-custodian-3", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "d5a29608-9579-4af4-b895-458ff5b03276", + "clientId": "sa-cl3-cx-2", + "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9837,82 +8819,91 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, + "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3e1df311-abd2-4878-9f0a-426fd1a50c0d", - "name": "Client IP Address", + "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "17a2ea60-79e2-4d57-8db7-9931b0e1a674", - "name": "Client Host", + "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "d6203b9c-6b72-44d0-8609-83077dd6a2e0", - "name": "Client ID", + "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "1db97b73-9663-4eb5-99ed-d103c4bda113", - "name": "BPN", + "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "7612bab1-3617-485e-8461-f1d2a7a6a92e", - "clientId": "sa-cl5-custodian-4", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "name": "", + "description": "Technical User for Portal to call Managed Identity Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9962,7 +8953,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "783956fc-c81e-4da3-871c-436eec1fa555", + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9977,37 +8968,37 @@ } }, { - "id": "f230563b-4e92-47e6-94d4-5d7ac8eef916", - "name": "BPN", + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "45b77e95-5844-48c4-ba44-6c883bed55b8", - "name": "Client IP Address", + "id": "98c6f360-6714-455a-bc94-4fa0b5072866", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "653db152-0505-4fcc-8d9e-51eee203610b", + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -13764,243 +12755,6 @@ "microprofile-jwt" ] }, - { - "id": "6e2f3a74-9277-4265-a0bd-8f8f41ba0530", - "clientId": "sa-cl7-cx-1", - "description": "Technical user created for BPDM / CDQ connect (SPOC: Peter Schenkel)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "33ef0160-e559-4fde-8faa-657140437026", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "61c367f1-dcd7-4190-9d63-97c0b3ae5afc", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "1c8aad27-8158-498b-bf99-e6de92799b6d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "d1c857fb-0c7d-4b6d-b6e8-34bf4de76d6d", - "clientId": "sa-cl7-cx-2", - "description": "Technical user for BPDM connection to Fraud App (Michael Wirth & CGI: Fabio)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "23db4b23-856e-4f3b-a1e2-f935d2373d0d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "5db07b78-2eb9-405d-a0eb-9ab0e94a1e4d", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "b01e802a-984a-4c95-a5f7-db4f3fd4b16b", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "09b70efe-f7e1-4880-a375-de44e2e1b38a", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "f6627ae5-54ac-4e53-871d-875de8879e51", "clientId": "sa-cl7-cx-3", @@ -14048,7 +12802,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14157,7 +12911,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14375,7 +13129,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14484,7 +13238,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -17224,14 +15978,6 @@ "autheticatorFlow": false, "userSetupAllowed": false }, - { - "authenticator": "registration-profile-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - }, { "authenticator": "registration-password-action", "authenticatorFlow": false, diff --git a/import/realm-config/consortia/catenax-central/int/CX-Central-realm.json b/import/realm-config/consortia/catenax-central/int/CX-Central-realm.json index a146da57..40ce305f 100644 --- a/import/realm-config/consortia/catenax-central/int/CX-Central-realm.json +++ b/import/realm-config/consortia/catenax-central/int/CX-Central-realm.json @@ -111,6 +111,7 @@ "security-admin-console": [], "sa-cl6-cx-17": [], "sa-cl10-cx-1": [], + "sa-cl24-01": [], "sa-cl16-cx-1": [], "Cl2-CX-Portal": [ { @@ -162,9 +163,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -182,24 +180,20 @@ "view_service_offering", "view_autosetup_status", "add_connectors", - "upload_documents", "view_own_user_account", "view_use_cases", "view_idp", - "view_services", "add_tech_user_management", "view_membership", "update_own_user_account", "add_service_offering", "view_service_subscriptions", "activate_subscription", - "view_tech_roles", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "view_subscription", "delete_notifications", "view_connectors", @@ -234,14 +228,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", - "name": "setup_client", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "34742e28-1497-4222-ad1f-93ab9feac92e", "name": "view_app_subscription", @@ -313,6 +299,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "8b4aa267-bb7e-40c9-8cd2-f82603fa066a", + "name": "update_application_bpn_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "19c0e799-4ffd-4709-8b38-45540c677e50", "name": "view_autosetup_status", @@ -327,9 +322,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -337,17 +329,16 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_technical_setup", - "view_tech_user_management", - "app_management", - "view_tech_roles", - "view_certificates", "view_app_language", "technical_roles_management", "CX User", + "view_technical_setup", + "view_tech_user_management", "edit_apps", + "app_management", "view_use_cases", - "view_apps" + "view_apps", + "view_certificates" ] } }, @@ -361,9 +352,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -383,9 +371,6 @@ "unsubscribe_apps", "view_user_management", "subscribe_apps", - "view_services", - "view_dataspaces", - "filter_apps", "view_service_subscriptions", "view_notifications", "view_certificates", @@ -409,14 +394,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "03acc78a-0301-4518-a548-d5bd782c3d13", - "name": "decision_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", "name": "add_connectors", @@ -479,14 +456,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "15bd8123-3469-4505-93ff-a5bd3b929495", - "name": "subscribe_service_offering", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "66f4b417-25d4-47d7-b3d2-e6eb80bcba5e", "name": "create_partner_registration", @@ -548,15 +517,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", - "name": "view_tech_roles", - "description": "View technical user roles", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", "name": "view_client_roles", @@ -575,14 +535,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "29ac8c4d-5296-467c-91fa-3a0d7487c912", - "name": "request_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", "name": "delete_user_account", @@ -676,9 +628,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -717,8 +666,6 @@ "delete_tech_user_management", "subscribe_service", "delete_own_user_account", - "request_ssicredential", - "my_user_account", "delete_user_account", "view_apps", "view_subscription", @@ -743,9 +690,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -753,16 +697,15 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_service_subscriptions", - "activate_subscription", - "view_certificates", "subscribe_service", "CX User", "view_service_offering", "unsubscribe_apps", + "view_service_subscriptions", "unsubscribe_services", - "subscribe_apps", - "view_services" + "activate_subscription", + "view_certificates", + "subscribe_apps" ] } }, @@ -770,6 +713,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "b01f9c19-adde-4bca-be36-d2e21cedc37a", + "name": "store_didDocument", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", "name": "delete_apps", @@ -797,6 +749,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "3b336c72-0f9c-440e-8427-16028439c5e6", + "name": "update_application_membership_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", "name": "view_service_marketplace", @@ -812,9 +773,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -826,7 +784,6 @@ "view_documents", "delete_connectors", "upload_certificates", - "setup_client", "view_app_subscription", "delete_documents", "view_company_data", @@ -840,15 +797,12 @@ "view_user_management", "view_idp", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -860,21 +814,16 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", - "view_dataspaces", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "unsubscribe_services", "view_apps", "modify_connectors", @@ -900,9 +849,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -912,22 +858,18 @@ "Cl2-CX-Portal": [ "view_documents", "view_membership", - "view_dataspaces", "update_own_user_account", - "filter_apps", "view_company_data", "view_notifications", "view_certificates", "view_service_marketplace", "view_service_offering", "delete_own_user_account", - "my_user_account", "view_own_user_account", "view_apps", "view_user_management", "view_subscription", "delete_notifications", - "view_services", "view_partner_network" ], "Cl3-CX-Semantic": [ @@ -971,9 +913,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1004,14 +943,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "39c00d2f-491f-4658-96ef-9f47920afea6", - "name": "upload_documents", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", "name": "view_use_cases", @@ -1030,15 +961,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", - "name": "view_services", - "description": "view service marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", "name": "update_application_checklist_value", @@ -1083,15 +1005,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", - "name": "view_dataspaces", - "description": "View dataspace marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b06c2999-6008-4fb6-a22f-93fdac150656", "name": "decline_app_release", @@ -1109,24 +1022,12 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", - "name": "filter_apps", - "description": "Users with this role can filter apps in the App Marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "765bced5-b422-4f91-b35f-19d648595e6a", "name": "Purchaser", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1135,7 +1036,6 @@ ], "Cl2-CX-Portal": [ "delete_certificates", - "subscribe_service_offering", "CX User", "upload_certificates", "unsubscribe_apps", @@ -1173,11 +1073,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" - ], "Cl5-CX-Custodian": [ "delete_wallet", "add_wallet", @@ -1187,6 +1082,9 @@ "Cl1-CX-Registration": [ "view_registration" ], + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential" + ], "Cl2-CX-Portal": [ "decline_new_partner", "update_company_role", @@ -1194,7 +1092,6 @@ "delete_connectors", "update_service_offering", "invite_new_partner", - "setup_client", "view_app_subscription", "delete_documents", "app_management", @@ -1203,24 +1100,20 @@ "view_app_language", "modify_user_account", "view_autosetup_status", - "decision_ssicredential", "add_connectors", "view_own_user_account", "view_user_management", "view_idp", "add_apps", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "view_service_subscriptions", "activate_subscription", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -1237,24 +1130,19 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", "decline_service_release", - "view_dataspaces", "decline_app_release", "add_service_offering", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "create_notifications", "edit_apps", "unsubscribe_services", @@ -1295,17 +1183,17 @@ "attributes": {} }, { - "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", - "name": "delete_own_user_account", + "id": "cae19290-f11e-4532-b046-e07e302078e2", + "name": "send_mail", + "description": "", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, { - "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", - "name": "my_user_account", - "description": "view my own user account details", + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", @@ -1455,24 +1343,63 @@ ], "Cl7-CX-BPDM": [ { - "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", - "name": "delete_company_data", + "id": "da4b989c-d2fb-4276-bec7-bdad739e0864", + "name": "write_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", - "name": "add_company_data", + "id": "8d2f5f1a-bb4f-42fd-9947-18f799174bd8", + "name": "read_changelog_member", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", - "name": "view_company_data", + "id": "810ced5e-4eb9-42d7-90e0-2f5dd3aaa2a2", + "name": "read_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "b0cf08cf-3b00-4ed2-9871-79093200029e", + "name": "read_metadata", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "fc598e8a-eb9b-44e6-8c5b-c2870fefcd95", + "name": "read_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "33725fd2-bc24-4355-8c9e-979b352c0444", + "name": "read_partner_member", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "36db1cdc-308a-43d5-a3cb-43c676ca4eee", + "name": "write_metadata", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", @@ -1697,24 +1624,81 @@ "sa-cl6-cx-23": [], "Cl16-CX-BPDMGate": [ { - "id": "891e715a-7fdb-4dbe-a177-998a383ee836", - "name": "view_company_data", + "id": "af471823-bcca-4267-bbf6-c3183380358f", + "name": "read_output_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "33e96ab8-df1f-4fc1-bdda-3509e3e76e2e", + "name": "read_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "b280b367-6ba5-4ba1-8a64-8f61877c9f17", + "name": "read_input_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "27ce5626-0186-4ced-8e14-ecfcbc2f4330", + "name": "read_sharing_state", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e8516251-0f90-4d1a-9a6c-7fd44d52ecc0", + "name": "write_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e5cd5783-d48a-4d25-acf9-13fb8138715a", + "name": "read_input_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "364db9ec-ceb2-47b8-a892-f70bae1c89c5", + "name": "write_sharing_state", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", - "name": "update_company_data", + "id": "1d16924d-fca4-495b-a227-0cbf80b31d96", + "name": "read_stats", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", - "name": "view_shared_data", + "id": "3378cc71-3097-40f9-aaab-7ec66fa9bc54", + "name": "write_input_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", @@ -1726,9 +1710,7 @@ "sa-cl6-cx-26": [], "sa-cl6-cx-27": [], "sa-cl6-cx-28": [], - "sa-cl7-cx-1": [], "sa-cl5-custodian-internaltest": [], - "sa-cl7-cx-2": [], "sa-cl7-cx-3": [], "sa-cl7-cx-4": [], "sa-cl21-01": [], @@ -1738,7 +1720,6 @@ "sa-cl1-cx-1": [], "sa-cl6-cx-20": [], "sa_testAutomation": [], - "sa-cl5-custodian-3": [], "Cl15-BOSCH-AFQM": [ { "id": "07e4c7f0-f7c1-420a-8788-81eb42b5a8cd", @@ -1749,8 +1730,6 @@ "attributes": {} } ], - "sa-cl5-custodian-4": [], - "sa-cl5-custodian-1": [], "sa-cl5-custodian-2": [], "sa-cl6-cx-18": [], "sa-cl6-cx-19": [], @@ -1799,9 +1778,11 @@ "sa-cl2-02": [], "sa-cl6-cx-8": [], "sa-cl2-01": [], + "sa-cl2-04": [], "sa-cl6-cx-6": [], "sa-cl2-03": [], "sa-cl6-cx-5": [], + "sa-cl2-05": [], "account-console": [], "sa-cl22-01": [], "Cl18-CX-Pal": [ @@ -1814,6 +1795,62 @@ "attributes": {} } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "id": "1627e267-4422-46a8-b261-e26b5d852a33", + "name": "decision_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "793ed13a-2297-4182-9d75-e91b003e42a5", + "name": "view_use_case_participation", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "9e96cc27-03a7-4b7d-b3b8-aa886b81fd15", + "name": "revoke_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "48c621d7-1056-4d6c-ae9b-7da255066124", + "name": "revoke_credentials_issuer", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "2337ed3b-e46f-4b85-b3f3-7e244a20e85e", + "name": "request_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "763f8a43-d6f6-4b76-98a8-5082d3345f27", + "name": "view_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + } + ], "sa-cl6-cx-30": [], "Cl17-CX-Part": [ { @@ -1879,15 +1916,14 @@ ], "technical_roles_management": [ { - "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", - "name": "BPDM Management", + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" + "Cl3-CX-Semantic": [ + "view_semantic_model" ] } }, @@ -1896,14 +1932,22 @@ "attributes": {} }, { - "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", - "name": "CX Membership Info", + "id": "5d4a663d-d188-4df8-a86d-b2ae40920ab8", + "name": "BPDM Sharing Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_membership" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_input_changelog", + "read_sharing_state", + "write_output_partner", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -1912,14 +1956,17 @@ "attributes": {} }, { - "id": "4776c000-7232-4804-a133-aff0c01966ba", - "name": "Semantic Model Management", + "id": "21f929c1-a547-46a5-8660-6eb5d5091ba5", + "name": "BPDM Sharing Input Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl3-CX-Semantic": [ - "view_semantic_model" + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "read_input_partner", + "read_stats" ] } }, @@ -1928,16 +1975,14 @@ "attributes": {} }, { - "id": "ffdc000a-7b44-4117-8794-c87492a50604", - "name": "BPDM Gate Read & Write", - "description": "", + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "Cl2-CX-Portal": [ + "create_partner_registration", + "configure_partner_registration" ] } }, @@ -1946,13 +1991,18 @@ "attributes": {} }, { - "id": "20f2c41a-dacd-4505-877a-bb899066a767", - "name": "BPDM Pool", + "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", + "name": "Offer Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" + "Cl2-CX-Portal": [ + "view_tech_user_management", + "add_service_offering", + "add_connectors", + "app_management", + "activate_subscription" ] } }, @@ -1961,14 +2011,21 @@ "attributes": {} }, { - "id": "75211526-5c5e-4c6d-a377-627402c3f1b3", - "name": "BPDM Gate Read", - "description": "", + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data" + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ], + "Cl21-CX-DF": [ + "view_discovery_endpoint" + ], + "Cl2-CX-Portal": [ + "view_connectors" ] } }, @@ -1977,14 +2034,15 @@ "attributes": {} }, { - "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", - "name": "Identity Wallet Management", + "id": "281b856c-b74a-4753-99bb-bdcd810a212e", + "name": "IRS Management", + "description": "", "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" + "Cl20-CX-IRS": [ + "view_irs", + "admin_irs" ] } }, @@ -1993,14 +2051,14 @@ "attributes": {} }, { - "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", - "name": "Registration External", + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", "composite": true, "composites": { "client": { "Cl2-CX-Portal": [ - "create_partner_registration", - "configure_partner_registration" + "view_membership" ] } }, @@ -2009,18 +2067,36 @@ "attributes": {} }, { - "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", - "name": "Offer Management", + "id": "8805517d-63db-4d08-b6f2-cd8038929111", + "name": "BPDM Pool Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_tech_user_management", - "add_service_offering", - "add_connectors", - "app_management", - "activate_subscription" + "Cl7-CX-BPDM": [ + "write_partner", + "read_changelog_member", + "read_changelog", + "read_metadata", + "read_partner", + "read_partner_member", + "write_metadata" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" ] } }, @@ -2029,15 +2105,19 @@ "attributes": {} }, { - "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", - "name": "BPDM Partner Gate", + "id": "62f6d094-b5ad-4a64-9ce3-e1ee425f1491", + "name": "BPDM Sharing Input Manager", + "description": "", "composite": true, "composites": { "client": { "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "read_input_changelog", + "read_sharing_state", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -2046,21 +2126,17 @@ "attributes": {} }, { - "id": "d5781775-3fbd-4f46-84ea-b19164393205", - "name": "Dataspace Discovery", + "id": "ab1aedcb-9ae9-4a89-bb07-64ebb24d950e", + "name": "BPDM Sharing Output Consumer", + "description": "", "composite": true, "composites": { "client": { - "Cl22-CX-BPND": [ - "add_bpn_discovery", - "delete_bpn_discovery", - "view_bpn_discovery" - ], - "Cl21-CX-DF": [ - "view_discovery_endpoint" - ], - "Cl2-CX-Portal": [ - "view_connectors" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_sharing_state", + "read_stats" ] } }, @@ -2069,15 +2145,16 @@ "attributes": {} }, { - "id": "281b856c-b74a-4753-99bb-bdcd810a212e", - "name": "IRS Management", + "id": "cb9628e5-1ffa-4aa3-a8e8-3cfa8119ce30", + "name": "BPDM Pool Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl20-CX-IRS": [ - "view_irs", - "admin_irs" + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_changelog", + "read_metadata" ] } }, @@ -2086,12 +2163,7 @@ "attributes": {} } ], - "Cl12-CX-TestManager": [], "sa-cl6-cx-29": [], - "sa-beta-cx7": [], - "sa-beta-cx6": [], - "sa-beta-cx5": [], - "sa-beta-cx4": [], "Cl20-CX-IRS": [ { "id": "ee61636e-de19-41cb-be70-ec4c730c474c", @@ -2112,10 +2184,7 @@ "attributes": {} } ], - "sa-beta-cx3": [], "sa-cl5-cx-1": [], - "sa-beta-cx2": [], - "sa-beta-cx1": [], "Cl16-CX-CRisk": [ { "id": "3fc6e7e8-9115-4d0f-a0ab-3f950321af11", @@ -2265,9 +2334,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl1-CX-Registration": [ "add_company_data", "view_registration", @@ -2532,24 +2598,6 @@ "attributes": {} } ], - "Cl9-CDQ-Fraud": [ - { - "id": "9f5d6884-a643-4846-bddc-39adeda9aef2", - "name": "fraud_app_manager", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - }, - { - "id": "2d7ea02b-114a-40d6-9c2c-ef57cc7eef67", - "name": "fraud_app_user", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - } - ], "sa-cl6-cx-9": [], "account": [ { @@ -2672,10 +2720,11 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppMicrosoftAuthenticatorName", "totpAppFreeOTPName", - "totpAppGoogleName" + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName" ], + "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": [ "ES256" @@ -2688,6 +2737,7 @@ "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": [ "ES256" @@ -2700,6 +2750,7 @@ "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "webAuthnPolicyPasswordlessExtraOrigins": [], "users": [ { "id" : "6529834b-a4c1-4b11-a200-d77e5fe7443f", @@ -3534,15 +3585,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ], - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3559,11 +3601,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3670,6 +3707,53 @@ "notBefore": 0, "groups": [] }, + { + "id": "2f44169e-c974-4655-a5bf-eea00ba7e654", + "createdTimestamp": 1712762205184, + "username": "service-account-sa-cl2-04", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-04", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential", + "view_use_case_participation", + "revoke_credential", + "revoke_credentials_issuer", + "request_ssicredential", + "view_certificates" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e8bc6470-28ee-4c40-a2d9-27c6e78f303b", + "createdTimestamp": 1712764191865, + "username": "service-account-sa-cl2-05", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-05", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "store_didDocument" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "319d6b7f-bd88-4103-8124-e8ac4c791acf", "createdTimestamp": 1681915810810, @@ -3726,6 +3810,30 @@ "notBefore": 0, "groups": [] }, + { + "id": "e4a7204c-2fa8-4909-baa9-3fbc2fa6ec12", + "createdTimestamp": 1712762654440, + "username": "service-account-sa-cl24-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl24-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_membership_credential", + "send_mail", + "update_application_bpn_credential", + "create_notifications" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", "createdTimestamp": 1658347753956, @@ -3787,35 +3895,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", - "createdTimestamp": 1651615151516, - "username": "service-account-sa-cl5-custodian-1", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-1", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "update_wallets", - "view_wallet", - "update_wallet", - "view_wallets" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", "createdTimestamp": 1657558751239, @@ -3849,60 +3928,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "0e1028a6-99c2-46ad-a323-9917ebe7346b", - "createdTimestamp": 1657571043337, - "username": "service-account-sa-cl5-custodian-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-3", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "300de02c-e667-4528-ac99-a3749c214bd2", - "createdTimestamp": 1657571107848, - "username": "service-account-sa-cl5-custodian-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-4", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "8b7b0192-b24f-41b3-b7b7-b49efcc49e34", "createdTimestamp": 1654613733324, @@ -4754,9 +4779,6 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "technical_roles_management": [ "Semantic Model Management", "Identity Wallet Management", @@ -4773,85 +4795,42 @@ "groups": [] }, { - "id": "b1d71881-2aa8-4a67-b8ce-c101d6290832", - "createdTimestamp": 1657541056572, - "username": "service-account-sa-cl7-cx-1", + "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", + "createdTimestamp": 1664293185323, + "username": "service-account-sa-cl7-cx-3", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-1", + "serviceAccountClientId": "sa-cl7-cx-3", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin" ] }, "notBefore": 0, "groups": [] }, { - "id": "1e60cc6d-17cd-442c-ace7-ec94067c5f85", - "createdTimestamp": 1658900179675, - "username": "service-account-sa-cl7-cx-2", + "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", + "createdTimestamp": 1664293263973, + "username": "service-account-sa-cl7-cx-4", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-2", + "serviceAccountClientId": "sa-cl7-cx-4", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", - "createdTimestamp": 1664293185323, - "username": "service-account-sa-cl7-cx-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-3", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", - "createdTimestamp": 1664293263973, - "username": "service-account-sa-cl7-cx-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-4", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4871,14 +4850,9 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" - ], - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -4898,8 +4872,8 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4920,8 +4894,8 @@ ], "clientRoles": { "technical_roles_management": [ - "BPDM Management", - "BPDM Partner Gate" + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -5103,16 +5077,6 @@ ] } ], - "Cl16-CX-BPDMGate": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "update_company_data", - "view_shared_data", - "view_company_data" - ] - } - ], "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ { "client": "https://catenax-int-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", @@ -5132,15 +5096,6 @@ ] } ], - "Cl7-CX-BPDM": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "add_company_data", - "view_company_data" - ] - } - ], "technical_roles_management": [ { "client": "sa-cl3-cx-1", @@ -5149,46 +5104,43 @@ "Semantic Model Management", "Identity Wallet Management" ] - } - ], - "Cl5-CX-Custodian": [ + }, { - "client": "sa-cl5-custodian-1", + "client": "sa-cl7-cx-3", "roles": [ - "update_wallets", - "update_wallet", - "view_wallets", - "view_wallet" + "BPDM Pool Admin" ] }, { - "client": "sa-cl5-custodian-2", + "client": "sa-cl7-cx-4", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-3", + "client": "sa-cl7-cx-5", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + }, + { + "client": "sa-cl7-cx-6", + "roles": [ + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-4", + "client": "sa-cl7-cx-7", + "roles": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-2", "roles": [ "delete_wallet", "delete_wallets", @@ -5210,6 +5162,19 @@ ] } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "client": "sa-cl2-04", + "roles": [ + "view_use_case_participation", + "revoke_credentials_issuer", + "view_certificates", + "request_ssicredential", + "revoke_credential", + "decision_ssicredential" + ] + } + ], "account": [ { "client": "account-console", @@ -5233,6 +5198,21 @@ "update_application_checklist_value" ] }, + { + "client": "sa-cl2-05", + "roles": [ + "store_didDocument" + ] + }, + { + "client": "sa-cl24-01", + "roles": [ + "send_mail", + "create_notifications", + "update_application_membership_credential", + "update_application_bpn_credential" + ] + }, { "client": "sa-cl8-cx-1", "roles": [ @@ -5602,73 +5582,6 @@ "microprofile-jwt" ] }, - { - "id": "2a82462c-5745-43bb-859c-f5a2e74611de", - "clientId": "Cl12-CX-TestManager", - "name": "Testdaten-Manager", - "description": "Testdaten Manager SSO", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [ - "+" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", "clientId": "Cl13-CX-Battery", @@ -5920,6 +5833,11 @@ { "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "clientId": "Cl16-CX-BPDMGate", + "name": "", + "description": "Portal Gate", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -6643,6 +6561,57 @@ "microprofile-jwt" ] }, + { + "id": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "clientId": "Cl24-CX-SSI-CredentialIssuer", + "name": "", + "description": "Client for SSI Credential Issuer", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, { "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "clientId": "Cl2-CX-Portal", @@ -6948,6 +6917,11 @@ { "id": "04cd6d38-674f-4588-980a-8f120bddcc44", "clientId": "Cl7-CX-BPDM", + "name": "", + "description": " BPDM Pool", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7011,107 +6985,42 @@ ] }, { - "id": "3fbe1a86-143d-4d52-8138-01aa23875664", - "clientId": "Cl9-CDQ-Fraud", + "id": "6a9209c2-ec16-476b-9a9f-61474610b790", + "clientId": "https://catenax-int-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "**********", "redirectUris": [ - "https://fraud-dashboard.int.demo.catena-x.net/*", - "https://keycloak.catenax-cdq.com/auth/*" + "https://catenax-int-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-int-dismantler-s66pftcc.aws-live-eu10" ], "webOrigins": [ - "+" + "https://catenax-int-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, + "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "saml.force.post.binding": "true", "saml.multivalued.roles": "false", - "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", + "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", + "backchannel.logout.session.required": "false", "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6a9209c2-ec16-476b-9a9f-61474610b790", - "clientId": "https://catenax-int-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "https://catenax-int-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-int-dismantler-s66pftcc.aws-live-eu10" - ], - "webOrigins": [ - "https://catenax-int-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": true, - "protocol": "saml", - "attributes": { - "saml.force.post.binding": "true", - "saml.multivalued.roles": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", - "oidc.ciba.grant.enabled": "false", - "backchannel.logout.session.required": "false", - "client_credentials.use_refresh_token": "false", - "saml.signature.algorithm": "RSA_SHA256", + "saml.signature.algorithm": "RSA_SHA256", "require.pushed.authorization.requests": "false", "saml.client.signature": "true", "id.token.as.detached.signature": "false", @@ -7422,8 +7331,9 @@ ] }, { - "id": "35134e77-f548-4b87-970c-cc0626496fcd", - "clientId": "sa-beta-cx1", + "id": "c33cfdab-5838-4c38-bd84-15b63502d604", + "clientId": "sa-cl10-cx-1", + "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7471,7 +7381,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "07f8b416-f24d-4cba-91f8-fd3ae0af4657", + "id": "429be913-0d7c-4bb1-b429-ed7b18822645", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7486,22 +7396,22 @@ } }, { - "id": "72681be8-4baf-475d-a9b9-47dee5326981", - "name": "BPN", + "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "2ac54aee-ac44-4a48-ae4a-bbdb5288c7f9", + "id": "d13abc34-92f7-4b7f-8684-f923f5798627", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7514,21 +7424,6 @@ "claim.name": "client_id", "jsonType.label": "String" } - }, - { - "id": "7cb8edc7-02f4-4c7c-84b4-b91cbac2d5e4", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7545,8 +7440,9 @@ ] }, { - "id": "b9ee94c4-f8de-40ba-8ea0-36d3ca28d3b5", - "clientId": "sa-beta-cx2", + "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", + "clientId": "sa-cl16-cx-1", + "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7594,7 +7490,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "296af6dd-9c38-41f4-b485-5f5eea375ccc", + "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7609,7 +7505,7 @@ } }, { - "id": "e00b42b8-8bcc-4b18-9999-86212378c5b1", + "id": "2722c105-eb0a-4af2-85c6-13499e443d99", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7624,7 +7520,7 @@ } }, { - "id": "24194317-3f62-417a-8442-62009cbf029e", + "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7637,21 +7533,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "ab7d3b61-de21-4527-b021-7b2d75182fee", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7668,14 +7549,17 @@ ] }, { - "id": "624a56df-7370-46f6-b00f-44791184bb28", - "clientId": "sa-beta-cx3", + "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", + "clientId": "sa-cl1-cx-1", + "description": "Service Account for Invicti DAST scan", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7705,8 +7589,8 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "saml.client.signature": "false", "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", @@ -7717,37 +7601,22 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09c3a032-eab0-4f2c-96df-b7c1b13d3634", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "62d698d8-24d6-4b3a-b533-c4bffdb65db1", - "name": "Client Host", + "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "2a1ab4a4-c250-49e0-9676-86564dea3062", + "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7762,17 +7631,17 @@ } }, { - "id": "f5071021-acc5-42be-98e1-8bccd62e8f1b", - "name": "Client IP Address", + "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -7791,14 +7660,17 @@ ] }, { - "id": "fb3deae9-5f34-4e9d-9a33-376f083f03c4", - "clientId": "sa-beta-cx4", + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7813,8 +7685,8 @@ "attributes": { "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.multivalued.roles": "false", "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -7828,34 +7700,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "daf63cfb-4e69-43f3-9c4e-7c9f91131364", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "53742f0f-0df2-4f2f-b6bd-e407d4bd0894", + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7870,32 +7727,32 @@ } }, { - "id": "343fe132-c419-484d-a7f7-a2316f855cec", - "name": "Client IP Address", + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "15332471-4d69-48fa-9bab-e51218faa13d", - "name": "Client ID", + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -7914,8 +7771,9 @@ ] }, { - "id": "8b05ebaa-0fa1-45fc-bc5c-8d75e2fa8166", - "clientId": "sa-beta-cx5", + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7959,41 +7817,41 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "4c831a50-2f22-407f-ac33-3b5bc19d824b", - "name": "Client ID", + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "764d1b6f-ecc1-46b7-8feb-e962fe8facd5", - "name": "BPN", + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "client_id", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "df7255f2-200f-4ebb-94bb-7edf96e2e127", + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -8006,21 +7864,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "b421ee98-98c8-41e2-8594-646b9ac40c67", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -8037,8 +7880,9 @@ ] }, { - "id": "062617f4-5efb-4f85-932f-26193737321e", - "clientId": "sa-beta-cx6", + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -8074,855 +7918,59 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "86a03690-8af2-4c80-ba47-94d05fc1cc47", - "name": "Client ID", + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "8657ab97-ddb1-4775-8d44-a3ccbfea213f", - "name": "Client Host", + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "6543b216-4e97-4dd9-a855-021de0d8b316", - "name": "Client IP Address", + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b167ce59-73d8-4f6c-a175-5cc742526628", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2b1424ac-3e67-42c7-be77-69aa57fe0834", - "clientId": "sa-beta-cx7", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "965eb625-e855-49f4-bb55-c0d73666d410", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "581a3217-3127-4484-a4c7-1491371a7b48", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "cf552528-6cb5-43a5-91c9-aac399e96730", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "ba208341-0e41-4dea-8397-619376833c3a", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "c33cfdab-5838-4c38-bd84-15b63502d604", - "clientId": "sa-cl10-cx-1", - "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "429be913-0d7c-4bb1-b429-ed7b18822645", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "d13abc34-92f7-4b7f-8684-f923f5798627", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", - "clientId": "sa-cl16-cx-1", - "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "2722c105-eb0a-4af2-85c6-13499e443d99", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", - "clientId": "sa-cl1-cx-1", - "description": "Service Account for Invicti DAST scan", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", - "clientId": "sa-cl1-reg-2", - "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", - "clientId": "sa-cl2-01", - "description": "Technical User Clearinghouse update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", - "clientId": "sa-cl2-02", - "description": "Technical User SelfDescription (SD) update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -9050,16 +8098,24 @@ ] }, { - "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", - "clientId": "sa-cl21-01", - "description": "Technical User Discovery Finder", + "id": "beb01d13-04e2-4a2b-a909-8b4166b3dcf7", + "clientId": "sa-cl2-04", + "name": "", + "description": "Technical User SSI Credential Issuer - Portal to SSI Credential Issuer (portal helm chart: backend.processesworker.issuerComponent.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9068,61 +8124,29 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712762205", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", + "oauth2.device.authorization.grant.enabled": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "id": "514cd3f7-8b0d-4a41-ae75-2b30b2be13f6", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -9130,38 +8154,39 @@ } }, { - "id": "8f318235-669e-4236-b8ea-f596b802f672", - "name": "BPN", + "id": "8502e4e1-3d19-47c0-8b8e-7f394228dbbe", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", - "name": "Client Host", + "id": "a045a68f-caca-4605-a438-ba2e0bcfad38", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9174,16 +8199,24 @@ ] }, { - "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", - "clientId": "sa-cl22-01", - "description": "Technical User BPN Discovery", + "id": "19b62d82-9df7-4bbd-9edc-8534bb0a7e68", + "clientId": "sa-cl2-05", + "name": "", + "description": "Technical User Dim Layer - Dim Layer to Portal (dim helm chart: processesworker.callback.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9192,100 +8225,69 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712764102", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09824b45-f47e-4213-90d5-7aec6a078314", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", - "name": "Client ID", + "id": "32f11424-4cff-472f-99bd-df98787216fe", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", - "name": "Client Host", + "id": "1e3f26ac-3578-4a04-adfa-6838d54560f8", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "36e185ed-3af8-489d-a94b-a280ae205e03", - "name": "Client IP Address", + "id": "4c0a8ac0-09e8-445e-9f2b-769750bc09a8", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9298,17 +8300,15 @@ ] }, { - "id": "7beaee76-d447-4531-9433-fd9ce19d1460", - "clientId": "sa-cl3-cx-1", - "name": "Technical User CX internal - communication GitHub and Semantic Hub", + "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9321,10 +8321,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9338,9 +8338,9 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" @@ -9350,51 +8350,52 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "702c92a9-9f89-4130-9d37-c1620529ca13", - "name": "BPN", + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.attribute": "bpn", + "user.session.note": "client_id", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "userinfo.token.claim": "true" + "claim.name": "client_id", + "jsonType.label": "String" } }, { - "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", - "name": "Client ID", + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", - "name": "Client IP Address", + "id": "8f318235-669e-4236-b8ea-f596b802f672", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9423,9 +8424,9 @@ ] }, { - "id": "d5a29608-9579-4af4-b895-458ff5b03276", - "clientId": "sa-cl3-cx-2", - "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", + "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9444,10 +8445,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9461,19 +8462,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "id": "09824b45-f47e-4213-90d5-7aec6a078314", "name": "BPN", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", @@ -9488,7 +8489,7 @@ } }, { - "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9503,32 +8504,32 @@ } }, { - "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", - "name": "Client IP Address", + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", - "name": "Client Host", + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -9547,18 +8548,24 @@ ] }, { - "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", - "clientId": "sa-cl5-custodian-1", - "description": "Technical User for SD Hub Call to Custodian for SD signature", + "id": "8ac37496-cca9-41ba-9684-cf7348f880d5", + "clientId": "sa-cl24-01", + "name": "", + "description": "Technical User for SSI Credential Issuer (credential issuer helm chart: processesworker.portal.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ - "*" + "/*" + ], + "webOrigins": [ + "/*" ], - "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9567,110 +8574,83 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "oauth2.device.authorization.grant.enabled": "false", + "client.secret.creation.time": "1712762654", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "30897db9-574e-49ee-b968-ede77a6baf67", - "name": "Client ID", + "id": "c176820f-4e65-4b63-90d5-31a058b31698", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "00879247-75ce-491f-abed-52a6a810f685", - "name": "Client Host", + "id": "1cbf20be-7fff-44c4-9eb5-a6868b2fb122", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", - "name": "Client IP Address", + "id": "471d6ae7-39a3-44f5-ac90-f31be999eb08", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "0c387b1e-5a80-47c8-82f5-693e3af79425", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "acr", + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", - "clientId": "sa-cl5-custodian-2", - "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technical User CX internal - communication GitHub and Semantic Hub", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9720,86 +8700,88 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", - "name": "Client Host", + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" + "claim.name": "bpn", + "userinfo.token.claim": "true" } }, { - "id": "728abacc-c436-4d67-b699-92957a69b519", - "name": "Client IP Address", + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "98c6f360-6714-455a-bc94-4fa0b5072866", - "name": "BPN", + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", - "name": "Client ID", + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "0dfcbe31-2482-46d7-bb09-0722b0e1c4f9", - "clientId": "sa-cl5-custodian-3", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "d5a29608-9579-4af4-b895-458ff5b03276", + "clientId": "sa-cl3-cx-2", + "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9837,82 +8819,91 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, + "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3e1df311-abd2-4878-9f0a-426fd1a50c0d", - "name": "Client IP Address", + "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "17a2ea60-79e2-4d57-8db7-9931b0e1a674", - "name": "Client Host", + "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "d6203b9c-6b72-44d0-8609-83077dd6a2e0", - "name": "Client ID", + "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "1db97b73-9663-4eb5-99ed-d103c4bda113", - "name": "BPN", + "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "7612bab1-3617-485e-8461-f1d2a7a6a92e", - "clientId": "sa-cl5-custodian-4", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "name": "", + "description": "Technical User for Portal to call Managed Identity Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9962,7 +8953,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "783956fc-c81e-4da3-871c-436eec1fa555", + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9977,37 +8968,37 @@ } }, { - "id": "f230563b-4e92-47e6-94d4-5d7ac8eef916", - "name": "BPN", + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "45b77e95-5844-48c4-ba44-6c883bed55b8", - "name": "Client IP Address", + "id": "98c6f360-6714-455a-bc94-4fa0b5072866", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "653db152-0505-4fcc-8d9e-51eee203610b", + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -13764,243 +12755,6 @@ "microprofile-jwt" ] }, - { - "id": "6e2f3a74-9277-4265-a0bd-8f8f41ba0530", - "clientId": "sa-cl7-cx-1", - "description": "Technical user created for BPDM / CDQ connect (SPOC: Peter Schenkel)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "33ef0160-e559-4fde-8faa-657140437026", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "61c367f1-dcd7-4190-9d63-97c0b3ae5afc", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "1c8aad27-8158-498b-bf99-e6de92799b6d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "d1c857fb-0c7d-4b6d-b6e8-34bf4de76d6d", - "clientId": "sa-cl7-cx-2", - "description": "Technical user for BPDM connection to Fraud App (Michael Wirth & CGI: Fabio)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "23db4b23-856e-4f3b-a1e2-f935d2373d0d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "5db07b78-2eb9-405d-a0eb-9ab0e94a1e4d", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "b01e802a-984a-4c95-a5f7-db4f3fd4b16b", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "09b70efe-f7e1-4880-a375-de44e2e1b38a", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "f6627ae5-54ac-4e53-871d-875de8879e51", "clientId": "sa-cl7-cx-3", @@ -14048,7 +12802,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14157,7 +12911,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14375,7 +13129,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14484,7 +13238,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -17224,14 +15978,6 @@ "autheticatorFlow": false, "userSetupAllowed": false }, - { - "authenticator": "registration-profile-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - }, { "authenticator": "registration-password-action", "authenticatorFlow": false, diff --git a/import/realm-config/consortia/catenax-central/pen/CX-Central-realm.json b/import/realm-config/consortia/catenax-central/pen/CX-Central-realm.json index 155bd07e..899418af 100644 --- a/import/realm-config/consortia/catenax-central/pen/CX-Central-realm.json +++ b/import/realm-config/consortia/catenax-central/pen/CX-Central-realm.json @@ -111,6 +111,7 @@ "security-admin-console": [], "sa-cl6-cx-17": [], "sa-cl10-cx-1": [], + "sa-cl24-01": [], "sa-cl16-cx-1": [], "Cl2-CX-Portal": [ { @@ -162,9 +163,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -182,24 +180,20 @@ "view_service_offering", "view_autosetup_status", "add_connectors", - "upload_documents", "view_own_user_account", "view_use_cases", "view_idp", - "view_services", "add_tech_user_management", "view_membership", "update_own_user_account", "add_service_offering", "view_service_subscriptions", "activate_subscription", - "view_tech_roles", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "view_subscription", "delete_notifications", "view_connectors", @@ -234,14 +228,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", - "name": "setup_client", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "34742e28-1497-4222-ad1f-93ab9feac92e", "name": "view_app_subscription", @@ -313,6 +299,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "8b4aa267-bb7e-40c9-8cd2-f82603fa066a", + "name": "update_application_bpn_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "19c0e799-4ffd-4709-8b38-45540c677e50", "name": "view_autosetup_status", @@ -327,9 +322,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -337,17 +329,16 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_technical_setup", - "view_tech_user_management", - "app_management", - "view_tech_roles", - "view_certificates", "view_app_language", "technical_roles_management", "CX User", + "view_technical_setup", + "view_tech_user_management", "edit_apps", + "app_management", "view_use_cases", - "view_apps" + "view_apps", + "view_certificates" ] } }, @@ -361,9 +352,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -383,9 +371,6 @@ "unsubscribe_apps", "view_user_management", "subscribe_apps", - "view_services", - "view_dataspaces", - "filter_apps", "view_service_subscriptions", "view_notifications", "view_certificates", @@ -409,14 +394,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "03acc78a-0301-4518-a548-d5bd782c3d13", - "name": "decision_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", "name": "add_connectors", @@ -479,14 +456,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "15bd8123-3469-4505-93ff-a5bd3b929495", - "name": "subscribe_service_offering", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "66f4b417-25d4-47d7-b3d2-e6eb80bcba5e", "name": "create_partner_registration", @@ -548,15 +517,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", - "name": "view_tech_roles", - "description": "View technical user roles", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", "name": "view_client_roles", @@ -575,14 +535,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "29ac8c4d-5296-467c-91fa-3a0d7487c912", - "name": "request_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", "name": "delete_user_account", @@ -676,9 +628,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -717,8 +666,6 @@ "delete_tech_user_management", "subscribe_service", "delete_own_user_account", - "request_ssicredential", - "my_user_account", "delete_user_account", "view_apps", "view_subscription", @@ -743,9 +690,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -753,16 +697,15 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_service_subscriptions", - "activate_subscription", - "view_certificates", "subscribe_service", "CX User", "view_service_offering", "unsubscribe_apps", + "view_service_subscriptions", "unsubscribe_services", - "subscribe_apps", - "view_services" + "activate_subscription", + "view_certificates", + "subscribe_apps" ] } }, @@ -770,6 +713,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "b01f9c19-adde-4bca-be36-d2e21cedc37a", + "name": "store_didDocument", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", "name": "delete_apps", @@ -797,6 +749,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "3b336c72-0f9c-440e-8427-16028439c5e6", + "name": "update_application_membership_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", "name": "view_service_marketplace", @@ -812,9 +773,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -826,7 +784,6 @@ "view_documents", "delete_connectors", "upload_certificates", - "setup_client", "view_app_subscription", "delete_documents", "view_company_data", @@ -840,15 +797,12 @@ "view_user_management", "view_idp", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -860,21 +814,16 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", - "view_dataspaces", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "unsubscribe_services", "view_apps", "modify_connectors", @@ -900,9 +849,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -912,22 +858,18 @@ "Cl2-CX-Portal": [ "view_documents", "view_membership", - "view_dataspaces", "update_own_user_account", - "filter_apps", "view_company_data", "view_notifications", "view_certificates", "view_service_marketplace", "view_service_offering", "delete_own_user_account", - "my_user_account", "view_own_user_account", "view_apps", "view_user_management", "view_subscription", "delete_notifications", - "view_services", "view_partner_network" ], "Cl3-CX-Semantic": [ @@ -971,9 +913,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1004,14 +943,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "39c00d2f-491f-4658-96ef-9f47920afea6", - "name": "upload_documents", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", "name": "view_use_cases", @@ -1030,15 +961,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", - "name": "view_services", - "description": "view service marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", "name": "update_application_checklist_value", @@ -1083,15 +1005,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", - "name": "view_dataspaces", - "description": "View dataspace marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b06c2999-6008-4fb6-a22f-93fdac150656", "name": "decline_app_release", @@ -1109,24 +1022,12 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", - "name": "filter_apps", - "description": "Users with this role can filter apps in the App Marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "765bced5-b422-4f91-b35f-19d648595e6a", "name": "Purchaser", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1135,7 +1036,6 @@ ], "Cl2-CX-Portal": [ "delete_certificates", - "subscribe_service_offering", "CX User", "upload_certificates", "unsubscribe_apps", @@ -1173,11 +1073,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" - ], "Cl5-CX-Custodian": [ "delete_wallet", "add_wallet", @@ -1187,6 +1082,9 @@ "Cl1-CX-Registration": [ "view_registration" ], + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential" + ], "Cl2-CX-Portal": [ "decline_new_partner", "update_company_role", @@ -1194,7 +1092,6 @@ "delete_connectors", "update_service_offering", "invite_new_partner", - "setup_client", "view_app_subscription", "delete_documents", "app_management", @@ -1203,24 +1100,20 @@ "view_app_language", "modify_user_account", "view_autosetup_status", - "decision_ssicredential", "add_connectors", "view_own_user_account", "view_user_management", "view_idp", "add_apps", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "view_service_subscriptions", "activate_subscription", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -1237,24 +1130,19 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", "decline_service_release", - "view_dataspaces", "decline_app_release", "add_service_offering", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "create_notifications", "edit_apps", "unsubscribe_services", @@ -1295,17 +1183,17 @@ "attributes": {} }, { - "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", - "name": "delete_own_user_account", + "id": "cae19290-f11e-4532-b046-e07e302078e2", + "name": "send_mail", + "description": "", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, { - "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", - "name": "my_user_account", - "description": "view my own user account details", + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", @@ -1455,24 +1343,63 @@ ], "Cl7-CX-BPDM": [ { - "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", - "name": "delete_company_data", + "id": "da4b989c-d2fb-4276-bec7-bdad739e0864", + "name": "write_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", - "name": "add_company_data", + "id": "8d2f5f1a-bb4f-42fd-9947-18f799174bd8", + "name": "read_changelog_member", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", - "name": "view_company_data", + "id": "810ced5e-4eb9-42d7-90e0-2f5dd3aaa2a2", + "name": "read_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "b0cf08cf-3b00-4ed2-9871-79093200029e", + "name": "read_metadata", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "fc598e8a-eb9b-44e6-8c5b-c2870fefcd95", + "name": "read_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "33725fd2-bc24-4355-8c9e-979b352c0444", + "name": "read_partner_member", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "36db1cdc-308a-43d5-a3cb-43c676ca4eee", + "name": "write_metadata", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", @@ -1697,24 +1624,81 @@ "sa-cl6-cx-23": [], "Cl16-CX-BPDMGate": [ { - "id": "891e715a-7fdb-4dbe-a177-998a383ee836", - "name": "view_company_data", + "id": "af471823-bcca-4267-bbf6-c3183380358f", + "name": "read_output_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "33e96ab8-df1f-4fc1-bdda-3509e3e76e2e", + "name": "read_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "b280b367-6ba5-4ba1-8a64-8f61877c9f17", + "name": "read_input_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "27ce5626-0186-4ced-8e14-ecfcbc2f4330", + "name": "read_sharing_state", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e8516251-0f90-4d1a-9a6c-7fd44d52ecc0", + "name": "write_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e5cd5783-d48a-4d25-acf9-13fb8138715a", + "name": "read_input_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "364db9ec-ceb2-47b8-a892-f70bae1c89c5", + "name": "write_sharing_state", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", - "name": "update_company_data", + "id": "1d16924d-fca4-495b-a227-0cbf80b31d96", + "name": "read_stats", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", - "name": "view_shared_data", + "id": "3378cc71-3097-40f9-aaab-7ec66fa9bc54", + "name": "write_input_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", @@ -1726,9 +1710,7 @@ "sa-cl6-cx-26": [], "sa-cl6-cx-27": [], "sa-cl6-cx-28": [], - "sa-cl7-cx-1": [], "sa-cl5-custodian-internaltest": [], - "sa-cl7-cx-2": [], "sa-cl7-cx-3": [], "sa-cl7-cx-4": [], "sa-cl21-01": [], @@ -1738,7 +1720,6 @@ "sa-cl1-cx-1": [], "sa-cl6-cx-20": [], "sa_testAutomation": [], - "sa-cl5-custodian-3": [], "Cl15-BOSCH-AFQM": [ { "id": "07e4c7f0-f7c1-420a-8788-81eb42b5a8cd", @@ -1749,8 +1730,6 @@ "attributes": {} } ], - "sa-cl5-custodian-4": [], - "sa-cl5-custodian-1": [], "sa-cl5-custodian-2": [], "sa-cl6-cx-18": [], "sa-cl6-cx-19": [], @@ -1799,9 +1778,11 @@ "sa-cl2-02": [], "sa-cl6-cx-8": [], "sa-cl2-01": [], + "sa-cl2-04": [], "sa-cl6-cx-6": [], "sa-cl2-03": [], "sa-cl6-cx-5": [], + "sa-cl2-05": [], "account-console": [], "sa-cl22-01": [], "Cl18-CX-Pal": [ @@ -1814,6 +1795,62 @@ "attributes": {} } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "id": "1627e267-4422-46a8-b261-e26b5d852a33", + "name": "decision_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "793ed13a-2297-4182-9d75-e91b003e42a5", + "name": "view_use_case_participation", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "9e96cc27-03a7-4b7d-b3b8-aa886b81fd15", + "name": "revoke_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "48c621d7-1056-4d6c-ae9b-7da255066124", + "name": "revoke_credentials_issuer", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "2337ed3b-e46f-4b85-b3f3-7e244a20e85e", + "name": "request_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "763f8a43-d6f6-4b76-98a8-5082d3345f27", + "name": "view_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + } + ], "sa-cl6-cx-30": [], "Cl17-CX-Part": [ { @@ -1879,15 +1916,14 @@ ], "technical_roles_management": [ { - "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", - "name": "BPDM Management", + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" + "Cl3-CX-Semantic": [ + "view_semantic_model" ] } }, @@ -1896,14 +1932,22 @@ "attributes": {} }, { - "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", - "name": "CX Membership Info", + "id": "5d4a663d-d188-4df8-a86d-b2ae40920ab8", + "name": "BPDM Sharing Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_membership" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_input_changelog", + "read_sharing_state", + "write_output_partner", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -1912,14 +1956,17 @@ "attributes": {} }, { - "id": "4776c000-7232-4804-a133-aff0c01966ba", - "name": "Semantic Model Management", + "id": "21f929c1-a547-46a5-8660-6eb5d5091ba5", + "name": "BPDM Sharing Input Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl3-CX-Semantic": [ - "view_semantic_model" + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "read_input_partner", + "read_stats" ] } }, @@ -1928,16 +1975,14 @@ "attributes": {} }, { - "id": "ffdc000a-7b44-4117-8794-c87492a50604", - "name": "BPDM Gate Read & Write", - "description": "", + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "Cl2-CX-Portal": [ + "create_partner_registration", + "configure_partner_registration" ] } }, @@ -1946,13 +1991,18 @@ "attributes": {} }, { - "id": "20f2c41a-dacd-4505-877a-bb899066a767", - "name": "BPDM Pool", + "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", + "name": "Offer Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" + "Cl2-CX-Portal": [ + "view_tech_user_management", + "add_service_offering", + "add_connectors", + "app_management", + "activate_subscription" ] } }, @@ -1961,14 +2011,21 @@ "attributes": {} }, { - "id": "75211526-5c5e-4c6d-a377-627402c3f1b3", - "name": "BPDM Gate Read", - "description": "", + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data" + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ], + "Cl21-CX-DF": [ + "view_discovery_endpoint" + ], + "Cl2-CX-Portal": [ + "view_connectors" ] } }, @@ -1977,14 +2034,15 @@ "attributes": {} }, { - "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", - "name": "Identity Wallet Management", + "id": "281b856c-b74a-4753-99bb-bdcd810a212e", + "name": "IRS Management", + "description": "", "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" + "Cl20-CX-IRS": [ + "view_irs", + "admin_irs" ] } }, @@ -1993,14 +2051,14 @@ "attributes": {} }, { - "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", - "name": "Registration External", + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", "composite": true, "composites": { "client": { "Cl2-CX-Portal": [ - "create_partner_registration", - "configure_partner_registration" + "view_membership" ] } }, @@ -2009,18 +2067,36 @@ "attributes": {} }, { - "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", - "name": "Offer Management", + "id": "8805517d-63db-4d08-b6f2-cd8038929111", + "name": "BPDM Pool Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_tech_user_management", - "add_service_offering", - "add_connectors", - "app_management", - "activate_subscription" + "Cl7-CX-BPDM": [ + "write_partner", + "read_changelog_member", + "read_changelog", + "read_metadata", + "read_partner", + "read_partner_member", + "write_metadata" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" ] } }, @@ -2029,15 +2105,19 @@ "attributes": {} }, { - "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", - "name": "BPDM Partner Gate", + "id": "62f6d094-b5ad-4a64-9ce3-e1ee425f1491", + "name": "BPDM Sharing Input Manager", + "description": "", "composite": true, "composites": { "client": { "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "read_input_changelog", + "read_sharing_state", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -2046,21 +2126,17 @@ "attributes": {} }, { - "id": "d5781775-3fbd-4f46-84ea-b19164393205", - "name": "Dataspace Discovery", + "id": "ab1aedcb-9ae9-4a89-bb07-64ebb24d950e", + "name": "BPDM Sharing Output Consumer", + "description": "", "composite": true, "composites": { "client": { - "Cl22-CX-BPND": [ - "add_bpn_discovery", - "delete_bpn_discovery", - "view_bpn_discovery" - ], - "Cl21-CX-DF": [ - "view_discovery_endpoint" - ], - "Cl2-CX-Portal": [ - "view_connectors" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_sharing_state", + "read_stats" ] } }, @@ -2069,15 +2145,16 @@ "attributes": {} }, { - "id": "281b856c-b74a-4753-99bb-bdcd810a212e", - "name": "IRS Management", + "id": "cb9628e5-1ffa-4aa3-a8e8-3cfa8119ce30", + "name": "BPDM Pool Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl20-CX-IRS": [ - "view_irs", - "admin_irs" + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_changelog", + "read_metadata" ] } }, @@ -2086,12 +2163,7 @@ "attributes": {} } ], - "Cl12-CX-TestManager": [], "sa-cl6-cx-29": [], - "sa-beta-cx7": [], - "sa-beta-cx6": [], - "sa-beta-cx5": [], - "sa-beta-cx4": [], "Cl20-CX-IRS": [ { "id": "ee61636e-de19-41cb-be70-ec4c730c474c", @@ -2112,10 +2184,7 @@ "attributes": {} } ], - "sa-beta-cx3": [], "sa-cl5-cx-1": [], - "sa-beta-cx2": [], - "sa-beta-cx1": [], "Cl16-CX-CRisk": [ { "id": "3fc6e7e8-9115-4d0f-a0ab-3f950321af11", @@ -2265,9 +2334,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl1-CX-Registration": [ "add_company_data", "view_registration", @@ -2532,24 +2598,6 @@ "attributes": {} } ], - "Cl9-CDQ-Fraud": [ - { - "id": "9f5d6884-a643-4846-bddc-39adeda9aef2", - "name": "fraud_app_manager", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - }, - { - "id": "2d7ea02b-114a-40d6-9c2c-ef57cc7eef67", - "name": "fraud_app_user", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - } - ], "sa-cl6-cx-9": [], "account": [ { @@ -2672,10 +2720,11 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppMicrosoftAuthenticatorName", "totpAppFreeOTPName", - "totpAppGoogleName" + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName" ], + "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": [ "ES256" @@ -2688,6 +2737,7 @@ "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": [ "ES256" @@ -2700,6 +2750,7 @@ "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "webAuthnPolicyPasswordlessExtraOrigins": [], "users": [ { "id" : "6529834b-a4c1-4b11-a200-d77e5fe7443f", @@ -3534,15 +3585,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ], - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3559,11 +3601,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3670,6 +3707,53 @@ "notBefore": 0, "groups": [] }, + { + "id": "2f44169e-c974-4655-a5bf-eea00ba7e654", + "createdTimestamp": 1712762205184, + "username": "service-account-sa-cl2-04", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-04", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential", + "view_use_case_participation", + "revoke_credential", + "revoke_credentials_issuer", + "request_ssicredential", + "view_certificates" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e8bc6470-28ee-4c40-a2d9-27c6e78f303b", + "createdTimestamp": 1712764191865, + "username": "service-account-sa-cl2-05", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-05", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "store_didDocument" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "319d6b7f-bd88-4103-8124-e8ac4c791acf", "createdTimestamp": 1681915810810, @@ -3726,6 +3810,30 @@ "notBefore": 0, "groups": [] }, + { + "id": "e4a7204c-2fa8-4909-baa9-3fbc2fa6ec12", + "createdTimestamp": 1712762654440, + "username": "service-account-sa-cl24-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl24-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_membership_credential", + "send_mail", + "update_application_bpn_credential", + "create_notifications" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", "createdTimestamp": 1658347753956, @@ -3787,35 +3895,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", - "createdTimestamp": 1651615151516, - "username": "service-account-sa-cl5-custodian-1", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-1", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "update_wallets", - "view_wallet", - "update_wallet", - "view_wallets" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", "createdTimestamp": 1657558751239, @@ -3849,60 +3928,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "0e1028a6-99c2-46ad-a323-9917ebe7346b", - "createdTimestamp": 1657571043337, - "username": "service-account-sa-cl5-custodian-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-3", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "300de02c-e667-4528-ac99-a3749c214bd2", - "createdTimestamp": 1657571107848, - "username": "service-account-sa-cl5-custodian-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-4", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "8b7b0192-b24f-41b3-b7b7-b49efcc49e34", "createdTimestamp": 1654613733324, @@ -4754,9 +4779,6 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "technical_roles_management": [ "Semantic Model Management", "Identity Wallet Management", @@ -4773,85 +4795,42 @@ "groups": [] }, { - "id": "b1d71881-2aa8-4a67-b8ce-c101d6290832", - "createdTimestamp": 1657541056572, - "username": "service-account-sa-cl7-cx-1", + "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", + "createdTimestamp": 1664293185323, + "username": "service-account-sa-cl7-cx-3", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-1", + "serviceAccountClientId": "sa-cl7-cx-3", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin" ] }, "notBefore": 0, "groups": [] }, { - "id": "1e60cc6d-17cd-442c-ace7-ec94067c5f85", - "createdTimestamp": 1658900179675, - "username": "service-account-sa-cl7-cx-2", + "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", + "createdTimestamp": 1664293263973, + "username": "service-account-sa-cl7-cx-4", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-2", + "serviceAccountClientId": "sa-cl7-cx-4", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", - "createdTimestamp": 1664293185323, - "username": "service-account-sa-cl7-cx-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-3", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", - "createdTimestamp": 1664293263973, - "username": "service-account-sa-cl7-cx-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-4", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4871,14 +4850,9 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" - ], - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -4898,8 +4872,8 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4920,8 +4894,8 @@ ], "clientRoles": { "technical_roles_management": [ - "BPDM Management", - "BPDM Partner Gate" + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -5103,16 +5077,6 @@ ] } ], - "Cl16-CX-BPDMGate": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "update_company_data", - "view_shared_data", - "view_company_data" - ] - } - ], "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ { "client": "https://catenax-pen-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", @@ -5132,15 +5096,6 @@ ] } ], - "Cl7-CX-BPDM": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "add_company_data", - "view_company_data" - ] - } - ], "technical_roles_management": [ { "client": "sa-cl3-cx-1", @@ -5149,46 +5104,43 @@ "Semantic Model Management", "Identity Wallet Management" ] - } - ], - "Cl5-CX-Custodian": [ + }, { - "client": "sa-cl5-custodian-1", + "client": "sa-cl7-cx-3", "roles": [ - "update_wallets", - "update_wallet", - "view_wallets", - "view_wallet" + "BPDM Pool Admin" ] }, { - "client": "sa-cl5-custodian-2", + "client": "sa-cl7-cx-4", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-3", + "client": "sa-cl7-cx-5", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + }, + { + "client": "sa-cl7-cx-6", + "roles": [ + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-4", + "client": "sa-cl7-cx-7", + "roles": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-2", "roles": [ "delete_wallet", "delete_wallets", @@ -5210,6 +5162,19 @@ ] } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "client": "sa-cl2-04", + "roles": [ + "view_use_case_participation", + "revoke_credentials_issuer", + "view_certificates", + "request_ssicredential", + "revoke_credential", + "decision_ssicredential" + ] + } + ], "account": [ { "client": "account-console", @@ -5233,6 +5198,21 @@ "update_application_checklist_value" ] }, + { + "client": "sa-cl2-05", + "roles": [ + "store_didDocument" + ] + }, + { + "client": "sa-cl24-01", + "roles": [ + "send_mail", + "create_notifications", + "update_application_membership_credential", + "update_application_bpn_credential" + ] + }, { "client": "sa-cl8-cx-1", "roles": [ @@ -5602,73 +5582,6 @@ "microprofile-jwt" ] }, - { - "id": "2a82462c-5745-43bb-859c-f5a2e74611de", - "clientId": "Cl12-CX-TestManager", - "name": "Testdaten-Manager", - "description": "Testdaten Manager SSO", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [ - "+" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", "clientId": "Cl13-CX-Battery", @@ -5920,6 +5833,11 @@ { "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "clientId": "Cl16-CX-BPDMGate", + "name": "", + "description": "Portal Gate", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -6643,6 +6561,57 @@ "microprofile-jwt" ] }, + { + "id": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "clientId": "Cl24-CX-SSI-CredentialIssuer", + "name": "", + "description": "Client for SSI Credential Issuer", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, { "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "clientId": "Cl2-CX-Portal", @@ -6948,6 +6917,11 @@ { "id": "04cd6d38-674f-4588-980a-8f120bddcc44", "clientId": "Cl7-CX-BPDM", + "name": "", + "description": " BPDM Pool", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7011,107 +6985,42 @@ ] }, { - "id": "3fbe1a86-143d-4d52-8138-01aa23875664", - "clientId": "Cl9-CDQ-Fraud", + "id": "6a9209c2-ec16-476b-9a9f-61474610b790", + "clientId": "https://catenax-pen-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "**********", "redirectUris": [ - "https://fraud-dashboard-pen.dev.demo.catena-x.net/*", - "https://keycloak.catenax-cdq.com/auth/*" + "https://catenax-pen-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-pen-dev-dismantler-s66pftcc.aws-live-eu10" ], "webOrigins": [ - "+" + "https://catenax-pen-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, + "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "saml.force.post.binding": "true", "saml.multivalued.roles": "false", - "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", + "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", + "backchannel.logout.session.required": "false", "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6a9209c2-ec16-476b-9a9f-61474610b790", - "clientId": "https://catenax-pen-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "https://catenax-pen-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-pen-dev-dismantler-s66pftcc.aws-live-eu10" - ], - "webOrigins": [ - "https://catenax-pen-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": true, - "protocol": "saml", - "attributes": { - "saml.force.post.binding": "true", - "saml.multivalued.roles": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", - "oidc.ciba.grant.enabled": "false", - "backchannel.logout.session.required": "false", - "client_credentials.use_refresh_token": "false", - "saml.signature.algorithm": "RSA_SHA256", + "saml.signature.algorithm": "RSA_SHA256", "require.pushed.authorization.requests": "false", "saml.client.signature": "true", "id.token.as.detached.signature": "false", @@ -7422,8 +7331,9 @@ ] }, { - "id": "35134e77-f548-4b87-970c-cc0626496fcd", - "clientId": "sa-beta-cx1", + "id": "c33cfdab-5838-4c38-bd84-15b63502d604", + "clientId": "sa-cl10-cx-1", + "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7471,7 +7381,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "07f8b416-f24d-4cba-91f8-fd3ae0af4657", + "id": "429be913-0d7c-4bb1-b429-ed7b18822645", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7486,22 +7396,22 @@ } }, { - "id": "72681be8-4baf-475d-a9b9-47dee5326981", - "name": "BPN", + "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "2ac54aee-ac44-4a48-ae4a-bbdb5288c7f9", + "id": "d13abc34-92f7-4b7f-8684-f923f5798627", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7514,21 +7424,6 @@ "claim.name": "client_id", "jsonType.label": "String" } - }, - { - "id": "7cb8edc7-02f4-4c7c-84b4-b91cbac2d5e4", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7545,8 +7440,9 @@ ] }, { - "id": "b9ee94c4-f8de-40ba-8ea0-36d3ca28d3b5", - "clientId": "sa-beta-cx2", + "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", + "clientId": "sa-cl16-cx-1", + "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7594,7 +7490,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "296af6dd-9c38-41f4-b485-5f5eea375ccc", + "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7609,7 +7505,7 @@ } }, { - "id": "e00b42b8-8bcc-4b18-9999-86212378c5b1", + "id": "2722c105-eb0a-4af2-85c6-13499e443d99", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7624,7 +7520,7 @@ } }, { - "id": "24194317-3f62-417a-8442-62009cbf029e", + "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7637,21 +7533,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "ab7d3b61-de21-4527-b021-7b2d75182fee", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7668,14 +7549,17 @@ ] }, { - "id": "624a56df-7370-46f6-b00f-44791184bb28", - "clientId": "sa-beta-cx3", + "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", + "clientId": "sa-cl1-cx-1", + "description": "Service Account for Invicti DAST scan", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7705,8 +7589,8 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "saml.client.signature": "false", "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", @@ -7717,37 +7601,22 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09c3a032-eab0-4f2c-96df-b7c1b13d3634", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "62d698d8-24d6-4b3a-b533-c4bffdb65db1", - "name": "Client Host", + "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "2a1ab4a4-c250-49e0-9676-86564dea3062", + "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7762,17 +7631,17 @@ } }, { - "id": "f5071021-acc5-42be-98e1-8bccd62e8f1b", - "name": "Client IP Address", + "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -7791,14 +7660,17 @@ ] }, { - "id": "fb3deae9-5f34-4e9d-9a33-376f083f03c4", - "clientId": "sa-beta-cx4", + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7813,8 +7685,8 @@ "attributes": { "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.multivalued.roles": "false", "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -7828,34 +7700,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "daf63cfb-4e69-43f3-9c4e-7c9f91131364", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "53742f0f-0df2-4f2f-b6bd-e407d4bd0894", + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7870,32 +7727,32 @@ } }, { - "id": "343fe132-c419-484d-a7f7-a2316f855cec", - "name": "Client IP Address", + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "15332471-4d69-48fa-9bab-e51218faa13d", - "name": "Client ID", + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -7914,8 +7771,9 @@ ] }, { - "id": "8b05ebaa-0fa1-45fc-bc5c-8d75e2fa8166", - "clientId": "sa-beta-cx5", + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7959,41 +7817,41 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "4c831a50-2f22-407f-ac33-3b5bc19d824b", - "name": "Client ID", + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "764d1b6f-ecc1-46b7-8feb-e962fe8facd5", - "name": "BPN", + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "client_id", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "df7255f2-200f-4ebb-94bb-7edf96e2e127", + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -8006,21 +7864,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "b421ee98-98c8-41e2-8594-646b9ac40c67", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -8037,8 +7880,9 @@ ] }, { - "id": "062617f4-5efb-4f85-932f-26193737321e", - "clientId": "sa-beta-cx6", + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -8074,855 +7918,59 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "86a03690-8af2-4c80-ba47-94d05fc1cc47", - "name": "Client ID", + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "8657ab97-ddb1-4775-8d44-a3ccbfea213f", - "name": "Client Host", + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "6543b216-4e97-4dd9-a855-021de0d8b316", - "name": "Client IP Address", + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b167ce59-73d8-4f6c-a175-5cc742526628", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2b1424ac-3e67-42c7-be77-69aa57fe0834", - "clientId": "sa-beta-cx7", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "965eb625-e855-49f4-bb55-c0d73666d410", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "581a3217-3127-4484-a4c7-1491371a7b48", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "cf552528-6cb5-43a5-91c9-aac399e96730", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "ba208341-0e41-4dea-8397-619376833c3a", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "c33cfdab-5838-4c38-bd84-15b63502d604", - "clientId": "sa-cl10-cx-1", - "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "429be913-0d7c-4bb1-b429-ed7b18822645", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "d13abc34-92f7-4b7f-8684-f923f5798627", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", - "clientId": "sa-cl16-cx-1", - "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "2722c105-eb0a-4af2-85c6-13499e443d99", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", - "clientId": "sa-cl1-cx-1", - "description": "Service Account for Invicti DAST scan", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", - "clientId": "sa-cl1-reg-2", - "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", - "clientId": "sa-cl2-01", - "description": "Technical User Clearinghouse update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", - "clientId": "sa-cl2-02", - "description": "Technical User SelfDescription (SD) update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -9050,16 +8098,24 @@ ] }, { - "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", - "clientId": "sa-cl21-01", - "description": "Technical User Discovery Finder", + "id": "beb01d13-04e2-4a2b-a909-8b4166b3dcf7", + "clientId": "sa-cl2-04", + "name": "", + "description": "Technical User SSI Credential Issuer - Portal to SSI Credential Issuer (portal helm chart: backend.processesworker.issuerComponent.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9068,61 +8124,29 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712762205", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", + "oauth2.device.authorization.grant.enabled": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "id": "514cd3f7-8b0d-4a41-ae75-2b30b2be13f6", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -9130,38 +8154,39 @@ } }, { - "id": "8f318235-669e-4236-b8ea-f596b802f672", - "name": "BPN", + "id": "8502e4e1-3d19-47c0-8b8e-7f394228dbbe", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", - "name": "Client Host", + "id": "a045a68f-caca-4605-a438-ba2e0bcfad38", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9174,16 +8199,24 @@ ] }, { - "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", - "clientId": "sa-cl22-01", - "description": "Technical User BPN Discovery", + "id": "19b62d82-9df7-4bbd-9edc-8534bb0a7e68", + "clientId": "sa-cl2-05", + "name": "", + "description": "Technical User Dim Layer - Dim Layer to Portal (dim helm chart: processesworker.callback.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9192,100 +8225,69 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712764102", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09824b45-f47e-4213-90d5-7aec6a078314", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", - "name": "Client ID", + "id": "32f11424-4cff-472f-99bd-df98787216fe", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", - "name": "Client Host", + "id": "1e3f26ac-3578-4a04-adfa-6838d54560f8", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "36e185ed-3af8-489d-a94b-a280ae205e03", - "name": "Client IP Address", + "id": "4c0a8ac0-09e8-445e-9f2b-769750bc09a8", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9298,17 +8300,15 @@ ] }, { - "id": "7beaee76-d447-4531-9433-fd9ce19d1460", - "clientId": "sa-cl3-cx-1", - "name": "Technical User CX internal - communication GitHub and Semantic Hub", + "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9321,10 +8321,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9338,9 +8338,9 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" @@ -9350,51 +8350,52 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "702c92a9-9f89-4130-9d37-c1620529ca13", - "name": "BPN", + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.attribute": "bpn", + "user.session.note": "client_id", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "userinfo.token.claim": "true" + "claim.name": "client_id", + "jsonType.label": "String" } }, { - "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", - "name": "Client ID", + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", - "name": "Client IP Address", + "id": "8f318235-669e-4236-b8ea-f596b802f672", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9423,9 +8424,9 @@ ] }, { - "id": "d5a29608-9579-4af4-b895-458ff5b03276", - "clientId": "sa-cl3-cx-2", - "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", + "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9444,10 +8445,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9461,19 +8462,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "id": "09824b45-f47e-4213-90d5-7aec6a078314", "name": "BPN", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", @@ -9488,7 +8489,7 @@ } }, { - "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9503,32 +8504,32 @@ } }, { - "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", - "name": "Client IP Address", + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", - "name": "Client Host", + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -9547,18 +8548,24 @@ ] }, { - "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", - "clientId": "sa-cl5-custodian-1", - "description": "Technical User for SD Hub Call to Custodian for SD signature", + "id": "8ac37496-cca9-41ba-9684-cf7348f880d5", + "clientId": "sa-cl24-01", + "name": "", + "description": "Technical User for SSI Credential Issuer (credential issuer helm chart: processesworker.portal.