{ "id": "certifai", "realm": "certifai", "displayName": "CERTifAI", "enabled": true, "sslRequired": "none", "registrationAllowed": true, "registrationEmailAsUsername": true, "loginWithEmailAllowed": true, "duplicateEmailsAllowed": false, "resetPasswordAllowed": true, "loginTheme": "certifai", "editUsernameAllowed": false, "bruteForceProtected": true, "permanentLockout": false, "maxFailureWaitSeconds": 900, "minimumQuickLoginWaitSeconds": 60, "waitIncrementSeconds": 60, "quickLoginCheckMilliSeconds": 1000, "maxDeltaTimeSeconds": 43200, "failureFactor": 5, "defaultSignatureAlgorithm": "RS256", "accessTokenLifespan": 300, "ssoSessionIdleTimeout": 1800, "ssoSessionMaxLifespan": 36000, "offlineSessionIdleTimeout": 2592000, "accessCodeLifespan": 60, "accessCodeLifespanUserAction": 300, "accessCodeLifespanLogin": 1800, "roles": { "realm": [ { "name": "admin", "description": "CERTifAI administrator with full access", "composite": false, "clientRole": false }, { "name": "user", "description": "Standard CERTifAI user", "composite": false, "clientRole": false } ] }, "defaultRoles": [ "user" ], "clients": [ { "clientId": "certifai-dashboard", "name": "CERTifAI Dashboard", "description": "CERTifAI administration dashboard", "enabled": true, "publicClient": true, "directAccessGrantsEnabled": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "serviceAccountsEnabled": false, "protocol": "openid-connect", "rootUrl": "http://localhost:8000", "baseUrl": "http://localhost:8000", "redirectUris": [ "http://localhost:8000/auth/callback" ], "webOrigins": [ "http://localhost:8000" ], "attributes": { "post.logout.redirect.uris": "http://localhost:8000", "pkce.code.challenge.method": "S256" }, "defaultClientScopes": [ "openid", "profile", "email" ], "optionalClientScopes": [ "offline_access" ] }, { "clientId": "certifai-langfuse", "name": "CERTifAI Langfuse", "description": "Langfuse OIDC client for CERTifAI", "enabled": true, "publicClient": false, "directAccessGrantsEnabled": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "serviceAccountsEnabled": false, "protocol": "openid-connect", "secret": "certifai-langfuse-secret", "rootUrl": "http://localhost:3000", "baseUrl": "http://localhost:3000", "redirectUris": [ "http://localhost:3000/*" ], "webOrigins": [ "http://localhost:3000", "http://localhost:8000" ], "attributes": { "post.logout.redirect.uris": "http://localhost:3000" }, "defaultClientScopes": [ "openid", "profile", "email" ], "optionalClientScopes": [ "offline_access" ] }, { "clientId": "certifai-librechat", "name": "CERTifAI Chat", "description": "LibreChat OIDC client for CERTifAI", "enabled": true, "publicClient": false, "directAccessGrantsEnabled": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "serviceAccountsEnabled": false, "protocol": "openid-connect", "secret": "certifai-librechat-secret", "rootUrl": "http://localhost:3080", "baseUrl": "http://localhost:3080", "redirectUris": [ "http://localhost:3080/*" ], "webOrigins": [ "http://localhost:3080", "http://localhost:8000" ], "attributes": { "post.logout.redirect.uris": "http://localhost:3080" }, "defaultClientScopes": [ "openid", "profile", "email" ], "optionalClientScopes": [ "offline_access" ] } ], "clientScopes": [ { "name": "openid", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "display.on.consent.screen": "false" }, "protocolMappers": [ { "name": "sub", "protocol": "openid-connect", "protocolMapper": "oidc-sub-mapper", "consentRequired": false, "config": { "id.token.claim": "true", "access.token.claim": "true" } } ] }, { "name": "profile", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "display.on.consent.screen": "true", "consent.screen.text": "User profile information" }, "protocolMappers": [ { "name": "full name", "protocol": "openid-connect", "protocolMapper": "oidc-full-name-mapper", "consentRequired": false, "config": { "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true" } }, { "name": "given name", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "user.attribute": "firstName", "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true", "claim.name": "given_name", "jsonType.label": "String" } }, { "name": "family name", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "user.attribute": "lastName", "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true", "claim.name": "family_name", "jsonType.label": "String" } }, { "name": "picture", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "user.attribute": "picture", "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true", "claim.name": "picture", "jsonType.label": "String" } } ] }, { "name": "email", "protocol": "openid-connect", "attributes": { "include.in.token.scope": "true", "display.on.consent.screen": "true", "consent.screen.text": "Email address" }, "protocolMappers": [ { "name": "email", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "user.attribute": "email", "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true", "claim.name": "email", "jsonType.label": "String" } }, { "name": "email verified", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "consentRequired": false, "config": { "user.attribute": "emailVerified", "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true", "claim.name": "email_verified", "jsonType.label": "boolean" } } ] } ], "users": [ { "username": "admin@certifai.local", "email": "admin@certifai.local", "firstName": "Admin", "lastName": "User", "enabled": true, "emailVerified": true, "credentials": [ { "type": "password", "value": "admin", "temporary": false } ], "realmRoles": [ "admin", "user" ] }, { "username": "user@certifai.local", "email": "user@certifai.local", "firstName": "Test", "lastName": "User", "enabled": true, "emailVerified": true, "credentials": [ { "type": "password", "value": "user", "temporary": false } ], "realmRoles": [ "user" ] } ] }