{ "realm": "holzleitner", "enabled": true, "sslRequired": "none", "registrationAllowed": false, "loginWithEmailAllowed": true, "duplicateEmailsAllowed": false, "resetPasswordAllowed": false, "editUsernameAllowed": false, "bruteForceProtected": true, "accessTokenLifespan": 1800, "ssoSessionIdleTimeout": 1800, "ssoSessionMaxLifespan": 36000, "roles": { "realm": [ { "name": "driver", "description": "Lieferfahrer — darf Touren laden, scannen und abschließen." } ] }, "users": [ { "username": "testfahrer", "enabled": true, "emailVerified": true, "firstName": "Test", "lastName": "Fahrer", "email": "test@example.com", "credentials": [ { "type": "password", "value": "test", "temporary": false } ], "realmRoles": ["driver"], "attributes": { "personalnummer": ["1001"] } } ], "clients": [ { "clientId": "holzleitner-app", "name": "Holzleitner Mobile App", "description": "Public Client für die Flutter-App (Authorization Code + PKCE und Direct Access Grants im Dev).", "enabled": true, "publicClient": true, "standardFlowEnabled": true, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": false, "implicitFlowEnabled": false, "redirectUris": [ "http://localhost:*", "holzleitner://*" ], "webOrigins": ["+"], "attributes": { "post.logout.redirect.uris": "+", "pkce.code.challenge.method": "S256" }, "protocolMappers": [ { "name": "audience-holzleitner-api", "protocol": "openid-connect", "protocolMapper": "oidc-audience-mapper", "config": { "included.client.audience": "holzleitner-api", "id.token.claim": "false", "access.token.claim": "true", "introspection.token.claim": "true" } }, { "name": "personalnummer", "protocol": "openid-connect", "protocolMapper": "oidc-usermodel-attribute-mapper", "config": { "user.attribute": "personalnummer", "claim.name": "personalnummer", "jsonType.label": "long", "id.token.claim": "true", "access.token.claim": "true", "userinfo.token.claim": "true", "introspection.token.claim": "true" } } ] } ] }