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ - "*" + "/*" + ], + "webOrigins": [ + "/*" ], - "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9567,110 +8574,83 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "oauth2.device.authorization.grant.enabled": "false", + "client.secret.creation.time": "1712762654", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "30897db9-574e-49ee-b968-ede77a6baf67", - "name": "Client ID", + "id": "c176820f-4e65-4b63-90d5-31a058b31698", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "00879247-75ce-491f-abed-52a6a810f685", - "name": "Client Host", + "id": "1cbf20be-7fff-44c4-9eb5-a6868b2fb122", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", - "name": "Client IP Address", + "id": "471d6ae7-39a3-44f5-ac90-f31be999eb08", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "0c387b1e-5a80-47c8-82f5-693e3af79425", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "acr", + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", - "clientId": "sa-cl5-custodian-2", - "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technical User CX internal - communication GitHub and Semantic Hub", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9720,86 +8700,88 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", - "name": "Client Host", + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" + "claim.name": "bpn", + "userinfo.token.claim": "true" } }, { - "id": "728abacc-c436-4d67-b699-92957a69b519", - "name": "Client IP Address", + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "98c6f360-6714-455a-bc94-4fa0b5072866", - "name": "BPN", + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", - "name": "Client ID", + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "0dfcbe31-2482-46d7-bb09-0722b0e1c4f9", - "clientId": "sa-cl5-custodian-3", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "d5a29608-9579-4af4-b895-458ff5b03276", + "clientId": "sa-cl3-cx-2", + "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9837,82 +8819,91 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, + "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3e1df311-abd2-4878-9f0a-426fd1a50c0d", - "name": "Client IP Address", + "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "17a2ea60-79e2-4d57-8db7-9931b0e1a674", - "name": "Client Host", + "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "d6203b9c-6b72-44d0-8609-83077dd6a2e0", - "name": "Client ID", + "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "1db97b73-9663-4eb5-99ed-d103c4bda113", - "name": "BPN", + "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "7612bab1-3617-485e-8461-f1d2a7a6a92e", - "clientId": "sa-cl5-custodian-4", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "name": "", + "description": "Technical User for Portal to call Managed Identity Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9962,7 +8953,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "783956fc-c81e-4da3-871c-436eec1fa555", + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9977,37 +8968,37 @@ } }, { - "id": "f230563b-4e92-47e6-94d4-5d7ac8eef916", - "name": "BPN", + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "45b77e95-5844-48c4-ba44-6c883bed55b8", - "name": "Client IP Address", + "id": "98c6f360-6714-455a-bc94-4fa0b5072866", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "653db152-0505-4fcc-8d9e-51eee203610b", + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -13764,243 +12755,6 @@ "microprofile-jwt" ] }, - { - "id": "6e2f3a74-9277-4265-a0bd-8f8f41ba0530", - "clientId": "sa-cl7-cx-1", - "description": "Technical user created for BPDM / CDQ connect (SPOC: Peter Schenkel)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "33ef0160-e559-4fde-8faa-657140437026", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "61c367f1-dcd7-4190-9d63-97c0b3ae5afc", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "1c8aad27-8158-498b-bf99-e6de92799b6d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "d1c857fb-0c7d-4b6d-b6e8-34bf4de76d6d", - "clientId": "sa-cl7-cx-2", - "description": "Technical user for BPDM connection to Fraud App (Michael Wirth & CGI: Fabio)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "23db4b23-856e-4f3b-a1e2-f935d2373d0d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "5db07b78-2eb9-405d-a0eb-9ab0e94a1e4d", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "b01e802a-984a-4c95-a5f7-db4f3fd4b16b", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "09b70efe-f7e1-4880-a375-de44e2e1b38a", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "f6627ae5-54ac-4e53-871d-875de8879e51", "clientId": "sa-cl7-cx-3", @@ -14048,7 +12802,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14157,7 +12911,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14375,7 +13129,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14484,7 +13238,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -17224,14 +15978,6 @@ "autheticatorFlow": false, "userSetupAllowed": false }, - { - "authenticator": "registration-profile-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - }, { "authenticator": "registration-password-action", "authenticatorFlow": false, diff --git a/import/realm-config/consortia/catenax-central/rc/CX-Central-realm.json b/import/realm-config/consortia/catenax-central/rc/CX-Central-realm.json index 76b1d1c8..2209d1ab 100644 --- a/import/realm-config/consortia/catenax-central/rc/CX-Central-realm.json +++ b/import/realm-config/consortia/catenax-central/rc/CX-Central-realm.json @@ -111,6 +111,7 @@ "security-admin-console": [], "sa-cl6-cx-17": [], "sa-cl10-cx-1": [], + "sa-cl24-01": [], "sa-cl16-cx-1": [], "Cl2-CX-Portal": [ { @@ -162,9 +163,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -182,24 +180,20 @@ "view_service_offering", "view_autosetup_status", "add_connectors", - "upload_documents", "view_own_user_account", "view_use_cases", "view_idp", - "view_services", "add_tech_user_management", "view_membership", "update_own_user_account", "add_service_offering", "view_service_subscriptions", "activate_subscription", - "view_tech_roles", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "view_subscription", "delete_notifications", "view_connectors", @@ -234,14 +228,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", - "name": "setup_client", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "34742e28-1497-4222-ad1f-93ab9feac92e", "name": "view_app_subscription", @@ -313,6 +299,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "8b4aa267-bb7e-40c9-8cd2-f82603fa066a", + "name": "update_application_bpn_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "19c0e799-4ffd-4709-8b38-45540c677e50", "name": "view_autosetup_status", @@ -327,9 +322,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -337,17 +329,16 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_technical_setup", - "view_tech_user_management", - "app_management", - "view_tech_roles", - "view_certificates", "view_app_language", "technical_roles_management", "CX User", + "view_technical_setup", + "view_tech_user_management", "edit_apps", + "app_management", "view_use_cases", - "view_apps" + "view_apps", + "view_certificates" ] } }, @@ -361,9 +352,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -383,9 +371,6 @@ "unsubscribe_apps", "view_user_management", "subscribe_apps", - "view_services", - "view_dataspaces", - "filter_apps", "view_service_subscriptions", "view_notifications", "view_certificates", @@ -409,14 +394,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "03acc78a-0301-4518-a548-d5bd782c3d13", - "name": "decision_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", "name": "add_connectors", @@ -479,14 +456,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "15bd8123-3469-4505-93ff-a5bd3b929495", - "name": "subscribe_service_offering", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "66f4b417-25d4-47d7-b3d2-e6eb80bcba5e", "name": "create_partner_registration", @@ -548,15 +517,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", - "name": "view_tech_roles", - "description": "View technical user roles", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", "name": "view_client_roles", @@ -575,14 +535,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "29ac8c4d-5296-467c-91fa-3a0d7487c912", - "name": "request_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", "name": "delete_user_account", @@ -676,9 +628,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -717,8 +666,6 @@ "delete_tech_user_management", "subscribe_service", "delete_own_user_account", - "request_ssicredential", - "my_user_account", "delete_user_account", "view_apps", "view_subscription", @@ -743,9 +690,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -753,16 +697,15 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_service_subscriptions", - "activate_subscription", - "view_certificates", "subscribe_service", "CX User", "view_service_offering", "unsubscribe_apps", + "view_service_subscriptions", "unsubscribe_services", - "subscribe_apps", - "view_services" + "activate_subscription", + "view_certificates", + "subscribe_apps" ] } }, @@ -770,6 +713,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "b01f9c19-adde-4bca-be36-d2e21cedc37a", + "name": "store_didDocument", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", "name": "delete_apps", @@ -797,6 +749,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "3b336c72-0f9c-440e-8427-16028439c5e6", + "name": "update_application_membership_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", "name": "view_service_marketplace", @@ -812,9 +773,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -826,7 +784,6 @@ "view_documents", "delete_connectors", "upload_certificates", - "setup_client", "view_app_subscription", "delete_documents", "view_company_data", @@ -840,15 +797,12 @@ "view_user_management", "view_idp", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -860,21 +814,16 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", - "view_dataspaces", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "unsubscribe_services", "view_apps", "modify_connectors", @@ -900,9 +849,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -912,22 +858,18 @@ "Cl2-CX-Portal": [ "view_documents", "view_membership", - "view_dataspaces", "update_own_user_account", - "filter_apps", "view_company_data", "view_notifications", "view_certificates", "view_service_marketplace", "view_service_offering", "delete_own_user_account", - "my_user_account", "view_own_user_account", "view_apps", "view_user_management", "view_subscription", "delete_notifications", - "view_services", "view_partner_network" ], "Cl3-CX-Semantic": [ @@ -971,9 +913,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1004,14 +943,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "39c00d2f-491f-4658-96ef-9f47920afea6", - "name": "upload_documents", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", "name": "view_use_cases", @@ -1030,15 +961,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", - "name": "view_services", - "description": "view service marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", "name": "update_application_checklist_value", @@ -1083,15 +1005,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", - "name": "view_dataspaces", - "description": "View dataspace marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b06c2999-6008-4fb6-a22f-93fdac150656", "name": "decline_app_release", @@ -1109,24 +1022,12 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", - "name": "filter_apps", - "description": "Users with this role can filter apps in the App Marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "765bced5-b422-4f91-b35f-19d648595e6a", "name": "Purchaser", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1135,7 +1036,6 @@ ], "Cl2-CX-Portal": [ "delete_certificates", - "subscribe_service_offering", "CX User", "upload_certificates", "unsubscribe_apps", @@ -1173,11 +1073,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" - ], "Cl5-CX-Custodian": [ "delete_wallet", "add_wallet", @@ -1187,6 +1082,9 @@ "Cl1-CX-Registration": [ "view_registration" ], + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential" + ], "Cl2-CX-Portal": [ "decline_new_partner", "update_company_role", @@ -1194,7 +1092,6 @@ "delete_connectors", "update_service_offering", "invite_new_partner", - "setup_client", "view_app_subscription", "delete_documents", "app_management", @@ -1203,24 +1100,20 @@ "view_app_language", "modify_user_account", "view_autosetup_status", - "decision_ssicredential", "add_connectors", "view_own_user_account", "view_user_management", "view_idp", "add_apps", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "view_service_subscriptions", "activate_subscription", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -1237,24 +1130,19 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", "decline_service_release", - "view_dataspaces", "decline_app_release", "add_service_offering", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "create_notifications", "edit_apps", "unsubscribe_services", @@ -1295,17 +1183,17 @@ "attributes": {} }, { - "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", - "name": "delete_own_user_account", + "id": "cae19290-f11e-4532-b046-e07e302078e2", + "name": "send_mail", + "description": "", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, { - "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", - "name": "my_user_account", - "description": "view my own user account details", + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", @@ -1455,24 +1343,63 @@ ], "Cl7-CX-BPDM": [ { - "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", - "name": "delete_company_data", + "id": "da4b989c-d2fb-4276-bec7-bdad739e0864", + "name": "write_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", - "name": "add_company_data", + "id": "8d2f5f1a-bb4f-42fd-9947-18f799174bd8", + "name": "read_changelog_member", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", - "name": "view_company_data", + "id": "810ced5e-4eb9-42d7-90e0-2f5dd3aaa2a2", + "name": "read_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "b0cf08cf-3b00-4ed2-9871-79093200029e", + "name": "read_metadata", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "fc598e8a-eb9b-44e6-8c5b-c2870fefcd95", + "name": "read_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "33725fd2-bc24-4355-8c9e-979b352c0444", + "name": "read_partner_member", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "36db1cdc-308a-43d5-a3cb-43c676ca4eee", + "name": "write_metadata", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", @@ -1697,24 +1624,81 @@ "sa-cl6-cx-23": [], "Cl16-CX-BPDMGate": [ { - "id": "891e715a-7fdb-4dbe-a177-998a383ee836", - "name": "view_company_data", + "id": "af471823-bcca-4267-bbf6-c3183380358f", + "name": "read_output_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "33e96ab8-df1f-4fc1-bdda-3509e3e76e2e", + "name": "read_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "b280b367-6ba5-4ba1-8a64-8f61877c9f17", + "name": "read_input_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "27ce5626-0186-4ced-8e14-ecfcbc2f4330", + "name": "read_sharing_state", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e8516251-0f90-4d1a-9a6c-7fd44d52ecc0", + "name": "write_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e5cd5783-d48a-4d25-acf9-13fb8138715a", + "name": "read_input_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "364db9ec-ceb2-47b8-a892-f70bae1c89c5", + "name": "write_sharing_state", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", - "name": "update_company_data", + "id": "1d16924d-fca4-495b-a227-0cbf80b31d96", + "name": "read_stats", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", - "name": "view_shared_data", + "id": "3378cc71-3097-40f9-aaab-7ec66fa9bc54", + "name": "write_input_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", @@ -1726,9 +1710,7 @@ "sa-cl6-cx-26": [], "sa-cl6-cx-27": [], "sa-cl6-cx-28": [], - "sa-cl7-cx-1": [], "sa-cl5-custodian-internaltest": [], - "sa-cl7-cx-2": [], "sa-cl7-cx-3": [], "sa-cl7-cx-4": [], "sa-cl21-01": [], @@ -1738,7 +1720,6 @@ "sa-cl1-cx-1": [], "sa-cl6-cx-20": [], "sa_testAutomation": [], - "sa-cl5-custodian-3": [], "Cl15-BOSCH-AFQM": [ { "id": "07e4c7f0-f7c1-420a-8788-81eb42b5a8cd", @@ -1749,8 +1730,6 @@ "attributes": {} } ], - "sa-cl5-custodian-4": [], - "sa-cl5-custodian-1": [], "sa-cl5-custodian-2": [], "sa-cl6-cx-18": [], "sa-cl6-cx-19": [], @@ -1799,9 +1778,11 @@ "sa-cl2-02": [], "sa-cl6-cx-8": [], "sa-cl2-01": [], + "sa-cl2-04": [], "sa-cl6-cx-6": [], "sa-cl2-03": [], "sa-cl6-cx-5": [], + "sa-cl2-05": [], "account-console": [], "sa-cl22-01": [], "Cl18-CX-Pal": [ @@ -1814,6 +1795,62 @@ "attributes": {} } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "id": "1627e267-4422-46a8-b261-e26b5d852a33", + "name": "decision_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "793ed13a-2297-4182-9d75-e91b003e42a5", + "name": "view_use_case_participation", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "9e96cc27-03a7-4b7d-b3b8-aa886b81fd15", + "name": "revoke_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "48c621d7-1056-4d6c-ae9b-7da255066124", + "name": "revoke_credentials_issuer", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "2337ed3b-e46f-4b85-b3f3-7e244a20e85e", + "name": "request_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "763f8a43-d6f6-4b76-98a8-5082d3345f27", + "name": "view_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + } + ], "sa-cl6-cx-30": [], "Cl17-CX-Part": [ { @@ -1879,15 +1916,14 @@ ], "technical_roles_management": [ { - "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", - "name": "BPDM Management", + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" + "Cl3-CX-Semantic": [ + "view_semantic_model" ] } }, @@ -1896,14 +1932,22 @@ "attributes": {} }, { - "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", - "name": "CX Membership Info", + "id": "5d4a663d-d188-4df8-a86d-b2ae40920ab8", + "name": "BPDM Sharing Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_membership" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_input_changelog", + "read_sharing_state", + "write_output_partner", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -1912,14 +1956,17 @@ "attributes": {} }, { - "id": "4776c000-7232-4804-a133-aff0c01966ba", - "name": "Semantic Model Management", + "id": "21f929c1-a547-46a5-8660-6eb5d5091ba5", + "name": "BPDM Sharing Input Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl3-CX-Semantic": [ - "view_semantic_model" + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "read_input_partner", + "read_stats" ] } }, @@ -1928,16 +1975,14 @@ "attributes": {} }, { - "id": "ffdc000a-7b44-4117-8794-c87492a50604", - "name": "BPDM Gate Read & Write", - "description": "", + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "Cl2-CX-Portal": [ + "create_partner_registration", + "configure_partner_registration" ] } }, @@ -1946,13 +1991,18 @@ "attributes": {} }, { - "id": "20f2c41a-dacd-4505-877a-bb899066a767", - "name": "BPDM Pool", + "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", + "name": "Offer Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" + "Cl2-CX-Portal": [ + "view_tech_user_management", + "add_service_offering", + "add_connectors", + "app_management", + "activate_subscription" ] } }, @@ -1961,14 +2011,21 @@ "attributes": {} }, { - "id": "75211526-5c5e-4c6d-a377-627402c3f1b3", - "name": "BPDM Gate Read", - "description": "", + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data" + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ], + "Cl21-CX-DF": [ + "view_discovery_endpoint" + ], + "Cl2-CX-Portal": [ + "view_connectors" ] } }, @@ -1977,14 +2034,15 @@ "attributes": {} }, { - "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", - "name": "Identity Wallet Management", + "id": "281b856c-b74a-4753-99bb-bdcd810a212e", + "name": "IRS Management", + "description": "", "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" + "Cl20-CX-IRS": [ + "view_irs", + "admin_irs" ] } }, @@ -1993,14 +2051,14 @@ "attributes": {} }, { - "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", - "name": "Registration External", + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", "composite": true, "composites": { "client": { "Cl2-CX-Portal": [ - "create_partner_registration", - "configure_partner_registration" + "view_membership" ] } }, @@ -2009,18 +2067,36 @@ "attributes": {} }, { - "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", - "name": "Offer Management", + "id": "8805517d-63db-4d08-b6f2-cd8038929111", + "name": "BPDM Pool Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_tech_user_management", - "add_service_offering", - "add_connectors", - "app_management", - "activate_subscription" + "Cl7-CX-BPDM": [ + "write_partner", + "read_changelog_member", + "read_changelog", + "read_metadata", + "read_partner", + "read_partner_member", + "write_metadata" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" ] } }, @@ -2029,15 +2105,19 @@ "attributes": {} }, { - "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", - "name": "BPDM Partner Gate", + "id": "62f6d094-b5ad-4a64-9ce3-e1ee425f1491", + "name": "BPDM Sharing Input Manager", + "description": "", "composite": true, "composites": { "client": { "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "read_input_changelog", + "read_sharing_state", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -2046,21 +2126,17 @@ "attributes": {} }, { - "id": "d5781775-3fbd-4f46-84ea-b19164393205", - "name": "Dataspace Discovery", + "id": "ab1aedcb-9ae9-4a89-bb07-64ebb24d950e", + "name": "BPDM Sharing Output Consumer", + "description": "", "composite": true, "composites": { "client": { - "Cl22-CX-BPND": [ - "add_bpn_discovery", - "delete_bpn_discovery", - "view_bpn_discovery" - ], - "Cl21-CX-DF": [ - "view_discovery_endpoint" - ], - "Cl2-CX-Portal": [ - "view_connectors" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_sharing_state", + "read_stats" ] } }, @@ -2069,15 +2145,16 @@ "attributes": {} }, { - "id": "281b856c-b74a-4753-99bb-bdcd810a212e", - "name": "IRS Management", + "id": "cb9628e5-1ffa-4aa3-a8e8-3cfa8119ce30", + "name": "BPDM Pool Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl20-CX-IRS": [ - "view_irs", - "admin_irs" + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_changelog", + "read_metadata" ] } }, @@ -2086,12 +2163,7 @@ "attributes": {} } ], - "Cl12-CX-TestManager": [], "sa-cl6-cx-29": [], - "sa-beta-cx7": [], - "sa-beta-cx6": [], - "sa-beta-cx5": [], - "sa-beta-cx4": [], "Cl20-CX-IRS": [ { "id": "ee61636e-de19-41cb-be70-ec4c730c474c", @@ -2112,10 +2184,7 @@ "attributes": {} } ], - "sa-beta-cx3": [], "sa-cl5-cx-1": [], - "sa-beta-cx2": [], - "sa-beta-cx1": [], "Cl16-CX-CRisk": [ { "id": "3fc6e7e8-9115-4d0f-a0ab-3f950321af11", @@ -2265,9 +2334,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl1-CX-Registration": [ "add_company_data", "view_registration", @@ -2532,24 +2598,6 @@ "attributes": {} } ], - "Cl9-CDQ-Fraud": [ - { - "id": "9f5d6884-a643-4846-bddc-39adeda9aef2", - "name": "fraud_app_manager", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - }, - { - "id": "2d7ea02b-114a-40d6-9c2c-ef57cc7eef67", - "name": "fraud_app_user", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - } - ], "sa-cl6-cx-9": [], "account": [ { @@ -2672,10 +2720,11 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppMicrosoftAuthenticatorName", "totpAppFreeOTPName", - "totpAppGoogleName" + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName" ], + "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": [ "ES256" @@ -2688,6 +2737,7 @@ "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": [ "ES256" @@ -2700,6 +2750,7 @@ "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "webAuthnPolicyPasswordlessExtraOrigins": [], "users": [ { "id" : "6529834b-a4c1-4b11-a200-d77e5fe7443f", @@ -3534,15 +3585,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ], - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3559,11 +3601,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3670,6 +3707,53 @@ "notBefore": 0, "groups": [] }, + { + "id": "2f44169e-c974-4655-a5bf-eea00ba7e654", + "createdTimestamp": 1712762205184, + "username": "service-account-sa-cl2-04", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-04", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential", + "view_use_case_participation", + "revoke_credential", + "revoke_credentials_issuer", + "request_ssicredential", + "view_certificates" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e8bc6470-28ee-4c40-a2d9-27c6e78f303b", + "createdTimestamp": 1712764191865, + "username": "service-account-sa-cl2-05", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-05", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "store_didDocument" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "319d6b7f-bd88-4103-8124-e8ac4c791acf", "createdTimestamp": 1681915810810, @@ -3726,6 +3810,30 @@ "notBefore": 0, "groups": [] }, + { + "id": "e4a7204c-2fa8-4909-baa9-3fbc2fa6ec12", + "createdTimestamp": 1712762654440, + "username": "service-account-sa-cl24-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl24-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_membership_credential", + "send_mail", + "update_application_bpn_credential", + "create_notifications" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", "createdTimestamp": 1658347753956, @@ -3787,35 +3895,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", - "createdTimestamp": 1651615151516, - "username": "service-account-sa-cl5-custodian-1", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-1", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "update_wallets", - "view_wallet", - "update_wallet", - "view_wallets" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", "createdTimestamp": 1657558751239, @@ -3849,60 +3928,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "0e1028a6-99c2-46ad-a323-9917ebe7346b", - "createdTimestamp": 1657571043337, - "username": "service-account-sa-cl5-custodian-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-3", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "300de02c-e667-4528-ac99-a3749c214bd2", - "createdTimestamp": 1657571107848, - "username": "service-account-sa-cl5-custodian-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-4", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "8b7b0192-b24f-41b3-b7b7-b49efcc49e34", "createdTimestamp": 1654613733324, @@ -4754,9 +4779,6 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "technical_roles_management": [ "Semantic Model Management", "Identity Wallet Management", @@ -4773,85 +4795,42 @@ "groups": [] }, { - "id": "b1d71881-2aa8-4a67-b8ce-c101d6290832", - "createdTimestamp": 1657541056572, - "username": "service-account-sa-cl7-cx-1", + "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", + "createdTimestamp": 1664293185323, + "username": "service-account-sa-cl7-cx-3", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-1", + "serviceAccountClientId": "sa-cl7-cx-3", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin" ] }, "notBefore": 0, "groups": [] }, { - "id": "1e60cc6d-17cd-442c-ace7-ec94067c5f85", - "createdTimestamp": 1658900179675, - "username": "service-account-sa-cl7-cx-2", + "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", + "createdTimestamp": 1664293263973, + "username": "service-account-sa-cl7-cx-4", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-2", + "serviceAccountClientId": "sa-cl7-cx-4", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", - "createdTimestamp": 