Class: KeycloakClientConfig
Configuration for a Keycloak OIDC client. The operator creates and manages these in Keycloak for project services.
URI: cr8tor_metamodel:KeycloakClientConfig
classDiagram
class KeycloakClientConfig
click KeycloakClientConfig href "../KeycloakClientConfig/"
KeycloakClientConfig : client_id
KeycloakClientConfig : default_client_scopes
KeycloakClientConfig : enabled
KeycloakClientConfig : name
KeycloakClientConfig : optional_client_scopes
KeycloakClientConfig : protocol
KeycloakClientConfig : protocol_mappers
KeycloakClientConfig --> "*" ProtocolMapper : protocol_mappers
click ProtocolMapper href "../ProtocolMapper/"
KeycloakClientConfig : public_client
KeycloakClientConfig : redirect_uris
KeycloakClientConfig : secret
KeycloakClientConfig : secret_ref
KeycloakClientConfig --> "0..1" SecretRef : secret_ref
click SecretRef href "../SecretRef/"
KeycloakClientConfig : web_origins
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| client_id | 1 String |
Unique Keycloak client identifier | direct |
| name | 0..1 String |
client name shown in Keycloak admin console | direct |
| secret | 0..1 String |
Client secret | direct |
| secret_ref | 0..1 SecretRef |
Reference to a k8s Secret containing the client secret | direct |
| enabled | 0..1 Boolean |
Whether the client is enabled | direct |
| public_client | 0..1 Boolean |
Whether this is a public client | direct |
| redirect_uris | * Uri |
Valid redirect URIs after authentication | direct |
| web_origins | * String |
Allowed web origins for CORS | direct |
| protocol | 0..1 String |
Authentication protocol | direct |
| default_client_scopes | * String |
Default client scopes | direct |
| optional_client_scopes | * String |
Optional client scopes | direct |
| protocol_mappers | * ProtocolMapper |
OIDC protocol mappers | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| Keycloak | clients | range | KeycloakClientConfig |
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/karectl-crates/cr8tor-metamodel
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | cr8tor_metamodel:KeycloakClientConfig |
| native | cr8tor_metamodel:KeycloakClientConfig |
LinkML Source
Direct
name: KeycloakClientConfig
description: Configuration for a Keycloak OIDC client. The operator creates and manages
these in Keycloak for project services.
from_schema: https://w3id.org/karectl-crates/cr8tor-metamodel
attributes:
client_id:
name: client_id
description: Unique Keycloak client identifier.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
domain_of:
- KeycloakClientConfig
range: string
required: true
name:
name: name
description: client name shown in Keycloak admin console.
from_schema: https://w3id.org/karectl-crates/deployment-model
domain_of:
- Project
- Action
- Source
- Dataset
- Table
- Column
- Resource
- Environment
- KeycloakClientConfig
- SecretRef
- ProtocolMapper
- EnvironmentVariable
range: string
required: false
secret:
name: secret
description: Client secret.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
domain_of:
- KeycloakClientConfig
range: string
required: false
secret_ref:
name: secret_ref
description: Reference to a k8s Secret containing the client secret.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
domain_of:
- KeycloakClientConfig
range: SecretRef
required: false
inlined: true
enabled:
name: enabled
description: Whether the client is enabled.
from_schema: https://w3id.org/karectl-crates/deployment-model
ifabsent: 'true'
domain_of:
- User
- Resource
- KeycloakClientConfig
range: boolean
required: false
public_client:
name: public_client
description: Whether this is a public client.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
ifabsent: 'false'
domain_of:
- KeycloakClientConfig
range: boolean
required: false
redirect_uris:
name: redirect_uris
description: Valid redirect URIs after authentication.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
domain_of:
- KeycloakClientConfig
range: uri
multivalued: true
inlined: true
inlined_as_list: true
web_origins:
name: web_origins
description: Allowed web origins for CORS.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
domain_of:
- KeycloakClientConfig
range: string
multivalued: true
inlined: true
inlined_as_list: true
protocol:
name: protocol
description: Authentication protocol.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
ifabsent: string(openid-connect)
domain_of:
- KeycloakClientConfig
range: string
required: false
default_client_scopes:
name: default_client_scopes
description: Default client scopes.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
domain_of:
- KeycloakClientConfig
range: string
multivalued: true
inlined: true
inlined_as_list: true
optional_client_scopes:
name: optional_client_scopes
description: Optional client scopes.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
domain_of:
- KeycloakClientConfig
range: string
multivalued: true
inlined: true
inlined_as_list: true
protocol_mappers:
name: protocol_mappers
description: OIDC protocol mappers.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
domain_of:
- KeycloakClientConfig
range: ProtocolMapper
multivalued: true
inlined: true
inlined_as_list: true
Induced
name: KeycloakClientConfig
description: Configuration for a Keycloak OIDC client. The operator creates and manages
these in Keycloak for project services.
from_schema: https://w3id.org/karectl-crates/cr8tor-metamodel
attributes:
client_id:
name: client_id
description: Unique Keycloak client identifier.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
alias: client_id
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: string
required: true
name:
name: name
description: client name shown in Keycloak admin console.
from_schema: https://w3id.org/karectl-crates/deployment-model
alias: name
owner: KeycloakClientConfig
domain_of:
- Project
- Action
- Source
- Dataset
- Table
- Column
- Resource
- Environment
- KeycloakClientConfig
- SecretRef
- ProtocolMapper
- EnvironmentVariable
range: string
required: false
secret:
name: secret
description: Client secret.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
alias: secret
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: string
required: false
secret_ref:
name: secret_ref
description: Reference to a k8s Secret containing the client secret.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
alias: secret_ref
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: SecretRef
required: false
inlined: true
enabled:
name: enabled
description: Whether the client is enabled.
from_schema: https://w3id.org/karectl-crates/deployment-model
ifabsent: 'true'
alias: enabled
owner: KeycloakClientConfig
domain_of:
- User
- Resource
- KeycloakClientConfig
range: boolean
required: false
public_client:
name: public_client
description: Whether this is a public client.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
ifabsent: 'false'
alias: public_client
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: boolean
required: false
redirect_uris:
name: redirect_uris
description: Valid redirect URIs after authentication.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
alias: redirect_uris
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: uri
multivalued: true
inlined: true
inlined_as_list: true
web_origins:
name: web_origins
description: Allowed web origins for CORS.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
alias: web_origins
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: string
multivalued: true
inlined: true
inlined_as_list: true
protocol:
name: protocol
description: Authentication protocol.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
ifabsent: string(openid-connect)
alias: protocol
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: string
required: false
default_client_scopes:
name: default_client_scopes
description: Default client scopes.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
alias: default_client_scopes
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: string
multivalued: true
inlined: true
inlined_as_list: true
optional_client_scopes:
name: optional_client_scopes
description: Optional client scopes.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
alias: optional_client_scopes
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: string
multivalued: true
inlined: true
inlined_as_list: true
protocol_mappers:
name: protocol_mappers
description: OIDC protocol mappers.
from_schema: https://w3id.org/karectl-crates/deployment-model
rank: 1000
alias: protocol_mappers
owner: KeycloakClientConfig
domain_of:
- KeycloakClientConfig
range: ProtocolMapper
multivalued: true
inlined: true
inlined_as_list: true