1664293185323, - "username": "service-account-sa-cl7-cx-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-3", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", - "createdTimestamp": 1664293263973, - "username": "service-account-sa-cl7-cx-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-4", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4871,14 +4850,9 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" - ], - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -4898,8 +4872,8 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4920,8 +4894,8 @@ ], "clientRoles": { "technical_roles_management": [ - "BPDM Management", - "BPDM Partner Gate" + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -5103,16 +5077,6 @@ ] } ], - "Cl16-CX-BPDMGate": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "update_company_data", - "view_shared_data", - "view_company_data" - ] - } - ], "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ { "client": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", @@ -5132,15 +5096,6 @@ ] } ], - "Cl7-CX-BPDM": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "add_company_data", - "view_company_data" - ] - } - ], "technical_roles_management": [ { "client": "sa-cl3-cx-1", @@ -5149,46 +5104,43 @@ "Semantic Model Management", "Identity Wallet Management" ] - } - ], - "Cl5-CX-Custodian": [ + }, { - "client": "sa-cl5-custodian-1", + "client": "sa-cl7-cx-3", "roles": [ - "update_wallets", - "update_wallet", - "view_wallets", - "view_wallet" + "BPDM Pool Admin" ] }, { - "client": "sa-cl5-custodian-2", + "client": "sa-cl7-cx-4", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-3", + "client": "sa-cl7-cx-5", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + }, + { + "client": "sa-cl7-cx-6", + "roles": [ + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-4", + "client": "sa-cl7-cx-7", + "roles": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-2", "roles": [ "delete_wallet", "delete_wallets", @@ -5210,6 +5162,19 @@ ] } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "client": "sa-cl2-04", + "roles": [ + "view_use_case_participation", + "revoke_credentials_issuer", + "view_certificates", + "request_ssicredential", + "revoke_credential", + "decision_ssicredential" + ] + } + ], "account": [ { "client": "account-console", @@ -5233,6 +5198,21 @@ "update_application_checklist_value" ] }, + { + "client": "sa-cl2-05", + "roles": [ + "store_didDocument" + ] + }, + { + "client": "sa-cl24-01", + "roles": [ + "send_mail", + "create_notifications", + "update_application_membership_credential", + "update_application_bpn_credential" + ] + }, { "client": "sa-cl8-cx-1", "roles": [ @@ -5602,73 +5582,6 @@ "microprofile-jwt" ] }, - { - "id": "2a82462c-5745-43bb-859c-f5a2e74611de", - "clientId": "Cl12-CX-TestManager", - "name": "Testdaten-Manager", - "description": "Testdaten Manager SSO", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [ - "+" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", "clientId": "Cl13-CX-Battery", @@ -5920,6 +5833,11 @@ { "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "clientId": "Cl16-CX-BPDMGate", + "name": "", + "description": "Portal Gate", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -6643,6 +6561,57 @@ "microprofile-jwt" ] }, + { + "id": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "clientId": "Cl24-CX-SSI-CredentialIssuer", + "name": "", + "description": "Client for SSI Credential Issuer", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, { "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "clientId": "Cl2-CX-Portal", @@ -6948,6 +6917,11 @@ { "id": "04cd6d38-674f-4588-980a-8f120bddcc44", "clientId": "Cl7-CX-BPDM", + "name": "", + "description": " BPDM Pool", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7011,107 +6985,42 @@ ] }, { - "id": "3fbe1a86-143d-4d52-8138-01aa23875664", - "clientId": "Cl9-CDQ-Fraud", + "id": "6a9209c2-ec16-476b-9a9f-61474610b790", + "clientId": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "**********", "redirectUris": [ - "https://fraud-dashboard.dev.demo.catena-x.net/*", - "https://keycloak.catenax-cdq.com/auth/*" + "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-dev-dismantler-s66pftcc.aws-live-eu10" ], "webOrigins": [ - "+" + "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, + "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "saml.force.post.binding": "true", "saml.multivalued.roles": "false", - "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", + "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", + "backchannel.logout.session.required": "false", "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6a9209c2-ec16-476b-9a9f-61474610b790", - "clientId": "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-dev-dismantler-s66pftcc.aws-live-eu10" - ], - "webOrigins": [ - "https://catenax-dev-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": true, - "protocol": "saml", - "attributes": { - "saml.force.post.binding": "true", - "saml.multivalued.roles": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", - "oidc.ciba.grant.enabled": "false", - "backchannel.logout.session.required": "false", - "client_credentials.use_refresh_token": "false", - "saml.signature.algorithm": "RSA_SHA256", + "saml.signature.algorithm": "RSA_SHA256", "require.pushed.authorization.requests": "false", "saml.client.signature": "true", "id.token.as.detached.signature": "false", @@ -7422,8 +7331,9 @@ ] }, { - "id": "35134e77-f548-4b87-970c-cc0626496fcd", - "clientId": "sa-beta-cx1", + "id": "c33cfdab-5838-4c38-bd84-15b63502d604", + "clientId": "sa-cl10-cx-1", + "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7471,7 +7381,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "07f8b416-f24d-4cba-91f8-fd3ae0af4657", + "id": "429be913-0d7c-4bb1-b429-ed7b18822645", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7486,22 +7396,22 @@ } }, { - "id": "72681be8-4baf-475d-a9b9-47dee5326981", - "name": "BPN", + "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "2ac54aee-ac44-4a48-ae4a-bbdb5288c7f9", + "id": "d13abc34-92f7-4b7f-8684-f923f5798627", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7514,21 +7424,6 @@ "claim.name": "client_id", "jsonType.label": "String" } - }, - { - "id": "7cb8edc7-02f4-4c7c-84b4-b91cbac2d5e4", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7545,8 +7440,9 @@ ] }, { - "id": "b9ee94c4-f8de-40ba-8ea0-36d3ca28d3b5", - "clientId": "sa-beta-cx2", + "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", + "clientId": "sa-cl16-cx-1", + "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7594,7 +7490,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "296af6dd-9c38-41f4-b485-5f5eea375ccc", + "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7609,7 +7505,7 @@ } }, { - "id": "e00b42b8-8bcc-4b18-9999-86212378c5b1", + "id": "2722c105-eb0a-4af2-85c6-13499e443d99", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7624,7 +7520,7 @@ } }, { - "id": "24194317-3f62-417a-8442-62009cbf029e", + "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7637,21 +7533,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "ab7d3b61-de21-4527-b021-7b2d75182fee", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7668,14 +7549,17 @@ ] }, { - "id": "624a56df-7370-46f6-b00f-44791184bb28", - "clientId": "sa-beta-cx3", + "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", + "clientId": "sa-cl1-cx-1", + "description": "Service Account for Invicti DAST scan", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7705,8 +7589,8 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "saml.client.signature": "false", "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", @@ -7717,37 +7601,22 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09c3a032-eab0-4f2c-96df-b7c1b13d3634", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "62d698d8-24d6-4b3a-b533-c4bffdb65db1", - "name": "Client Host", + "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "2a1ab4a4-c250-49e0-9676-86564dea3062", + "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7762,17 +7631,17 @@ } }, { - "id": "f5071021-acc5-42be-98e1-8bccd62e8f1b", - "name": "Client IP Address", + "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -7791,14 +7660,17 @@ ] }, { - "id": "fb3deae9-5f34-4e9d-9a33-376f083f03c4", - "clientId": "sa-beta-cx4", + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7813,8 +7685,8 @@ "attributes": { "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.multivalued.roles": "false", "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -7828,34 +7700,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "daf63cfb-4e69-43f3-9c4e-7c9f91131364", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "53742f0f-0df2-4f2f-b6bd-e407d4bd0894", + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7870,32 +7727,32 @@ } }, { - "id": "343fe132-c419-484d-a7f7-a2316f855cec", - "name": "Client IP Address", + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "15332471-4d69-48fa-9bab-e51218faa13d", - "name": "Client ID", + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -7914,8 +7771,9 @@ ] }, { - "id": "8b05ebaa-0fa1-45fc-bc5c-8d75e2fa8166", - "clientId": "sa-beta-cx5", + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7959,41 +7817,41 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "4c831a50-2f22-407f-ac33-3b5bc19d824b", - "name": "Client ID", + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "764d1b6f-ecc1-46b7-8feb-e962fe8facd5", - "name": "BPN", + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "client_id", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "df7255f2-200f-4ebb-94bb-7edf96e2e127", + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -8006,21 +7864,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "b421ee98-98c8-41e2-8594-646b9ac40c67", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -8037,8 +7880,9 @@ ] }, { - "id": "062617f4-5efb-4f85-932f-26193737321e", - "clientId": "sa-beta-cx6", + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -8074,855 +7918,59 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "86a03690-8af2-4c80-ba47-94d05fc1cc47", - "name": "Client ID", + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "8657ab97-ddb1-4775-8d44-a3ccbfea213f", - "name": "Client Host", + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "6543b216-4e97-4dd9-a855-021de0d8b316", - "name": "Client IP Address", + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b167ce59-73d8-4f6c-a175-5cc742526628", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2b1424ac-3e67-42c7-be77-69aa57fe0834", - "clientId": "sa-beta-cx7", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "965eb625-e855-49f4-bb55-c0d73666d410", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "581a3217-3127-4484-a4c7-1491371a7b48", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "cf552528-6cb5-43a5-91c9-aac399e96730", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "ba208341-0e41-4dea-8397-619376833c3a", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "c33cfdab-5838-4c38-bd84-15b63502d604", - "clientId": "sa-cl10-cx-1", - "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "429be913-0d7c-4bb1-b429-ed7b18822645", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "d13abc34-92f7-4b7f-8684-f923f5798627", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", - "clientId": "sa-cl16-cx-1", - "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "2722c105-eb0a-4af2-85c6-13499e443d99", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", - "clientId": "sa-cl1-cx-1", - "description": "Service Account for Invicti DAST scan", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", - "clientId": "sa-cl1-reg-2", - "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", - "clientId": "sa-cl2-01", - "description": "Technical User Clearinghouse update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", - "clientId": "sa-cl2-02", - "description": "Technical User SelfDescription (SD) update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -9050,16 +8098,24 @@ ] }, { - "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", - "clientId": "sa-cl21-01", - "description": "Technical User Discovery Finder", + "id": "beb01d13-04e2-4a2b-a909-8b4166b3dcf7", + "clientId": "sa-cl2-04", + "name": "", + "description": "Technical User SSI Credential Issuer - Portal to SSI Credential Issuer (portal helm chart: backend.processesworker.issuerComponent.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9068,61 +8124,29 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712762205", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", + "oauth2.device.authorization.grant.enabled": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "id": "514cd3f7-8b0d-4a41-ae75-2b30b2be13f6", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -9130,38 +8154,39 @@ } }, { - "id": "8f318235-669e-4236-b8ea-f596b802f672", - "name": "BPN", + "id": "8502e4e1-3d19-47c0-8b8e-7f394228dbbe", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", - "name": "Client Host", + "id": "a045a68f-caca-4605-a438-ba2e0bcfad38", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9174,16 +8199,24 @@ ] }, { - "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", - "clientId": "sa-cl22-01", - "description": "Technical User BPN Discovery", + "id": "19b62d82-9df7-4bbd-9edc-8534bb0a7e68", + "clientId": "sa-cl2-05", + "name": "", + "description": "Technical User Dim Layer - Dim Layer to Portal (dim helm chart: processesworker.callback.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9192,100 +8225,69 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712764102", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09824b45-f47e-4213-90d5-7aec6a078314", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", - "name": "Client ID", + "id": "32f11424-4cff-472f-99bd-df98787216fe", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", - "name": "Client Host", + "id": "1e3f26ac-3578-4a04-adfa-6838d54560f8", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "36e185ed-3af8-489d-a94b-a280ae205e03", - "name": "Client IP Address", + "id": "4c0a8ac0-09e8-445e-9f2b-769750bc09a8", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9298,17 +8300,15 @@ ] }, { - "id": "7beaee76-d447-4531-9433-fd9ce19d1460", - "clientId": "sa-cl3-cx-1", - "name": "Technical User CX internal - communication GitHub and Semantic Hub", + "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9321,10 +8321,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9338,9 +8338,9 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" @@ -9350,51 +8350,52 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "702c92a9-9f89-4130-9d37-c1620529ca13", - "name": "BPN", + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.attribute": "bpn", + "user.session.note": "client_id", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "userinfo.token.claim": "true" + "claim.name": "client_id", + "jsonType.label": "String" } }, { - "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", - "name": "Client ID", + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", - "name": "Client IP Address", + "id": "8f318235-669e-4236-b8ea-f596b802f672", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9423,9 +8424,9 @@ ] }, { - "id": "d5a29608-9579-4af4-b895-458ff5b03276", - "clientId": "sa-cl3-cx-2", - "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", + "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9444,10 +8445,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9461,19 +8462,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "id": "09824b45-f47e-4213-90d5-7aec6a078314", "name": "BPN", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", @@ -9488,7 +8489,7 @@ } }, { - "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9503,32 +8504,32 @@ } }, { - "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", - "name": "Client IP Address", + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", - "name": "Client Host", + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -9547,18 +8548,24 @@ ] }, { - "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", - "clientId": "sa-cl5-custodian-1", - "description": "Technical User for SD Hub Call to Custodian for SD signature", + "id": "8ac37496-cca9-41ba-9684-cf7348f880d5", + "clientId": "sa-cl24-01", + "name": "", + "description": "Technical User for SSI Credential Issuer (credential issuer helm chart: processesworker.portal.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ - "*" + "/*" + ], + "webOrigins": [ + "/*" ], - "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9567,110 +8574,83 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "oauth2.device.authorization.grant.enabled": "false", + "client.secret.creation.time": "1712762654", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "30897db9-574e-49ee-b968-ede77a6baf67", - "name": "Client ID", + "id": "c176820f-4e65-4b63-90d5-31a058b31698", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "00879247-75ce-491f-abed-52a6a810f685", - "name": "Client Host", + "id": "1cbf20be-7fff-44c4-9eb5-a6868b2fb122", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", - "name": "Client IP Address", + "id": "471d6ae7-39a3-44f5-ac90-f31be999eb08", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "0c387b1e-5a80-47c8-82f5-693e3af79425", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "acr", + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", - "clientId": "sa-cl5-custodian-2", - "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technical User CX internal - communication GitHub and Semantic Hub", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9720,86 +8700,88 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", - "name": "Client Host", + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" + "claim.name": "bpn", + "userinfo.token.claim": "true" } }, { - "id": "728abacc-c436-4d67-b699-92957a69b519", - "name": "Client IP Address", + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "98c6f360-6714-455a-bc94-4fa0b5072866", - "name": "BPN", + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", - "name": "Client ID", + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "0dfcbe31-2482-46d7-bb09-0722b0e1c4f9", - "clientId": "sa-cl5-custodian-3", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "d5a29608-9579-4af4-b895-458ff5b03276", + "clientId": "sa-cl3-cx-2", + "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9837,82 +8819,91 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, + "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3e1df311-abd2-4878-9f0a-426fd1a50c0d", - "name": "Client IP Address", + "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "17a2ea60-79e2-4d57-8db7-9931b0e1a674", - "name": "Client Host", + "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "d6203b9c-6b72-44d0-8609-83077dd6a2e0", - "name": "Client ID", + "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "1db97b73-9663-4eb5-99ed-d103c4bda113", - "name": "BPN", + "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "7612bab1-3617-485e-8461-f1d2a7a6a92e", - "clientId": "sa-cl5-custodian-4", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "name": "", + "description": "Technical User for Portal to call Managed Identity Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9962,7 +8953,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "783956fc-c81e-4da3-871c-436eec1fa555", + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9977,37 +8968,37 @@ } }, { - "id": "f230563b-4e92-47e6-94d4-5d7ac8eef916", - "name": "BPN", + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "45b77e95-5844-48c4-ba44-6c883bed55b8", - "name": "Client IP Address", + "id": "98c6f360-6714-455a-bc94-4fa0b5072866", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "653db152-0505-4fcc-8d9e-51eee203610b", + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -13764,243 +12755,6 @@ "microprofile-jwt" ] }, - { - "id": "6e2f3a74-9277-4265-a0bd-8f8f41ba0530", - "clientId": "sa-cl7-cx-1", - "description": "Technical user created for BPDM / CDQ connect (SPOC: Peter Schenkel)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "33ef0160-e559-4fde-8faa-657140437026", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "61c367f1-dcd7-4190-9d63-97c0b3ae5afc", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "1c8aad27-8158-498b-bf99-e6de92799b6d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "d1c857fb-0c7d-4b6d-b6e8-34bf4de76d6d", - "clientId": "sa-cl7-cx-2", - "description": "Technical user for BPDM connection to Fraud App (Michael Wirth & CGI: Fabio)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "23db4b23-856e-4f3b-a1e2-f935d2373d0d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "5db07b78-2eb9-405d-a0eb-9ab0e94a1e4d", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "b01e802a-984a-4c95-a5f7-db4f3fd4b16b", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "09b70efe-f7e1-4880-a375-de44e2e1b38a", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "f6627ae5-54ac-4e53-871d-875de8879e51", "clientId": "sa-cl7-cx-3", @@ -14048,7 +12802,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14157,7 +12911,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14375,7 +13129,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14484,7 +13238,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -17224,14 +15978,6 @@ "autheticatorFlow": false, "userSetupAllowed": false }, - { - "authenticator": "registration-profile-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - }, { "authenticator": "registration-password-action", "authenticatorFlow": false, diff --git a/import/realm-config/consortia/catenax-central/stable/CX-Central-realm.json b/import/realm-config/consortia/catenax-central/stable/CX-Central-realm.json index 8438289e..8c0d2d95 100644 --- a/import/realm-config/consortia/catenax-central/stable/CX-Central-realm.json +++ b/import/realm-config/consortia/catenax-central/stable/CX-Central-realm.json @@ -111,6 +111,7 @@ "security-admin-console": [], "sa-cl6-cx-17": [], "sa-cl10-cx-1": [], + "sa-cl24-01": [], "sa-cl16-cx-1": [], "Cl2-CX-Portal": [ { @@ -162,9 +163,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -182,24 +180,20 @@ "view_service_offering", "view_autosetup_status", "add_connectors", - "upload_documents", "view_own_user_account", "view_use_cases", "view_idp", - "view_services", "add_tech_user_management", "view_membership", "update_own_user_account", "add_service_offering", "view_service_subscriptions", "activate_subscription", - "view_tech_roles", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "view_subscription", "delete_notifications", "view_connectors", @@ -234,14 +228,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", - "name": "setup_client", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "34742e28-1497-4222-ad1f-93ab9feac92e", "name": "view_app_subscription", @@ -313,6 +299,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "8b4aa267-bb7e-40c9-8cd2-f82603fa066a", + "name": "update_application_bpn_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "19c0e799-4ffd-4709-8b38-45540c677e50", "name": "view_autosetup_status", @@ -327,9 +322,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -337,17 +329,16 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_technical_setup", - "view_tech_user_management", - "app_management", - "view_tech_roles", - "view_certificates", "view_app_language", "technical_roles_management", "CX User", + "view_technical_setup", + "view_tech_user_management", "edit_apps", + "app_management", "view_use_cases", - "view_apps" + "view_apps", + "view_certificates" ] } }, @@ -361,9 +352,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -383,9 +371,6 @@ "unsubscribe_apps", "view_user_management", "subscribe_apps", - "view_services", - "view_dataspaces", - "filter_apps", "view_service_subscriptions", "view_notifications", "view_certificates", @@ -409,14 +394,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "03acc78a-0301-4518-a548-d5bd782c3d13", - "name": "decision_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", "name": "add_connectors", @@ -479,14 +456,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "15bd8123-3469-4505-93ff-a5bd3b929495", - "name": "subscribe_service_offering", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "66f4b417-25d4-47d7-b3d2-e6eb80bcba5e", "name": "create_partner_registration", @@ -548,15 +517,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", - "name": "view_tech_roles", - "description": "View technical user roles", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "6560b255-cbc6-4fb7-8afe-d61732e34ab1", "name": "view_client_roles", @@ -575,14 +535,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "29ac8c4d-5296-467c-91fa-3a0d7487c912", - "name": "request_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", "name": "delete_user_account", @@ -676,9 +628,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -717,8 +666,6 @@ "delete_tech_user_management", "subscribe_service", "delete_own_user_account", - "request_ssicredential", - "my_user_account", "delete_user_account", "view_apps", "view_subscription", @@ -743,9 +690,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -753,16 +697,15 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_service_subscriptions", - "activate_subscription", - "view_certificates", "subscribe_service", "CX User", "view_service_offering", "unsubscribe_apps", + "view_service_subscriptions", "unsubscribe_services", - "subscribe_apps", - "view_services" + "activate_subscription", + "view_certificates", + "subscribe_apps" ] } }, @@ -770,6 +713,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "b01f9c19-adde-4bca-be36-d2e21cedc37a", + "name": "store_didDocument", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "4f2b58a5-0ebd-4b91-b354-4fefd40cc811", "name": "delete_apps", @@ -797,6 +749,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "3b336c72-0f9c-440e-8427-16028439c5e6", + "name": "update_application_membership_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "43a0826f-ba1a-44d4-952f-e4b879be353c", "name": "view_service_marketplace", @@ -812,9 +773,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -826,7 +784,6 @@ "view_documents", "delete_connectors", "upload_certificates", - "setup_client", "view_app_subscription", "delete_documents", "view_company_data", @@ -840,15 +797,12 @@ "view_user_management", "view_idp", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -860,21 +814,16 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", - "view_dataspaces", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "unsubscribe_services", "view_apps", "modify_connectors", @@ -900,9 +849,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -912,22 +858,18 @@ "Cl2-CX-Portal": [ "view_documents", "view_membership", - "view_dataspaces", "update_own_user_account", - "filter_apps", "view_company_data", "view_notifications", "view_certificates", "view_service_marketplace", "view_service_offering", "delete_own_user_account", - "my_user_account", "view_own_user_account", "view_apps", "view_user_management", "view_subscription", "delete_notifications", - "view_services", "view_partner_network" ], "Cl3-CX-Semantic": [ @@ -971,9 +913,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1004,14 +943,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "39c00d2f-491f-4658-96ef-9f47920afea6", - "name": "upload_documents", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b4bead06-e3c4-4fce-9e06-43d9d9537766", "name": "view_use_cases", @@ -1030,15 +961,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", - "name": "view_services", - "description": "view service marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", "name": "update_application_checklist_value", @@ -1083,15 +1005,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", - "name": "view_dataspaces", - "description": "View dataspace marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b06c2999-6008-4fb6-a22f-93fdac150656", "name": "decline_app_release", @@ -1109,24 +1022,12 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", - "name": "filter_apps", - "description": "Users with this role can filter apps in the App Marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "765bced5-b422-4f91-b35f-19d648595e6a", "name": "Purchaser", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1135,7 +1036,6 @@ ], "Cl2-CX-Portal": [ "delete_certificates", - "subscribe_service_offering", "CX User", "upload_certificates", "unsubscribe_apps", @@ -1173,11 +1073,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" - ], "Cl5-CX-Custodian": [ "delete_wallet", "add_wallet", @@ -1187,6 +1082,9 @@ "Cl1-CX-Registration": [ "view_registration" ], + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential" + ], "Cl2-CX-Portal": [ "decline_new_partner", "update_company_role", @@ -1194,7 +1092,6 @@ "delete_connectors", "update_service_offering", "invite_new_partner", - "setup_client", "view_app_subscription", "delete_documents", "app_management", @@ -1203,24 +1100,20 @@ "view_app_language", "modify_user_account", "view_autosetup_status", - "decision_ssicredential", "add_connectors", "view_own_user_account", "view_user_management", "view_idp", "add_apps", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "view_service_subscriptions", "activate_subscription", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -1237,24 +1130,19 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", "decline_service_release", - "view_dataspaces", "decline_app_release", "add_service_offering", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "create_notifications", "edit_apps", "unsubscribe_services", @@ -1295,17 +1183,17 @@ "attributes": {} }, { - "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", - "name": "delete_own_user_account", + "id": "cae19290-f11e-4532-b046-e07e302078e2", + "name": "send_mail", + "description": "", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, { - "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", - "name": "my_user_account", - "description": "view my own user account details", + "id": "f02debf4-92ff-4b7f-a56c-db7c6321ceda", + "name": "delete_own_user_account", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", @@ -1455,24 +1343,63 @@ ], "Cl7-CX-BPDM": [ { - "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", - "name": "delete_company_data", + "id": "da4b989c-d2fb-4276-bec7-bdad739e0864", + "name": "write_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", - "name": "add_company_data", + "id": "8d2f5f1a-bb4f-42fd-9947-18f799174bd8", + "name": "read_changelog_member", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", - "name": "view_company_data", + "id": "810ced5e-4eb9-42d7-90e0-2f5dd3aaa2a2", + "name": "read_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "b0cf08cf-3b00-4ed2-9871-79093200029e", + "name": "read_metadata", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "fc598e8a-eb9b-44e6-8c5b-c2870fefcd95", + "name": "read_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "33725fd2-bc24-4355-8c9e-979b352c0444", + "name": "read_partner_member", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "36db1cdc-308a-43d5-a3cb-43c676ca4eee", + "name": "write_metadata", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", @@ -1697,24 +1624,81 @@ "sa-cl6-cx-23": [], "Cl16-CX-BPDMGate": [ { - "id": "891e715a-7fdb-4dbe-a177-998a383ee836", - "name": "view_company_data", + "id": "af471823-bcca-4267-bbf6-c3183380358f", + "name": "read_output_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "33e96ab8-df1f-4fc1-bdda-3509e3e76e2e", + "name": "read_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "b280b367-6ba5-4ba1-8a64-8f61877c9f17", + "name": "read_input_changelog", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "27ce5626-0186-4ced-8e14-ecfcbc2f4330", + "name": "read_sharing_state", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e8516251-0f90-4d1a-9a6c-7fd44d52ecc0", + "name": "write_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "e5cd5783-d48a-4d25-acf9-13fb8138715a", + "name": "read_input_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "364db9ec-ceb2-47b8-a892-f70bae1c89c5", + "name": "write_sharing_state", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", - "name": "update_company_data", + "id": "1d16924d-fca4-495b-a227-0cbf80b31d96", + "name": "read_stats", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", - "name": "view_shared_data", + "id": "3378cc71-3097-40f9-aaab-7ec66fa9bc54", + "name": "write_input_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", @@ -1726,9 +1710,7 @@ "sa-cl6-cx-26": [], "sa-cl6-cx-27": [], "sa-cl6-cx-28": [], - "sa-cl7-cx-1": [], "sa-cl5-custodian-internaltest": [], - "sa-cl7-cx-2": [], "sa-cl7-cx-3": [], "sa-cl7-cx-4": [], "sa-cl21-01": [], @@ -1738,7 +1720,6 @@ "sa-cl1-cx-1": [], "sa-cl6-cx-20": [], "sa_testAutomation": [], - "sa-cl5-custodian-3": [], "Cl15-BOSCH-AFQM": [ { "id": "07e4c7f0-f7c1-420a-8788-81eb42b5a8cd", @@ -1749,8 +1730,6 @@ "attributes": {} } ], - "sa-cl5-custodian-4": [], - "sa-cl5-custodian-1": [], "sa-cl5-custodian-2": [], "sa-cl6-cx-18": [], "sa-cl6-cx-19": [], @@ -1799,9 +1778,11 @@ "sa-cl2-02": [], "sa-cl6-cx-8": [], "sa-cl2-01": [], + "sa-cl2-04": [], "sa-cl6-cx-6": [], "sa-cl2-03": [], "sa-cl6-cx-5": [], + "sa-cl2-05": [], "account-console": [], "sa-cl22-01": [], "Cl18-CX-Pal": [ @@ -1814,6 +1795,62 @@ "attributes": {} } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "id": "1627e267-4422-46a8-b261-e26b5d852a33", + "name": "decision_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "793ed13a-2297-4182-9d75-e91b003e42a5", + "name": "view_use_case_participation", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "9e96cc27-03a7-4b7d-b3b8-aa886b81fd15", + "name": "revoke_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "48c621d7-1056-4d6c-ae9b-7da255066124", + "name": "revoke_credentials_issuer", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "2337ed3b-e46f-4b85-b3f3-7e244a20e85e", + "name": "request_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + }, + { + "id": "763f8a43-d6f6-4b76-98a8-5082d3345f27", + "name": "view_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "attributes": {} + } + ], "sa-cl6-cx-30": [], "Cl17-CX-Part": [ { @@ -1879,15 +1916,14 @@ ], "technical_roles_management": [ { - "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", - "name": "BPDM Management", + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" + "Cl3-CX-Semantic": [ + "view_semantic_model" ] } }, @@ -1896,14 +1932,22 @@ "attributes": {} }, { - "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", - "name": "CX Membership Info", + "id": "5d4a663d-d188-4df8-a86d-b2ae40920ab8", + "name": "BPDM Sharing Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_membership" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_input_changelog", + "read_sharing_state", + "write_output_partner", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -1912,14 +1956,17 @@ "attributes": {} }, { - "id": "4776c000-7232-4804-a133-aff0c01966ba", - "name": "Semantic Model Management", + "id": "21f929c1-a547-46a5-8660-6eb5d5091ba5", + "name": "BPDM Sharing Input Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl3-CX-Semantic": [ - "view_semantic_model" + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_sharing_state", + "read_input_partner", + "read_stats" ] } }, @@ -1928,16 +1975,14 @@ "attributes": {} }, { - "id": "ffdc000a-7b44-4117-8794-c87492a50604", - "name": "BPDM Gate Read & Write", - "description": "", + "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", + "name": "Registration External", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "Cl2-CX-Portal": [ + "create_partner_registration", + "configure_partner_registration" ] } }, @@ -1946,13 +1991,18 @@ "attributes": {} }, { - "id": "20f2c41a-dacd-4505-877a-bb899066a767", - "name": "BPDM Pool", + "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", + "name": "Offer Management", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" + "Cl2-CX-Portal": [ + "view_tech_user_management", + "add_service_offering", + "add_connectors", + "app_management", + "activate_subscription" ] } }, @@ -1961,14 +2011,21 @@ "attributes": {} }, { - "id": "75211526-5c5e-4c6d-a377-627402c3f1b3", - "name": "BPDM Gate Read", - "description": "", + "id": "d5781775-3fbd-4f46-84ea-b19164393205", + "name": "Dataspace Discovery", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data" + "Cl22-CX-BPND": [ + "add_bpn_discovery", + "delete_bpn_discovery", + "view_bpn_discovery" + ], + "Cl21-CX-DF": [ + "view_discovery_endpoint" + ], + "Cl2-CX-Portal": [ + "view_connectors" ] } }, @@ -1977,14 +2034,15 @@ "attributes": {} }, { - "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", - "name": "Identity Wallet Management", + "id": "281b856c-b74a-4753-99bb-bdcd810a212e", + "name": "IRS Management", + "description": "", "composite": true, "composites": { "client": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" + "Cl20-CX-IRS": [ + "view_irs", + "admin_irs" ] } }, @@ -1993,14 +2051,14 @@ "attributes": {} }, { - "id": "dee6cf7a-fb6b-451c-9ef7-87459893e48f", - "name": "Registration External", + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", "composite": true, "composites": { "client": { "Cl2-CX-Portal": [ - "create_partner_registration", - "configure_partner_registration" + "view_membership" ] } }, @@ -2009,18 +2067,36 @@ "attributes": {} }, { - "id": "8ce375c0-bab3-4df7-939f-a61cd0fa0ab1", - "name": "Offer Management", + "id": "8805517d-63db-4d08-b6f2-cd8038929111", + "name": "BPDM Pool Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_tech_user_management", - "add_service_offering", - "add_connectors", - "app_management", - "activate_subscription" + "Cl7-CX-BPDM": [ + "write_partner", + "read_changelog_member", + "read_changelog", + "read_metadata", + "read_partner", + "read_partner_member", + "write_metadata" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "6f153999-e1a9-4cc7-b9c0-f53e7c5f7a42", + "name": "Identity Wallet Management", + "composite": true, + "composites": { + "client": { + "Cl5-CX-Custodian": [ + "view_wallet", + "update_wallet" ] } }, @@ -2029,15 +2105,19 @@ "attributes": {} }, { - "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", - "name": "BPDM Partner Gate", + "id": "62f6d094-b5ad-4a64-9ce3-e1ee425f1491", + "name": "BPDM Sharing Input Manager", + "description": "", "composite": true, "composites": { "client": { "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "read_input_changelog", + "read_sharing_state", + "write_sharing_state", + "read_input_partner", + "read_stats", + "write_input_partner" ] } }, @@ -2046,21 +2126,17 @@ "attributes": {} }, { - "id": "d5781775-3fbd-4f46-84ea-b19164393205", - "name": "Dataspace Discovery", + "id": "ab1aedcb-9ae9-4a89-bb07-64ebb24d950e", + "name": "BPDM Sharing Output Consumer", + "description": "", "composite": true, "composites": { "client": { - "Cl22-CX-BPND": [ - "add_bpn_discovery", - "delete_bpn_discovery", - "view_bpn_discovery" - ], - "Cl21-CX-DF": [ - "view_discovery_endpoint" - ], - "Cl2-CX-Portal": [ - "view_connectors" + "Cl16-CX-BPDMGate": [ + "read_output_partner", + "read_output_changelog", + "read_sharing_state", + "read_stats" ] } }, @@ -2069,15 +2145,16 @@ "attributes": {} }, { - "id": "281b856c-b74a-4753-99bb-bdcd810a212e", - "name": "IRS Management", + "id": "cb9628e5-1ffa-4aa3-a8e8-3cfa8119ce30", + "name": "BPDM Pool Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl20-CX-IRS": [ - "view_irs", - "admin_irs" + "Cl7-CX-BPDM": [ + "read_changelog_member", + "read_changelog", + "read_metadata" ] } }, @@ -2086,12 +2163,7 @@ "attributes": {} } ], - "Cl12-CX-TestManager": [], "sa-cl6-cx-29": [], - "sa-beta-cx7": [], - "sa-beta-cx6": [], - "sa-beta-cx5": [], - "sa-beta-cx4": [], "Cl20-CX-IRS": [ { "id": "ee61636e-de19-41cb-be70-ec4c730c474c", @@ -2112,10 +2184,7 @@ "attributes": {} } ], - "sa-beta-cx3": [], "sa-cl5-cx-1": [], - "sa-beta-cx2": [], - "sa-beta-cx1": [], "Cl16-CX-CRisk": [ { "id": "3fc6e7e8-9115-4d0f-a0ab-3f950321af11", @@ -2265,9 +2334,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl1-CX-Registration": [ "add_company_data", "view_registration", @@ -2532,24 +2598,6 @@ "attributes": {} } ], - "Cl9-CDQ-Fraud": [ - { - "id": "9f5d6884-a643-4846-bddc-39adeda9aef2", - "name": "fraud_app_manager", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - }, - { - "id": "2d7ea02b-114a-40d6-9c2c-ef57cc7eef67", - "name": "fraud_app_user", - "composite": false, - "clientRole": true, - "containerId": "3fbe1a86-143d-4d52-8138-01aa23875664", - "attributes": {} - } - ], "sa-cl6-cx-9": [], "account": [ { @@ -2672,10 +2720,11 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppMicrosoftAuthenticatorName", "totpAppFreeOTPName", - "totpAppGoogleName" + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName" ], + "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": [ "ES256" @@ -2688,6 +2737,7 @@ "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": [ "ES256" @@ -2700,6 +2750,7 @@ "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "webAuthnPolicyPasswordlessExtraOrigins": [], "users": [ { "id" : "6529834b-a4c1-4b11-a200-d77e5fe7443f", @@ -3534,15 +3585,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ], - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3559,11 +3601,6 @@ "realmRoles": [ "default-roles-catena-x realm" ], - "clientRoles": { - "technical_roles_management": [ - "BPDM Partner Gate" - ] - }, "notBefore": 0, "groups": [] }, @@ -3670,6 +3707,53 @@ "notBefore": 0, "groups": [] }, + { + "id": "2f44169e-c974-4655-a5bf-eea00ba7e654", + "createdTimestamp": 1712762205184, + "username": "service-account-sa-cl2-04", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-04", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential", + "view_use_case_participation", + "revoke_credential", + "revoke_credentials_issuer", + "request_ssicredential", + "view_certificates" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "e8bc6470-28ee-4c40-a2d9-27c6e78f303b", + "createdTimestamp": 1712764191865, + "username": "service-account-sa-cl2-05", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-05", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "store_didDocument" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "319d6b7f-bd88-4103-8124-e8ac4c791acf", "createdTimestamp": 1681915810810, @@ -3726,6 +3810,30 @@ "notBefore": 0, "groups": [] }, + { + "id": "e4a7204c-2fa8-4909-baa9-3fbc2fa6ec12", + "createdTimestamp": 1712762654440, + "username": "service-account-sa-cl24-01", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl24-01", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "update_application_membership_credential", + "send_mail", + "update_application_bpn_credential", + "create_notifications" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", "createdTimestamp": 1658347753956, @@ -3787,35 +3895,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", - "createdTimestamp": 1651615151516, - "username": "service-account-sa-cl5-custodian-1", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-1", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "update_wallets", - "view_wallet", - "update_wallet", - "view_wallets" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "ca2657a8-eba9-4cb4-8b66-8cc30911dfa1", "createdTimestamp": 1657558751239, @@ -3849,60 +3928,6 @@ "notBefore": 0, "groups": [] }, - { - "id": "0e1028a6-99c2-46ad-a323-9917ebe7346b", - "createdTimestamp": 1657571043337, - "username": "service-account-sa-cl5-custodian-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-3", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "300de02c-e667-4528-ac99-a3749c214bd2", - "createdTimestamp": 1657571107848, - "username": "service-account-sa-cl5-custodian-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-4", - "attributes": { - "bpn": [ - "BPNL00000003CRHK" - ] - }, - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl5-CX-Custodian": [ - "view_wallet", - "update_wallet" - ] - }, - "notBefore": 0, - "groups": [] - }, { "id": "8b7b0192-b24f-41b3-b7b7-b49efcc49e34", "createdTimestamp": 1654613733324, @@ -4754,9 +4779,6 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "technical_roles_management": [ "Semantic Model Management", "Identity Wallet Management", @@ -4773,85 +4795,42 @@ "groups": [] }, { - "id": "b1d71881-2aa8-4a67-b8ce-c101d6290832", - "createdTimestamp": 1657541056572, - "username": "service-account-sa-cl7-cx-1", + "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", + "createdTimestamp": 1664293185323, + "username": "service-account-sa-cl7-cx-3", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-1", + "serviceAccountClientId": "sa-cl7-cx-3", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin" ] }, "notBefore": 0, "groups": [] }, { - "id": "1e60cc6d-17cd-442c-ace7-ec94067c5f85", - "createdTimestamp": 1658900179675, - "username": "service-account-sa-cl7-cx-2", + "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", + "createdTimestamp": 1664293263973, + "username": "service-account-sa-cl7-cx-4", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-2", + "serviceAccountClientId": "sa-cl7-cx-4", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "8d63cb9f-2df5-42b6-9bc8-a61b8d5467cb", - "createdTimestamp": 1664293185323, - "username": "service-account-sa-cl7-cx-3", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-3", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" - ] - }, - "notBefore": 0, - "groups": [] - }, - { - "id": "14a0d303-0b9f-4469-830f-4d1221b796d4", - "createdTimestamp": 1664293263973, - "username": "service-account-sa-cl7-cx-4", - "enabled": true, - "totp": false, - "emailVerified": false, - "serviceAccountClientId": "sa-cl7-cx-4", - "disableableCredentialTypes": [], - "requiredActions": [], - "realmRoles": [ - "default-roles-catena-x realm" - ], - "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4871,14 +4850,9 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" - ], - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -4898,8 +4872,8 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl7-CX-BPDM": [ - "view_company_data" + "technical_roles_management": [ + "BPDM Pool Consumer" ] }, "notBefore": 0, @@ -4920,8 +4894,8 @@ ], "clientRoles": { "technical_roles_management": [ - "BPDM Management", - "BPDM Partner Gate" + "BPDM Pool Admin", + "BPDM Sharing Admin" ] }, "notBefore": 0, @@ -5103,16 +5077,6 @@ ] } ], - "Cl16-CX-BPDMGate": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "update_company_data", - "view_shared_data", - "view_company_data" - ] - } - ], "https://catenax-dt-rec.authentication.eu10.hana.ondemand.com": [ { "client": "https://catenax-stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", @@ -5132,15 +5096,6 @@ ] } ], - "Cl7-CX-BPDM": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "add_company_data", - "view_company_data" - ] - } - ], "technical_roles_management": [ { "client": "sa-cl3-cx-1", @@ -5149,46 +5104,43 @@ "Semantic Model Management", "Identity Wallet Management" ] - } - ], - "Cl5-CX-Custodian": [ + }, { - "client": "sa-cl5-custodian-1", + "client": "sa-cl7-cx-3", "roles": [ - "update_wallets", - "update_wallet", - "view_wallets", - "view_wallet" + "BPDM Pool Admin" ] }, { - "client": "sa-cl5-custodian-2", + "client": "sa-cl7-cx-4", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-3", + "client": "sa-cl7-cx-5", "roles": [ - "delete_wallet", - "delete_wallets", - "update_wallets", - "add_wallet", - "update_wallet", - "view_wallets", - "view_wallet", - "add_wallets" + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + }, + { + "client": "sa-cl7-cx-6", + "roles": [ + "BPDM Pool Consumer" ] }, { - "client": "sa-cl5-custodian-4", + "client": "sa-cl7-cx-7", + "roles": [ + "BPDM Pool Admin", + "BPDM Sharing Admin" + ] + } + ], + "Cl5-CX-Custodian": [ + { + "client": "sa-cl5-custodian-2", "roles": [ "delete_wallet", "delete_wallets", @@ -5210,6 +5162,19 @@ ] } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "client": "sa-cl2-04", + "roles": [ + "view_use_case_participation", + "revoke_credentials_issuer", + "view_certificates", + "request_ssicredential", + "revoke_credential", + "decision_ssicredential" + ] + } + ], "account": [ { "client": "account-console", @@ -5233,6 +5198,21 @@ "update_application_checklist_value" ] }, + { + "client": "sa-cl2-05", + "roles": [ + "store_didDocument" + ] + }, + { + "client": "sa-cl24-01", + "roles": [ + "send_mail", + "create_notifications", + "update_application_membership_credential", + "update_application_bpn_credential" + ] + }, { "client": "sa-cl8-cx-1", "roles": [ @@ -5602,73 +5582,6 @@ "microprofile-jwt" ] }, - { - "id": "2a82462c-5745-43bb-859c-f5a2e74611de", - "clientId": "Cl12-CX-TestManager", - "name": "Testdaten-Manager", - "description": "Testdaten Manager SSO", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [ - "+" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "dd6a7d43-a7b1-4808-90dd-e446b51b59f2", "clientId": "Cl13-CX-Battery", @@ -5920,6 +5833,11 @@ { "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "clientId": "Cl16-CX-BPDMGate", + "name": "", + "description": "Portal Gate", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -6643,6 +6561,57 @@ "microprofile-jwt" ] }, + { + "id": "ca27cd3b-9534-499b-ad29-ebc28a965375", + "clientId": "Cl24-CX-SSI-CredentialIssuer", + "name": "", + "description": "Client for SSI Credential Issuer", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, { "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "clientId": "Cl2-CX-Portal", @@ -6948,6 +6917,11 @@ { "id": "04cd6d38-674f-4588-980a-8f120bddcc44", "clientId": "Cl7-CX-BPDM", + "name": "", + "description": " BPDM Pool", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7011,107 +6985,42 @@ ] }, { - "id": "3fbe1a86-143d-4d52-8138-01aa23875664", - "clientId": "Cl9-CDQ-Fraud", + "id": "6a9209c2-ec16-476b-9a9f-61474610b790", + "clientId": "https://catenax-stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", + "secret": "**********", "redirectUris": [ - "https://fraud-dashboard.stable.demo.catena-x.net/*", - "https://keycloak.catenax-cdq.com/auth/*" + "https://catenax-stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-stable-dismantler-s66pftcc.aws-live-eu10" ], "webOrigins": [ - "+" + "https://catenax-stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, - "directAccessGrantsEnabled": true, + "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, - "publicClient": true, - "frontchannelLogout": false, - "protocol": "openid-connect", + "publicClient": false, + "frontchannelLogout": true, + "protocol": "saml", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "saml.force.post.binding": "true", "saml.multivalued.roles": "false", - "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", "saml.server.signature.keyinfo.ext": "false", "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", + "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", + "backchannel.logout.session.required": "false", "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6a9209c2-ec16-476b-9a9f-61474610b790", - "clientId": "https://catenax-stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "https://catenax-stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com/saml/SSO/alias/catenax-stable-dismantler-s66pftcc.aws-live-eu10" - ], - "webOrigins": [ - "https://catenax-stable-dismantler-s66pftcc.authentication.eu10.hana.ondemand.com" - ], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": true, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": false, - "publicClient": false, - "frontchannelLogout": true, - "protocol": "saml", - "attributes": { - "saml.force.post.binding": "true", - "saml.multivalued.roles": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "saml.signing.certificate": "MIIDQjCCAiqgAwIBAgIGElXjqKNAMA0GCSqGSIb3DQEBCwUAMFgxVjBUBgNVBAMMTWh0dHBzOi8vY2F0ZW5heC1pbnQtZGlzbWFudGxlci1zNjZwZnRjYy5hdXRoZW50aWNhdGlvbi5ldTEwLmhhbmEub25kZW1hbmQuY29tMCAXDTE2MDEwMTAwMDAwMFoYDzIwNTAwMTAxMDAwMDAwWjBYMVYwVAYDVQQDDE1odHRwczovL2NhdGVuYXgtaW50LWRpc21hbnRsZXItczY2cGZ0Y2MuYXV0aGVudGljYXRpb24uZXUxMC5oYW5hLm9uZGVtYW5kLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVD5SYVIsC3M8PqMuiw/IMypyZU0V5pUwxBaZlMWljz1D1iNPGaOg9LhhLGAWOD0cdfFs70Q4Ov391raGRn5/9cQma0dJtH1PiTMM67+FZFvn1FWeEJ5a3qwIgoQrcDZn9NDTmtL+yaYOAsg5SGEkjrOZlJp1U3xVZDmuToUZ96WDodsy/nVQTkvaORSh+XDPIQ3sH5jqFdFuQsWf3xXSFHobF1sbi2IjGSZxLEi9yszPVff999Q0Q86kAoCh5gVKdB3WSHgkzDD6gxlcIGGQM6y3HZigIKlPRwK1o3SrEvl0IbPKDNM6rtFgWwRfp5KsQLRfe7TxLq7IWkqQd29vcCAwEAAaMQMA4wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAoScTGCrzKq4bbYFTJcyKwtgL80OM7RgZlfSsP/+k7fiZKUaY6WbUKDwRl7yHglgjL6NiC/Tz1PklgbB08RMwXIHbnG4VvdpcMUlHn5wGfZnNViHZYsjb4TgK8QS/zD8CSaJguUuK0ym/KUT9Hn6bHQuk4CQICVZmlp1N/bIWoSinY565rZ1amg9Ap0sgy1wWuqH8zKeTClrxjbuQeRTyj7d4kb/Ocg12rrUP8dznS5SGiR7WL9LpVrJZH72cKuOM1dYV6O94KH9uiuMe+VoUxWqgHiYbA/LOCxLSgI2fVTG8cGz0bCviFSf2tfVEB8mi/cU2Ikz6LzGNdaEpr4NoaA==", - "oidc.ciba.grant.enabled": "false", - "backchannel.logout.session.required": "false", - "client_credentials.use_refresh_token": "false", - "saml.signature.algorithm": "RSA_SHA256", + "saml.signature.algorithm": "RSA_SHA256", "require.pushed.authorization.requests": "false", "saml.client.signature": "true", "id.token.as.detached.signature": "false", @@ -7422,8 +7331,9 @@ ] }, { - "id": "35134e77-f548-4b87-970c-cc0626496fcd", - "clientId": "sa-beta-cx1", + "id": "c33cfdab-5838-4c38-bd84-15b63502d604", + "clientId": "sa-cl10-cx-1", + "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7471,7 +7381,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "07f8b416-f24d-4cba-91f8-fd3ae0af4657", + "id": "429be913-0d7c-4bb1-b429-ed7b18822645", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7486,22 +7396,22 @@ } }, { - "id": "72681be8-4baf-475d-a9b9-47dee5326981", - "name": "BPN", + "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "2ac54aee-ac44-4a48-ae4a-bbdb5288c7f9", + "id": "d13abc34-92f7-4b7f-8684-f923f5798627", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7514,21 +7424,6 @@ "claim.name": "client_id", "jsonType.label": "String" } - }, - { - "id": "7cb8edc7-02f4-4c7c-84b4-b91cbac2d5e4", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7545,8 +7440,9 @@ ] }, { - "id": "b9ee94c4-f8de-40ba-8ea0-36d3ca28d3b5", - "clientId": "sa-beta-cx2", + "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", + "clientId": "sa-cl16-cx-1", + "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7594,7 +7490,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "296af6dd-9c38-41f4-b485-5f5eea375ccc", + "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7609,7 +7505,7 @@ } }, { - "id": "e00b42b8-8bcc-4b18-9999-86212378c5b1", + "id": "2722c105-eb0a-4af2-85c6-13499e443d99", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7624,7 +7520,7 @@ } }, { - "id": "24194317-3f62-417a-8442-62009cbf029e", + "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7637,21 +7533,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "ab7d3b61-de21-4527-b021-7b2d75182fee", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -7668,14 +7549,17 @@ ] }, { - "id": "624a56df-7370-46f6-b00f-44791184bb28", - "clientId": "sa-beta-cx3", + "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", + "clientId": "sa-cl1-cx-1", + "description": "Service Account for Invicti DAST scan", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7705,8 +7589,8 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "saml.client.signature": "false", "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", @@ -7717,37 +7601,22 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09c3a032-eab0-4f2c-96df-b7c1b13d3634", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "62d698d8-24d6-4b3a-b533-c4bffdb65db1", - "name": "Client Host", + "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "2a1ab4a4-c250-49e0-9676-86564dea3062", + "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7762,17 +7631,17 @@ } }, { - "id": "f5071021-acc5-42be-98e1-8bccd62e8f1b", - "name": "Client IP Address", + "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -7791,14 +7660,17 @@ ] }, { - "id": "fb3deae9-5f34-4e9d-9a33-376f083f03c4", - "clientId": "sa-beta-cx4", + "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", + "clientId": "sa-cl1-reg-2", + "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], + "redirectUris": [ + "*" + ], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -7813,8 +7685,8 @@ "attributes": { "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.multivalued.roles": "false", "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -7828,34 +7700,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "daf63cfb-4e69-43f3-9c4e-7c9f91131364", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "53742f0f-0df2-4f2f-b6bd-e407d4bd0894", + "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -7870,32 +7727,32 @@ } }, { - "id": "343fe132-c419-484d-a7f7-a2316f855cec", - "name": "Client IP Address", + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "15332471-4d69-48fa-9bab-e51218faa13d", - "name": "Client ID", + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -7914,8 +7771,9 @@ ] }, { - "id": "8b05ebaa-0fa1-45fc-bc5c-8d75e2fa8166", - "clientId": "sa-beta-cx5", + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -7959,41 +7817,41 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "4c831a50-2f22-407f-ac33-3b5bc19d824b", - "name": "Client ID", + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "764d1b6f-ecc1-46b7-8feb-e962fe8facd5", - "name": "BPN", + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "client_id", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "df7255f2-200f-4ebb-94bb-7edf96e2e127", + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -8006,21 +7864,6 @@ "claim.name": "clientHost", "jsonType.label": "String" } - }, - { - "id": "b421ee98-98c8-41e2-8594-646b9ac40c67", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } } ], "defaultClientScopes": [ @@ -8037,8 +7880,9 @@ ] }, { - "id": "062617f4-5efb-4f85-932f-26193737321e", - "clientId": "sa-beta-cx6", + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -8074,855 +7918,59 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", "tls.client.certificate.bound.access.tokens": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "86a03690-8af2-4c80-ba47-94d05fc1cc47", - "name": "Client ID", + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "8657ab97-ddb1-4775-8d44-a3ccbfea213f", - "name": "Client Host", + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "6543b216-4e97-4dd9-a855-021de0d8b316", - "name": "Client IP Address", + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b167ce59-73d8-4f6c-a175-5cc742526628", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2b1424ac-3e67-42c7-be77-69aa57fe0834", - "clientId": "sa-beta-cx7", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "965eb625-e855-49f4-bb55-c0d73666d410", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "581a3217-3127-4484-a4c7-1491371a7b48", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "cf552528-6cb5-43a5-91c9-aac399e96730", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "ba208341-0e41-4dea-8397-619376833c3a", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "c33cfdab-5838-4c38-bd84-15b63502d604", - "clientId": "sa-cl10-cx-1", - "description": "Technical user created for Sharing Member to connect to BPDM (SPOC: Manuel Niedermann, Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "429be913-0d7c-4bb1-b429-ed7b18822645", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "087541f4-ff7a-4d0f-bbc6-cdab00bb9c95", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "d13abc34-92f7-4b7f-8684-f923f5798627", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "7e7b246a-f1f6-4816-a6ad-b0b62a8918d7", - "clientId": "sa-cl16-cx-1", - "description": "Technical user created for BPDM Partner Gate (SPOC: Nico Koprowski)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "ded924f4-4b1b-4607-b86b-c14a39f93103", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "2722c105-eb0a-4af2-85c6-13499e443d99", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "c1c10e38-57c3-46d3-b49a-7c9391264027", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "5a220510-4a8e-4cbc-a47e-6f549e6c3894", - "clientId": "sa-cl1-cx-1", - "description": "Service Account for Invicti DAST scan", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "24320d24-0e73-478f-8e09-a05dc4bb7c35", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "caea604c-1e8e-48ad-91a8-18711e4fb564", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "ea2580a2-1594-43c2-88e6-36e9e1315263", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "cdf11dff-530a-4fd4-97b9-84e4d60ac21e", - "clientId": "sa-cl1-reg-2", - "description": "Technical User for Portal-Backend to call Keycloak (portal helm chart: backend.keycloak.central.clientId)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "7ef011ab-1e39-4d57-9f23-3b389394b57f", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", - "clientId": "sa-cl2-01", - "description": "Technical User Clearinghouse update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", - "clientId": "sa-cl2-02", - "description": "Technical User SelfDescription (SD) update application", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -9050,16 +8098,24 @@ ] }, { - "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", - "clientId": "sa-cl21-01", - "description": "Technical User Discovery Finder", + "id": "beb01d13-04e2-4a2b-a909-8b4166b3dcf7", + "clientId": "sa-cl2-04", + "name": "", + "description": "Technical User SSI Credential Issuer - Portal to SSI Credential Issuer (portal helm chart: backend.processesworker.issuerComponent.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9068,61 +8124,29 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712762205", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", + "oauth2.device.authorization.grant.enabled": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "id": "514cd3f7-8b0d-4a41-ae75-2b30b2be13f6", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -9130,38 +8154,39 @@ } }, { - "id": "8f318235-669e-4236-b8ea-f596b802f672", - "name": "BPN", + "id": "8502e4e1-3d19-47c0-8b8e-7f394228dbbe", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", - "name": "Client Host", + "id": "a045a68f-caca-4605-a438-ba2e0bcfad38", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9174,16 +8199,24 @@ ] }, { - "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", - "clientId": "sa-cl22-01", - "description": "Technical User BPN Discovery", + "id": "19b62d82-9df7-4bbd-9edc-8534bb0a7e68", + "clientId": "sa-cl2-05", + "name": "", + "description": "Technical User Dim Layer - Dim Layer to Portal (dim helm chart: processesworker.callback.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9192,100 +8225,69 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "saml.assertion.signature": "false", - "id.token.as.detached.signature": "false", - "saml.multivalued.roles": "false", - "saml.force.post.binding": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712764102", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "require.pushed.authorization.requests": "false", - "saml.authnstatement": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "09824b45-f47e-4213-90d5-7aec6a078314", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - }, - { - "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", - "name": "Client ID", + "id": "32f11424-4cff-472f-99bd-df98787216fe", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", - "name": "Client Host", + "id": "1e3f26ac-3578-4a04-adfa-6838d54560f8", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "36e185ed-3af8-489d-a94b-a280ae205e03", - "name": "Client IP Address", + "id": "4c0a8ac0-09e8-445e-9f2b-769750bc09a8", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -9298,17 +8300,15 @@ ] }, { - "id": "7beaee76-d447-4531-9433-fd9ce19d1460", - "clientId": "sa-cl3-cx-1", - "name": "Technical User CX internal - communication GitHub and Semantic Hub", + "id": "b09392dd-8b0f-4a32-bb0b-d00a4091b890", + "clientId": "sa-cl21-01", + "description": "Technical User Discovery Finder", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9321,10 +8321,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9338,9 +8338,9 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" @@ -9350,51 +8350,52 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "702c92a9-9f89-4130-9d37-c1620529ca13", - "name": "BPN", + "id": "f61880f7-a1d1-47cf-a3eb-906fa83aabda", + "name": "Client ID", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.attribute": "bpn", + "user.session.note": "client_id", + "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", - "userinfo.token.claim": "true" + "claim.name": "client_id", + "jsonType.label": "String" } }, { - "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", - "name": "Client ID", + "id": "3c2deac0-fd68-4c39-933c-27123ff073f9", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", - "name": "Client IP Address", + "id": "8f318235-669e-4236-b8ea-f596b802f672", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "id": "b74416e5-2376-4f8e-a49b-8a03a053454a", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9423,9 +8424,9 @@ ] }, { - "id": "d5a29608-9579-4af4-b895-458ff5b03276", - "clientId": "sa-cl3-cx-2", - "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", + "id": "f1806543-d0ca-41cb-b029-883cdfb11a8e", + "clientId": "sa-cl22-01", + "description": "Technical User BPN Discovery", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9444,10 +8445,10 @@ "frontchannelLogout": false, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", "saml.assertion.signature": "false", - "saml.force.post.binding": "false", + "id.token.as.detached.signature": "false", "saml.multivalued.roles": "false", + "saml.force.post.binding": "false", "saml.encrypt": "false", "post.logout.redirect.uris": "+", "oauth2.device.authorization.grant.enabled": "false", @@ -9461,19 +8462,19 @@ "backchannel.logout.session.required": "true", "client_credentials.use_refresh_token": "false", "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", "saml.client.signature": "false", "tls.client.certificate.bound.access.tokens": "false", + "require.pushed.authorization.requests": "false", "saml.authnstatement": "false", "display.on.consent.screen": "false", "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "id": "09824b45-f47e-4213-90d5-7aec6a078314", "name": "BPN", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", @@ -9488,7 +8489,7 @@ } }, { - "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "id": "0c72334b-238a-4f7b-bda6-3814bcd3b06e", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9503,32 +8504,32 @@ } }, { - "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", - "name": "Client IP Address", + "id": "5b4c8ff8-6c2d-4ece-a91d-6d3113688f6e", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", - "name": "Client Host", + "id": "36e185ed-3af8-489d-a94b-a280ae205e03", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientAddress", "jsonType.label": "String" } } @@ -9547,18 +8548,24 @@ ] }, { - "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", - "clientId": "sa-cl5-custodian-1", - "description": "Technical User for SD Hub Call to Custodian for SD signature", + "id": "8ac37496-cca9-41ba-9684-cf7348f880d5", + "clientId": "sa-cl24-01", + "name": "", + "description": "Technical User for SSI Credential Issuer (credential issuer helm chart: processesworker.portal.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ - "*" + "/*" + ], + "webOrigins": [ + "/*" ], - "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -9567,110 +8574,83 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "oauth2.device.authorization.grant.enabled": "false", + "client.secret.creation.time": "1712762654", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "30897db9-574e-49ee-b968-ede77a6baf67", - "name": "Client ID", + "id": "c176820f-4e65-4b63-90d5-31a058b31698", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "00879247-75ce-491f-abed-52a6a810f685", - "name": "Client Host", + "id": "1cbf20be-7fff-44c4-9eb5-a6868b2fb122", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", - "name": "Client IP Address", + "id": "471d6ae7-39a3-44f5-ac90-f31be999eb08", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "0c387b1e-5a80-47c8-82f5-693e3af79425", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "acr", + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", - "clientId": "sa-cl5-custodian-2", - "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technical User CX internal - communication GitHub and Semantic Hub", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9720,86 +8700,88 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", - "name": "Client Host", + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" + "claim.name": "bpn", + "userinfo.token.claim": "true" } }, { - "id": "728abacc-c436-4d67-b699-92957a69b519", - "name": "Client IP Address", + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "98c6f360-6714-455a-bc94-4fa0b5072866", - "name": "BPN", + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", - "name": "Client ID", + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "0dfcbe31-2482-46d7-bb09-0722b0e1c4f9", - "clientId": "sa-cl5-custodian-3", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "d5a29608-9579-4af4-b895-458ff5b03276", + "clientId": "sa-cl3-cx-2", + "description": "Technical User Digital Twin and Semantic for Pen test scenario (Contact: Lukas Roemer, Bosch)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [ - "*" - ], + "redirectUris": [], "webOrigins": [], "notBefore": 0, "bearerOnly": false, @@ -9837,82 +8819,91 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": false, + "fullScopeAllowed": true, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "3e1df311-abd2-4878-9f0a-426fd1a50c0d", - "name": "Client IP Address", + "id": "6b664acb-fb3a-427b-8c54-643e53b24388", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "17a2ea60-79e2-4d57-8db7-9931b0e1a674", - "name": "Client Host", + "id": "882827ad-6e5a-42f2-b09e-75ff2b5893f2", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "d6203b9c-6b72-44d0-8609-83077dd6a2e0", - "name": "Client ID", + "id": "9fbb3f90-f4f4-4c8f-818e-ae857da96fc3", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", + "user.session.note": "clientAddress", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "1db97b73-9663-4eb5-99ed-d103c4bda113", - "name": "BPN", + "id": "4ca8dc7c-a24b-4635-a100-b75b23c3fa99", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { - "id": "7612bab1-3617-485e-8461-f1d2a7a6a92e", - "clientId": "sa-cl5-custodian-4", - "description": "Technical User for Custodian test with EDC (SPOC: Matthias Hub)", + "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", + "clientId": "sa-cl5-custodian-2", + "name": "", + "description": "Technical User for Portal to call Managed Identity Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -9962,7 +8953,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "783956fc-c81e-4da3-871c-436eec1fa555", + "id": "3d2518d7-950b-40da-b9d4-ca0fe3c6a328", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -9977,37 +8968,37 @@ } }, { - "id": "f230563b-4e92-47e6-94d4-5d7ac8eef916", - "name": "BPN", + "id": "728abacc-c436-4d67-b699-92957a69b519", + "name": "Client IP Address", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientAddress", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "BPN", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "45b77e95-5844-48c4-ba44-6c883bed55b8", - "name": "Client IP Address", + "id": "98c6f360-6714-455a-bc94-4fa0b5072866", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "bpn", "jsonType.label": "String" } }, { - "id": "653db152-0505-4fcc-8d9e-51eee203610b", + "id": "a7bf4bbd-2764-46c8-b211-5d9676b1380a", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -13764,243 +12755,6 @@ "microprofile-jwt" ] }, - { - "id": "6e2f3a74-9277-4265-a0bd-8f8f41ba0530", - "clientId": "sa-cl7-cx-1", - "description": "Technical user created for BPDM / CDQ connect (SPOC: Peter Schenkel)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "33ef0160-e559-4fde-8faa-657140437026", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "61c367f1-dcd7-4190-9d63-97c0b3ae5afc", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "1c8aad27-8158-498b-bf99-e6de92799b6d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, - { - "id": "d1c857fb-0c7d-4b6d-b6e8-34bf4de76d6d", - "clientId": "sa-cl7-cx-2", - "description": "Technical user for BPDM connection to Fraud App (Michael Wirth & CGI: Fabio)", - "surrogateAuthRequired": false, - "enabled": true, - "alwaysDisplayInConsole": false, - "clientAuthenticatorType": "client-secret", - "secret": "**********", - "redirectUris": [ - "*" - ], - "webOrigins": [], - "notBefore": 0, - "bearerOnly": false, - "consentRequired": false, - "standardFlowEnabled": false, - "implicitFlowEnabled": false, - "directAccessGrantsEnabled": false, - "serviceAccountsEnabled": true, - "publicClient": false, - "frontchannelLogout": false, - "protocol": "openid-connect", - "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", - "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", - "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" - }, - "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, - "nodeReRegistrationTimeout": -1, - "protocolMappers": [ - { - "id": "23db4b23-856e-4f3b-a1e2-f935d2373d0d", - "name": "Client IP Address", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientAddress", - "jsonType.label": "String" - } - }, - { - "id": "5db07b78-2eb9-405d-a0eb-9ab0e94a1e4d", - "name": "Client Host", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "clientHost", - "jsonType.label": "String" - } - }, - { - "id": "b01e802a-984a-4c95-a5f7-db4f3fd4b16b", - "name": "Client ID", - "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", - "consentRequired": false, - "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" - } - }, - { - "id": "09b70efe-f7e1-4880-a375-de44e2e1b38a", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "userinfo.token.claim": "true", - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "jsonType.label": "String" - } - } - ], - "defaultClientScopes": [ - "web-origins", - "roles", - "profile", - "email" - ], - "optionalClientScopes": [ - "address", - "phone", - "offline_access", - "microprofile-jwt" - ] - }, { "id": "f6627ae5-54ac-4e53-871d-875de8879e51", "clientId": "sa-cl7-cx-3", @@ -14048,7 +12802,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14157,7 +12911,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14375,7 +13129,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -14484,7 +13238,7 @@ "saml.onetimeuse.condition": "false" }, "authenticationFlowBindingOverrides": {}, - "fullScopeAllowed": true, + "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { @@ -17224,14 +15978,6 @@ "autheticatorFlow": false, "userSetupAllowed": false }, - { - "authenticator": "registration-profile-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - }, { "authenticator": "registration-password-action", "authenticatorFlow": false, diff --git a/import/realm-config/generic/catenax-central/CX-Central-realm.json b/import/realm-config/generic/catenax-central/CX-Central-realm.json index 157678b7..79d364fa 100644 --- a/import/realm-config/generic/catenax-central/CX-Central-realm.json +++ b/import/realm-config/generic/catenax-central/CX-Central-realm.json @@ -101,11 +101,70 @@ "client": { "sa-cl2-02": [], "sa-cl2-01": [], + "sa-cl2-04": [], "sa-cl3-cx-1": [], "security-admin-console": [], "sa-cl2-03": [], + "sa-cl2-05": [], + "sa-cl24-01": [], "account-console": [], "sa-cl22-01": [], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "id": "244d2705-e543-4594-9242-e66ff906748e", + "name": "request_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "60306526-b937-4244-ac89-cc1283c8ed74", + "attributes": {} + }, + { + "id": "e5909b95-c17b-455d-b995-8d768f271e07", + "name": "revoke_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "60306526-b937-4244-ac89-cc1283c8ed74", + "attributes": {} + }, + { + "id": "b7b8d3ae-8b64-42c4-bcbf-f56f6f2a9293", + "name": "revoke_credentials_issuer", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "60306526-b937-4244-ac89-cc1283c8ed74", + "attributes": {} + }, + { + "id": "1bd890e7-fe5f-4bc0-92ef-ac5f48e621a6", + "name": "view_use_case_participation", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "60306526-b937-4244-ac89-cc1283c8ed74", + "attributes": {} + }, + { + "id": "f79b9b99-7a31-470a-9827-e07eb20c7c4f", + "name": "view_certificates", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "60306526-b937-4244-ac89-cc1283c8ed74", + "attributes": {} + }, + { + "id": "b23c7037-0635-44c4-915d-0d77d64046a5", + "name": "decision_ssicredential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "60306526-b937-4244-ac89-cc1283c8ed74", + "attributes": {} + } + ], "Cl2-CX-Portal": [ { "id": "39ff444c-888a-4bf6-b8e1-343b66f8a067", @@ -156,9 +215,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -176,24 +232,20 @@ "view_service_offering", "view_autosetup_status", "add_connectors", - "upload_documents", "view_own_user_account", "view_use_cases", "view_idp", - "view_services", "add_tech_user_management", "view_membership", "update_own_user_account", "add_service_offering", "view_service_subscriptions", "activate_subscription", - "view_tech_roles", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "view_subscription", "delete_notifications", "view_connectors", @@ -219,14 +271,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "a029dec3-8c6a-4a2f-a60a-82249f0590fd", - "name": "setup_client", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "34742e28-1497-4222-ad1f-93ab9feac92e", "name": "view_app_subscription", @@ -303,9 +347,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -313,17 +354,16 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_technical_setup", - "view_tech_user_management", - "app_management", - "view_tech_roles", - "view_certificates", "view_app_language", "technical_roles_management", "CX User", + "view_technical_setup", + "view_tech_user_management", "edit_apps", + "app_management", "view_use_cases", - "view_apps" + "view_apps", + "view_certificates" ] } }, @@ -337,9 +377,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -364,9 +401,6 @@ "upload_certificates", "view_user_management", "subscribe_apps", - "view_services", - "view_dataspaces", - "filter_apps", "view_service_subscriptions", "view_notifications", "view_certificates", @@ -385,14 +419,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "03acc78a-0301-4518-a548-d5bd782c3d13", - "name": "decision_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "37dc74e9-9f50-49d2-9b95-402b04aa84ff", "name": "add_connectors", @@ -456,8 +482,9 @@ "attributes": {} }, { - "id": "15bd8123-3469-4505-93ff-a5bd3b929495", - "name": "subscribe_service_offering", + "id": "a88b7f46-d6c8-46bf-96e4-ec824e8eaee4", + "name": "update_application_bpn_credential", + "description": "", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", @@ -524,15 +551,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9db8ca83-6cfd-4c44-8ab7-ccbcb11da38f", - "name": "view_tech_roles", - "description": "View technical user roles", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "26eacd86-808a-4869-ad64-564cda6b3e2f", "name": "delete_certificates", @@ -560,14 +578,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "29ac8c4d-5296-467c-91fa-3a0d7487c912", - "name": "request_ssicredential", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "3c3c8452-fd50-40bd-b223-9660233dd6af", "name": "delete_user_account", @@ -661,9 +671,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -702,8 +709,6 @@ "delete_tech_user_management", "subscribe_service", "delete_own_user_account", - "request_ssicredential", - "my_user_account", "delete_user_account", "view_apps", "view_subscription", @@ -728,9 +733,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -738,16 +740,15 @@ "view_registration" ], "Cl2-CX-Portal": [ - "view_service_subscriptions", - "activate_subscription", - "view_certificates", "subscribe_service", "CX User", "view_service_offering", "unsubscribe_apps", + "view_service_subscriptions", "unsubscribe_services", - "subscribe_apps", - "view_services" + "activate_subscription", + "view_certificates", + "subscribe_apps" ] } }, @@ -797,9 +798,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -810,7 +808,6 @@ "update_company_role", "view_documents", "delete_connectors", - "setup_client", "view_app_subscription", "delete_documents", "view_company_data", @@ -823,16 +820,13 @@ "view_user_management", "view_idp", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "setup_idp", - "view_tech_roles", "delete_certificates", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -844,22 +838,17 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "upload_certificates", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", - "view_dataspaces", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "unsubscribe_services", "view_apps", "modify_connectors", @@ -885,9 +874,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -897,22 +883,18 @@ "Cl2-CX-Portal": [ "view_documents", "view_membership", - "view_dataspaces", "update_own_user_account", - "filter_apps", "view_company_data", "view_notifications", "view_certificates", "view_service_marketplace", "view_service_offering", "delete_own_user_account", - "my_user_account", "view_own_user_account", "view_apps", "view_user_management", "view_subscription", "delete_notifications", - "view_services", "view_partner_network" ], "Cl3-CX-Semantic": [ @@ -956,9 +938,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -990,16 +969,17 @@ "attributes": {} }, { - "id": "39c00d2f-491f-4658-96ef-9f47920afea6", - "name": "upload_documents", + "id": "48c262f0-3f56-4bab-94d5-f3c30fb5d9f9", + "name": "upload_certificates", + "description": "", "composite": false, "clientRole": true, "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, { - "id": "48c262f0-3f56-4bab-94d5-f3c30fb5d9f9", - "name": "upload_certificates", + "id": "174783fa-1473-4921-8ac4-8d18703836b3", + "name": "send_mail", "description": "", "composite": false, "clientRole": true, @@ -1024,15 +1004,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "6e3d7bcf-7340-4def-bb76-8002acc73f95", - "name": "view_services", - "description": "view service marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "8d3a5c8d-d4dc-4aaa-8941-9cd38cd3906e", "name": "update_application_checklist_value", @@ -1077,15 +1048,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "8fe708e4-7870-4044-89eb-a74b8dc11a8e", - "name": "view_dataspaces", - "description": "View dataspace marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "b06c2999-6008-4fb6-a22f-93fdac150656", "name": "decline_app_release", @@ -1103,24 +1065,12 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "9f5b48bf-4fc2-4feb-8c4e-00b57f5f2bed", - "name": "filter_apps", - "description": "Users with this role can filter apps in the App Marketplace", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "765bced5-b422-4f91-b35f-19d648595e6a", "name": "Purchaser", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl5-CX-Custodian": [ "view_wallet" ], @@ -1129,7 +1079,6 @@ ], "Cl2-CX-Portal": [ "delete_certificates", - "subscribe_service_offering", "CX User", "unsubscribe_apps", "view_app_subscription", @@ -1153,6 +1102,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "8432f49c-8d6c-4b86-aebc-b259056037db", + "name": "update_application_membership_credential", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "f1231514-aa65-408a-bf0d-c9d6d210e99a", "name": "view_certificates", @@ -1167,11 +1125,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" - ], "Cl5-CX-Custodian": [ "delete_wallet", "add_wallet", @@ -1181,6 +1134,9 @@ "Cl1-CX-Registration": [ "view_registration" ], + "Cl24-CX-SSI-CredentialIssuer": [ + "decision_ssicredential" + ], "Cl2-CX-Portal": [ "decline_new_partner", "update_company_role", @@ -1188,7 +1144,6 @@ "delete_connectors", "update_service_offering", "invite_new_partner", - "setup_client", "view_app_subscription", "delete_documents", "app_management", @@ -1197,24 +1152,20 @@ "view_app_language", "modify_user_account", "view_autosetup_status", - "decision_ssicredential", "add_connectors", "view_own_user_account", "view_user_management", "view_idp", "add_apps", "add_tech_user_management", - "subscribe_service_offering", "update_own_user_account", "add_self_descriptions", "view_user_account", "view_service_subscriptions", "activate_subscription", "setup_idp", - "view_tech_roles", "view_client_roles", "subscribe_service", - "request_ssicredential", "delete_user_account", "view_subscription", "delete_notifications", @@ -1231,24 +1182,19 @@ "view_service_offering", "unsubscribe_apps", "disable_idp", - "upload_documents", "view_use_cases", "subscribe_apps", - "view_services", "add_idp", "delete_idp", "view_membership", "decline_service_release", - "view_dataspaces", "decline_app_release", "add_service_offering", - "filter_apps", "view_notifications", "view_certificates", "technical_roles_management", "delete_tech_user_management", "delete_own_user_account", - "my_user_account", "create_notifications", "edit_apps", "unsubscribe_services", @@ -1270,6 +1216,15 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, + { + "id": "dc88f8a9-654c-4a97-8339-d6ad5aae7256", + "name": "store_didDocument", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", + "attributes": {} + }, { "id": "92b5a061-8e54-4562-a86c-94c0bacef12d", "name": "technical_roles_management", @@ -1296,15 +1251,6 @@ "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "attributes": {} }, - { - "id": "99a8940c-0fbc-4f65-8134-4b598c3aabbc", - "name": "my_user_account", - "description": "view my own user account details", - "composite": false, - "clientRole": true, - "containerId": "e0806293-f9b3-44f1-a6d0-4e4406787f80", - "attributes": {} - }, { "id": "22b05ced-cd8e-4769-a368-b8266bf967ef", "name": "create_notifications", @@ -1434,57 +1380,87 @@ "sa-cl8-cx-1": [], "Cl7-CX-BPDM": [ { - "id": "b59a076b-07c5-42fa-b8d8-04a65f077226", - "name": "delete_company_data", + "id": "52df2421-b796-4b47-9b3f-7e0bc1cd785e", + "name": "read_metadata", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "a4829839-9df9-47c8-8eb0-57f4020000c3", - "name": "add_company_data", + "id": "b6f32a00-39ab-4074-89c2-ae43cb27936f", + "name": "read_changelog", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "d16779a5-03bd-4fbd-bf40-382c4348b205", - "name": "view_company_data", + "id": "43eaf830-14a0-4935-a4d2-0f0060ca1e65", + "name": "read_partner_member", + "description": "", "composite": false, "clientRole": true, "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} - } - ], - "technical_roles_management": [ + }, { - "id": "b5c9ff05-b0cf-414d-bd70-e38f8e4923cf", - "name": "BPDM Management", - "composite": true, - "composites": { - "client": { - "Cl7-CX-BPDM": [ - "delete_company_data", - "add_company_data", - "view_company_data" - ] - } - }, + "id": "063fdc97-a010-4b9f-a646-8182a401bb75", + "name": "write_metadata", + "description": "", + "composite": false, "clientRole": true, - "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", "attributes": {} }, { - "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", - "name": "CX Membership Info", + "id": "379d1ca0-7253-4277-82d8-143bacf84d56", + "name": "read_changelog_member", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "02fc3e0c-91c2-4b3c-acee-1fee157ea2b6", + "name": "write_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + }, + { + "id": "682935a7-cd27-4bb3-b369-78d248e6a558", + "name": "read_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "04cd6d38-674f-4588-980a-8f120bddcc44", + "attributes": {} + } + ], + "technical_roles_management": [ + { + "id": "bb22abe9-7a62-4861-b00e-617298017db9", + "name": "BPDM Sharing Admin", "description": "", "composite": true, "composites": { "client": { - "Cl2-CX-Portal": [ - "view_membership" + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "write_output_partner", + "read_output_changelog", + "read_stats", + "write_sharing_state", + "read_output_partner", + "write_input_partner", + "read_input_partner", + "read_sharing_state" ] } }, @@ -1493,14 +1469,17 @@ "attributes": {} }, { - "id": "4776c000-7232-4804-a133-aff0c01966ba", - "name": "Semantic Model Management", + "id": "1e3bef93-036c-44a8-b37a-04ca9effcfcb", + "name": "BPDM Sharing Input Consumer", "description": "", "composite": true, "composites": { "client": { - "Cl3-CX-Semantic": [ - "view_semantic_model" + "Cl16-CX-BPDMGate": [ + "read_input_changelog", + "read_stats", + "read_input_partner", + "read_sharing_state" ] } }, @@ -1509,13 +1488,14 @@ "attributes": {} }, { - "id": "20f2c41a-dacd-4505-877a-bb899066a767", - "name": "BPDM Pool", + "id": "0324b0ed-43c0-4493-ad4b-4f202e288df0", + "name": "CX Membership Info", + "description": "", "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" + "Cl2-CX-Portal": [ + "view_membership" ] } }, @@ -1524,16 +1504,14 @@ "attributes": {} }, { - "id": "162b2472-c940-4285-a662-e712501491dc", - "name": "BPDM Gate Read & Write", + "id": "4776c000-7232-4804-a133-aff0c01966ba", + "name": "Semantic Model Management", "description": "", "composite": true, "composites": { "client": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "Cl3-CX-Semantic": [ + "view_semantic_model" ] } }, @@ -1594,15 +1572,41 @@ "attributes": {} }, { - "id": "67ef1542-73d5-4179-8c4e-d4a297b8aad3", - "name": "BPDM Partner Gate", + "id": "97ac9e26-5db1-4b16-a7ef-a20473b7472d", + "name": "BPDM Sharing Input Manager", + "description": "", "composite": true, "composites": { "client": { "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" + "read_input_changelog", + "read_stats", + "write_sharing_state", + "write_input_partner", + "read_input_partner", + "read_sharing_state" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "21afd9a8-aecb-4383-9726-4e19f5ed4ed2", + "name": "BPDM Pool Admin", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "read_metadata", + "read_changelog", + "read_partner_member", + "write_metadata", + "read_changelog_member", + "write_partner", + "read_partner" ] } }, @@ -1611,14 +1615,35 @@ "attributes": {} }, { - "id": "ef1112fd-3e6d-4e73-8947-5a21fd38f760", - "name": "BPDM Gate Read", + "id": "50e20aeb-1dc7-464e-9a69-e48c34fa2078", + "name": "BPDM Sharing Output Consumer", "description": "", "composite": true, "composites": { "client": { "Cl16-CX-BPDMGate": [ - "view_company_data" + "read_output_changelog", + "read_stats", + "read_output_partner", + "read_sharing_state" + ] + } + }, + "clientRole": true, + "containerId": "6df310ed-500e-43d5-b510-fa4668e939ee", + "attributes": {} + }, + { + "id": "f456f008-49b1-40ea-ad89-61ad5470b5dc", + "name": "BPDM Pool Consumer", + "description": "", + "composite": true, + "composites": { + "client": { + "Cl7-CX-BPDM": [ + "read_metadata", + "read_changelog", + "read_changelog_member" ] } }, @@ -1865,33 +1890,90 @@ ], "Cl16-CX-BPDMGate": [ { - "id": "891e715a-7fdb-4dbe-a177-998a383ee836", - "name": "view_company_data", + "id": "913fa128-8614-49c9-9214-93958fc69758", + "name": "read_input_changelog", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "cf42a03f-20f7-4ff3-a898-e1a93bf03520", - "name": "update_company_data", + "id": "08009ffe-2058-4fcd-82ef-12ee52d86557", + "name": "write_output_partner", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} }, { - "id": "2a006c99-0790-4dd0-8b82-59c4fea1ce17", - "name": "view_shared_data", + "id": "39b49fc2-e48b-4653-97ce-43229b411691", + "name": "read_output_changelog", + "description": "", "composite": false, "clientRole": true, "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "attributes": {} - } - ], - "Cl5-CX-Custodian": [ + }, { - "id": "11c06d7d-8cab-42e8-b8bb-599940c61f2b", + "id": "8512daa5-2a72-49ce-a6e1-e05539a067ae", + "name": "read_stats", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "d28cdadc-e85f-432a-bd1f-a4350fa8b11a", + "name": "write_sharing_state", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "328fb08e-d257-442b-b8bd-da3b3fca85a0", + "name": "read_output_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "88712f3f-d043-4739-9645-e814bcef399f", + "name": "write_input_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "2c2dbbc9-3b33-4d40-9fa4-13b745134e43", + "name": "read_input_partner", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + }, + { + "id": "88edfd18-e528-4622-9152-8e848db2db7d", + "name": "read_sharing_state", + "description": "", + "composite": false, + "clientRole": true, + "containerId": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", + "attributes": {} + } + ], + "Cl5-CX-Custodian": [ + { + "id": "11c06d7d-8cab-42e8-b8bb-599940c61f2b", "name": "delete_wallet", "description": "User can delete his wallet", "composite": false, @@ -2019,9 +2101,6 @@ "composite": true, "composites": { "client": { - "Cl7-CX-BPDM": [ - "view_company_data" - ], "Cl1-CX-Registration": [ "add_company_data", "view_registration", @@ -2188,7 +2267,6 @@ } ], "sa-cl1-reg-2": [], - "sa-cl5-custodian-1": [], "sa-cl5-custodian-2": [], "account": [ { @@ -2311,10 +2389,11 @@ "otpPolicyPeriod": 30, "otpPolicyCodeReusable": false, "otpSupportedApplications": [ - "totpAppMicrosoftAuthenticatorName", "totpAppFreeOTPName", - "totpAppGoogleName" + "totpAppGoogleName", + "totpAppMicrosoftAuthenticatorName" ], + "localizationTexts": {}, "webAuthnPolicyRpEntityName": "keycloak", "webAuthnPolicySignatureAlgorithms": [ "ES256" @@ -2327,6 +2406,7 @@ "webAuthnPolicyCreateTimeout": 0, "webAuthnPolicyAvoidSameAuthenticatorRegister": false, "webAuthnPolicyAcceptableAaguids": [], + "webAuthnPolicyExtraOrigins": [], "webAuthnPolicyPasswordlessRpEntityName": "keycloak", "webAuthnPolicyPasswordlessSignatureAlgorithms": [ "ES256" @@ -2339,6 +2419,7 @@ "webAuthnPolicyPasswordlessCreateTimeout": 0, "webAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister": false, "webAuthnPolicyPasswordlessAcceptableAaguids": [], + "webAuthnPolicyPasswordlessExtraOrigins": [], "users": [ { "id" : "502dabcf-01c7-47d9-a88e-0be4279097b5", @@ -2451,6 +2532,53 @@ "notBefore": 0, "groups": [] }, + { + "id": "b2c10c26-2bd6-4181-bb79-b88aa4b250e7", + "createdTimestamp": 1712762229098, + "username": "service-account-sa-cl2-04", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-04", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl24-CX-SSI-CredentialIssuer": [ + "request_ssicredential", + "revoke_credential", + "revoke_credentials_issuer", + "view_use_case_participation", + "view_certificates", + "decision_ssicredential" + ] + }, + "notBefore": 0, + "groups": [] + }, + { + "id": "a548bfdc-232e-4cd7-8a66-2eab09e1b302", + "createdTimestamp": 1712764151096, + "username": "service-account-sa-cl2-05", + "enabled": true, + "totp": false, + "emailVerified": false, + "serviceAccountClientId": "sa-cl2-05", + "disableableCredentialTypes": [], + "requiredActions": [], + "realmRoles": [ + "default-roles-catena-x realm" + ], + "clientRoles": { + "Cl2-CX-Portal": [ + "store_didDocument" + ] + }, + "notBefore": 0, + "groups": [] + }, { "id": "319d6b7f-bd88-4103-8124-e8ac4c791acf", "createdTimestamp": 1681915810810, @@ -2508,49 +2636,40 @@ "groups": [] }, { - "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", - "createdTimestamp": 1658347753956, - "username": "service-account-sa-cl3-cx-1", + "id": "9c771d3f-236e-4319-9046-863b234834ea", + "createdTimestamp": 1712762697169, + "username": "service-account-sa-cl24-01", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl3-cx-1", - "attributes": { - "bpn": [ - "CAX0000000000001" - ] - }, + "serviceAccountClientId": "sa-cl24-01", "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "default-roles-catena-x realm" ], "clientRoles": { - "technical_roles_management": [ - "Semantic Model Management", - "Identity Wallet Management", - "Dataspace Discovery" - ], - "Cl3-CX-Semantic": [ - "delete_semantic_model", - "add_semantic_model", - "update_semantic_model" + "Cl2-CX-Portal": [ + "update_application_bpn_credential", + "create_notifications", + "send_mail", + "update_application_membership_credential" ] }, "notBefore": 0, "groups": [] }, { - "id": "6e9d388a-1a21-4196-8210-80e9a696ae87", - "createdTimestamp": 1651615151516, - "username": "service-account-sa-cl5-custodian-1", + "id": "965ae857-1e91-4e0b-bdb5-4efd1fc7ea9c", + "createdTimestamp": 1658347753956, + "username": "service-account-sa-cl3-cx-1", "enabled": true, "totp": false, "emailVerified": false, - "serviceAccountClientId": "sa-cl5-custodian-1", + "serviceAccountClientId": "sa-cl3-cx-1", "attributes": { "bpn": [ - "BPNL00000003CRHK" + "CAX0000000000001" ] }, "disableableCredentialTypes": [], @@ -2559,11 +2678,15 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl5-CX-Custodian": [ - "update_wallets", - "view_wallet", - "update_wallet", - "view_wallets" + "technical_roles_management": [ + "Semantic Model Management", + "Identity Wallet Management", + "Dataspace Discovery" + ], + "Cl3-CX-Semantic": [ + "delete_semantic_model", + "add_semantic_model", + "update_semantic_model" ] }, "notBefore": 0, @@ -2616,14 +2739,9 @@ "default-roles-catena-x realm" ], "clientRoles": { - "Cl16-CX-BPDMGate": [ - "view_company_data", - "update_company_data", - "view_shared_data" - ], - "Cl7-CX-BPDM": [ - "add_company_data", - "view_company_data" + "technical_roles_management": [ + "BPDM Sharing Admin", + "BPDM Pool Admin" ] }, "notBefore": 0, @@ -2690,25 +2808,6 @@ ] } ], - "Cl16-CX-BPDMGate": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "update_company_data", - "view_shared_data", - "view_company_data" - ] - } - ], - "Cl7-CX-BPDM": [ - { - "client": "sa-cl7-cx-5", - "roles": [ - "add_company_data", - "view_company_data" - ] - } - ], "technical_roles_management": [ { "client": "sa-cl3-cx-1", @@ -2717,18 +2816,16 @@ "Semantic Model Management", "Identity Wallet Management" ] - } - ], - "Cl5-CX-Custodian": [ + }, { - "client": "sa-cl5-custodian-1", + "client": "sa-cl7-cx-5", "roles": [ - "update_wallets", - "update_wallet", - "view_wallets", - "view_wallet" + "BPDM Pool Admin", + "BPDM Sharing Admin" ] - }, + } + ], + "Cl5-CX-Custodian": [ { "client": "sa-cl5-custodian-2", "roles": [ @@ -2743,6 +2840,19 @@ ] } ], + "Cl24-CX-SSI-CredentialIssuer": [ + { + "client": "sa-cl2-04", + "roles": [ + "revoke_credentials_issuer", + "view_use_case_participation", + "view_certificates", + "request_ssicredential", + "revoke_credential", + "decision_ssicredential" + ] + } + ], "account": [ { "client": "account-console", @@ -2766,6 +2876,21 @@ "update_application_checklist_value" ] }, + { + "client": "sa-cl2-05", + "roles": [ + "store_didDocument" + ] + }, + { + "client": "sa-cl24-01", + "roles": [ + "send_mail", + "create_notifications", + "update_application_membership_credential", + "update_application_bpn_credential" + ] + }, { "client": "sa-cl8-cx-1", "roles": [ @@ -3025,6 +3150,11 @@ { "id": "52f90723-b4c1-44c3-bef2-fd8ebe59ae6c", "clientId": "Cl16-CX-BPDMGate", + "name": "", + "description": " Portal Gate", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -3387,6 +3517,57 @@ "microprofile-jwt" ] }, + { + "id": "60306526-b937-4244-ac89-cc1283c8ed74", + "clientId": "Cl24-CX-SSI-CredentialIssuer", + "name": "", + "description": "Client for SSI Credential Issuer", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": true, + "protocol": "openid-connect", + "attributes": { + "oidc.ciba.grant.enabled": "false", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.session.required": "true", + "backchannel.logout.revoke.offline.tokens": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "defaultClientScopes": [ + "web-origins", + "acr", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, { "id": "e0806293-f9b3-44f1-a6d0-4e4406787f80", "clientId": "Cl2-CX-Portal", @@ -3687,6 +3868,11 @@ { "id": "04cd6d38-674f-4588-980a-8f120bddcc44", "clientId": "Cl7-CX-BPDM", + "name": "", + "description": " BPDM Pool", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -3851,12 +4037,230 @@ "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "clientHost", + "jsonType.label": "String" + } + }, + { + "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", + "clientId": "sa-cl2-01", + "description": "Technical User Clearinghouse update application", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "require.pushed.authorization.requests": "false", + "saml.client.signature": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", + "jsonType.label": "String" + } + }, + { + "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "name": "Client ID", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "client_id", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "client_id", + "jsonType.label": "String" + } + }, + { + "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", + "name": "Client Host", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientHost", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientHost", + "jsonType.label": "String" + } + } + ], + "defaultClientScopes": [ + "web-origins", + "roles", + "profile", + "email" + ], + "optionalClientScopes": [ + "address", + "phone", + "offline_access", + "microprofile-jwt" + ] + }, + { + "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", + "clientId": "sa-cl2-02", + "description": "Technical User SelfDescription (SD) update application", + "surrogateAuthRequired": false, + "enabled": true, + "alwaysDisplayInConsole": false, + "clientAuthenticatorType": "client-secret", + "secret": "**********", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": true, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "id.token.as.detached.signature": "false", + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "post.logout.redirect.uris": "+", + "oauth2.device.authorization.grant.enabled": "false", + "backchannel.logout.revoke.offline.tokens": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "use.refresh.tokens": "true", + "exclude.session.state.from.auth.response": "false", + "oidc.ciba.grant.enabled": "false", + "saml.artifact.binding": "false", + "backchannel.logout.session.required": "true", + "client_credentials.use_refresh_token": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "require.pushed.authorization.requests": "false", + "tls.client.certificate.bound.access.tokens": "false", + "saml.authnstatement": "false", + "display.on.consent.screen": "false", + "saml.onetimeuse.condition": "false" + }, + "authenticationFlowBindingOverrides": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "name": "Client IP Address", + "protocol": "openid-connect", + "protocolMapper": "oidc-usersessionmodel-note-mapper", + "consentRequired": false, + "config": { + "user.session.note": "clientAddress", + "userinfo.token.claim": "true", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "dcd989ce-2636-4d01-ba95-0fa20e02383f", + "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -3871,17 +4275,17 @@ } }, { - "id": "9d83df9b-abf7-4504-aac4-e7966f8a877c", - "name": "Client IP Address", + "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", + "user.session.note": "clientHost", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } } @@ -3900,9 +4304,9 @@ ] }, { - "id": "6bf6f4e5-562c-4382-945f-e5fef59423e2", - "clientId": "sa-cl2-01", - "description": "Technical User Clearinghouse update application", + "id": "cad1382b-0dd4-4ac7-8183-1c08386c84e8", + "clientId": "sa-cl2-03", + "description": "Technical User AutoSetup trigger - Portal to Vendor Autosetup (portal helm chart: backend.processesworker.offerprovider.clientId)", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -3950,7 +4354,7 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "9a62e6ee-4e3c-4cb9-81b7-53e8dfbdd210", + "id": "f57ed439-7c35-4a6c-a097-aa750249c442", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -3965,7 +4369,7 @@ } }, { - "id": "b0d195d1-f5be-4249-ac88-133fcf138f4d", + "id": "ea42e697-8fa8-4359-b342-715683a67a15", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -3980,7 +4384,7 @@ } }, { - "id": "6920d343-be3f-4e3b-9330-841521ff4a2c", + "id": "743f3d13-5eb1-4fd7-a092-019c052f5db0", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -4009,16 +4413,24 @@ ] }, { - "id": "2d19b59b-4970-4cc0-a561-a9dac9d49045", - "clientId": "sa-cl2-02", - "description": "Technical User SelfDescription (SD) update application", + "id": "aa736d92-8ab7-428a-b9f8-d7ef1c02a36a", + "clientId": "sa-cl2-04", + "name": "", + "description": "Technical User SSI Credential Issuer - Portal to SSI Credential Issuer (portal helm chart: backend.processesworker.issuerComponent.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4027,46 +4439,29 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712762229", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "saml.client.signature": "false", - "require.pushed.authorization.requests": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", + "oauth2.device.authorization.grant.enabled": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "89fa847a-3f52-4ea3-a09b-5f3552cabccd", + "id": "d33b18c2-4848-4883-a2bc-1a24a689b658", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -4074,14 +4469,14 @@ } }, { - "id": "6c3d92dd-e8db-4ecd-a819-bd2d64f73f6c", + "id": "53adca2a-f30d-46d8-b39e-11b1102641f2", "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "client_id", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "client_id", @@ -4089,14 +4484,14 @@ } }, { - "id": "25202b04-d387-45ae-a285-a40d4eaa5b8c", + "id": "fbaf8306-4b29-45bc-9175-dfc496d9ccd5", "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientHost", @@ -4106,6 +4501,7 @@ ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -4118,16 +4514,24 @@ ] }, { - "id": "cad1382b-0dd4-4ac7-8183-1c08386c84e8", - "clientId": "sa-cl2-03", - "description": "Technical User AutoSetup trigger - Portal to Vendor Autosetup (portal helm chart: backend.processesworker.offerprovider.clientId)", + "id": "04b94188-8879-4358-b9c0-1337d761dfb1", + "clientId": "sa-cl2-05", + "name": "", + "description": "Technical User Dim Layer - Dim Layer to Portal (dim helm chart: processesworker.callback.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", - "redirectUris": [], - "webOrigins": [], + "redirectUris": [ + "/*" + ], + "webOrigins": [ + "/*" + ], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4136,85 +4540,68 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "oauth2.device.authorization.grant.enabled": "false", + "client.secret.creation.time": "1712764151", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", - "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "f57ed439-7c35-4a6c-a097-aa750249c442", - "name": "Client IP Address", + "id": "519ad98b-ae9d-461e-8fb1-982d77515c2c", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientAddress", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "ea42e697-8fa8-4359-b342-715683a67a15", - "name": "Client ID", + "id": "5e256bb8-1ffa-42b8-b2fb-41a1e015f732", + "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientAddress", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientAddress", "jsonType.label": "String" } }, { - "id": "743f3d13-5eb1-4fd7-a092-019c052f5db0", - "name": "Client Host", + "id": "1b16d7c2-8ae2-4899-9c9c-f77e89e1fd18", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -4475,18 +4862,24 @@ ] }, { - "id": "7beaee76-d447-4531-9433-fd9ce19d1460", - "clientId": "sa-cl3-cx-1", - "name": "Technical User CX internal - communication GitHub and Semantic Hub", + "id": "7278c4a3-539b-4ec5-8bdd-ba2eb55c2e83", + "clientId": "sa-cl24-01", + "name": "", + "description": "Technical User for SSI Credential Issuer (credential issuer helm chart: processesworker.portal.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, "clientAuthenticatorType": "client-secret", "secret": "**********", "redirectUris": [ - "*" + "/*" + ], + "webOrigins": [ + "/*" ], - "webOrigins": [], "notBefore": 0, "bearerOnly": false, "consentRequired": false, @@ -4495,75 +4888,44 @@ "directAccessGrantsEnabled": false, "serviceAccountsEnabled": true, "publicClient": false, - "frontchannelLogout": false, + "frontchannelLogout": true, "protocol": "openid-connect", "attributes": { - "id.token.as.detached.signature": "false", - "saml.assertion.signature": "false", - "saml.force.post.binding": "false", - "saml.multivalued.roles": "false", - "saml.encrypt": "false", - "post.logout.redirect.uris": "+", - "oauth2.device.authorization.grant.enabled": "false", - "backchannel.logout.revoke.offline.tokens": "false", - "saml.server.signature": "false", - "saml.server.signature.keyinfo.ext": "false", - "use.refresh.tokens": "true", - "exclude.session.state.from.auth.response": "false", "oidc.ciba.grant.enabled": "false", - "saml.artifact.binding": "false", + "client.secret.creation.time": "1712762671", "backchannel.logout.session.required": "true", - "client_credentials.use_refresh_token": "false", - "saml_force_name_id_format": "false", - "require.pushed.authorization.requests": "false", - "saml.client.signature": "false", - "tls.client.certificate.bound.access.tokens": "false", - "saml.authnstatement": "false", + "oauth2.device.authorization.grant.enabled": "false", "display.on.consent.screen": "false", - "saml.onetimeuse.condition": "false" + "backchannel.logout.revoke.offline.tokens": "false" }, "authenticationFlowBindingOverrides": {}, "fullScopeAllowed": false, "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "702c92a9-9f89-4130-9d37-c1620529ca13", - "name": "BPN", - "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", - "consentRequired": false, - "config": { - "user.attribute": "bpn", - "id.token.claim": "true", - "access.token.claim": "true", - "claim.name": "bpn", - "userinfo.token.claim": "true" - } - }, - { - "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", - "name": "Client ID", + "id": "452b40a8-0662-4039-8f30-c8b0e5e0e0a7", + "name": "Client Host", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.session.note": "clientHost", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", + "claim.name": "clientHost", "jsonType.label": "String" } }, { - "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", + "id": "eb60d2ec-5147-4cf3-aa57-74399be1cb2a", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { "user.session.note": "clientAddress", - "userinfo.token.claim": "true", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", "claim.name": "clientAddress", @@ -4571,23 +4933,24 @@ } }, { - "id": "8e82412f-7088-4562-81f2-35b85f1859f5", - "name": "Client Host", + "id": "5c3664df-0b87-4fbd-a8d6-b8cca657d46e", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", - "userinfo.token.claim": "true", + "user.session.note": "client_id", + "introspection.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", + "acr", "roles", "profile", "email" @@ -4600,9 +4963,9 @@ ] }, { - "id": "dab9dd17-0d31-46c7-b313-aca61225dcd1", - "clientId": "sa-cl5-custodian-1", - "description": "Technical User for SD Hub Call to Custodian for SD signature", + "id": "7beaee76-d447-4531-9433-fd9ce19d1460", + "clientId": "sa-cl3-cx-1", + "name": "Technical User CX internal - communication GitHub and Semantic Hub", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -4652,37 +5015,36 @@ "nodeReRegistrationTimeout": -1, "protocolMappers": [ { - "id": "30897db9-574e-49ee-b968-ede77a6baf67", - "name": "Client ID", + "id": "702c92a9-9f89-4130-9d37-c1620529ca13", + "name": "BPN", "protocol": "openid-connect", - "protocolMapper": "oidc-usersessionmodel-note-mapper", + "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { - "user.session.note": "client_id", - "userinfo.token.claim": "true", + "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "client_id", - "jsonType.label": "String" + "claim.name": "bpn", + "userinfo.token.claim": "true" } }, { - "id": "00879247-75ce-491f-abed-52a6a810f685", - "name": "Client Host", + "id": "b5ba389e-26b0-452f-b784-ea1492cf4a0a", + "name": "Client ID", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { - "user.session.note": "clientHost", + "user.session.note": "client_id", "userinfo.token.claim": "true", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "clientHost", + "claim.name": "client_id", "jsonType.label": "String" } }, { - "id": "bb69e2e4-312f-4447-946f-b51f3c7184c2", + "id": "ef10553b-3bf7-46fe-910a-1bf8d7c74595", "name": "Client IP Address", "protocol": "openid-connect", "protocolMapper": "oidc-usersessionmodel-note-mapper", @@ -4697,33 +5059,42 @@ } }, { - "id": "0c387b1e-5a80-47c8-82f5-693e3af79425", - "name": "BPN", + "id": "8e82412f-7088-4562-81f2-35b85f1859f5", + "name": "Client Host", "protocol": "openid-connect", - "protocolMapper": "oidc-usermodel-attribute-mapper", + "protocolMapper": "oidc-usersessionmodel-note-mapper", "consentRequired": false, "config": { + "user.session.note": "clientHost", "userinfo.token.claim": "true", - "user.attribute": "bpn", "id.token.claim": "true", "access.token.claim": "true", - "claim.name": "bpn", + "claim.name": "clientHost", "jsonType.label": "String" } } ], "defaultClientScopes": [ "web-origins", - "roles" + "roles", + "profile", + "email" ], "optionalClientScopes": [ + "address", + "phone", + "offline_access", "microprofile-jwt" ] }, { "id": "50fa6455-a775-4683-b407-57a33a9b9f3b", "clientId": "sa-cl5-custodian-2", - "description": "Technical User for Portal to call Custodian Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "name": "", + "description": "Technical User for Portal to call Managed Identity Wallet (portal helm chart: backend.processesworker.custodian.clientId)", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "", "surrogateAuthRequired": false, "enabled": true, "alwaysDisplayInConsole": false, @@ -6769,14 +7140,6 @@ "autheticatorFlow": false, "userSetupAllowed": false }, - { - "authenticator": "registration-profile-action", - "authenticatorFlow": false, - "requirement": "REQUIRED", - "priority": 40, - "autheticatorFlow": false, - "userSetupAllowed": false - }, { "authenticator": "registration-password-action", "authenticatorFlow": false,