{ "id": "tos", "realm": "tOS", "displayName": "tOS - Enterprise Web Operating System", "displayNameHtml": "tOS Enterprise", "enabled": true, "sslRequired": "external", "registrationAllowed": false, "rememberMe": true, "verifyEmail": false, "loginWithEmailAllowed": true, "duplicateEmailsAllowed": false, "resetPasswordAllowed": true, "bruteForceProtected": true, "permanentLockout": false, "maxFailureWaitSeconds": 900, "failureFactor": 5, "defaultSignatureAlgorithm": "RS256", "accessTokenLifespan": 300, "ssoSessionIdleTimeout": 1800, "ssoSessionMaxLifespan": 36000, "roles": { "realm": [ { "name": "admin", "description": "Full administrative access to all tOS features", "composite": true, "composites": { "realm": ["hr-manager", "manager", "department_head", "team-lead", "employee"] } }, { "name": "hr-manager", "description": "HR management with access to employee data, absences, and time tracking", "composite": true, "composites": { "realm": ["employee"] } }, { "name": "manager", "description": "Management access with cross-department visibility", "composite": true, "composites": { "realm": ["department_head", "employee"] } }, { "name": "department_head", "description": "Department lead with team management capabilities", "composite": true, "composites": { "realm": ["team-lead", "employee"] } }, { "name": "team-lead", "description": "Team lead with direct reports management", "composite": true, "composites": { "realm": ["employee"] } }, { "name": "employee", "description": "Standard employee access to basic features", "composite": false } ] }, "groups": [ { "name": "Administrators", "path": "/Administrators", "realmRoles": ["admin"] }, { "name": "Management", "path": "/Management", "realmRoles": ["manager"] }, { "name": "Departments", "path": "/Departments", "subGroups": [ { "name": "Sales", "path": "/Departments/Sales", "realmRoles": ["employee"] }, { "name": "Accounting", "path": "/Departments/Accounting", "realmRoles": ["employee"] }, { "name": "Warehouse", "path": "/Departments/Warehouse", "realmRoles": ["employee"] }, { "name": "Logistics", "path": "/Departments/Logistics", "realmRoles": ["employee"] }, { "name": "Engineering", "path": "/Departments/Engineering", "realmRoles": ["employee"] }, { "name": "IT", "path": "/Departments/IT", "realmRoles": ["employee"] }, { "name": "Executive", "path": "/Departments/Executive", "realmRoles": ["manager"] }, { "name": "Executive-Assistant", "path": "/Departments/Executive-Assistant", "realmRoles": ["employee"] }, { "name": "HR", "path": "/Departments/HR", "realmRoles": ["employee"] }, { "name": "Procurement", "path": "/Departments/Procurement", "realmRoles": ["employee"] } ] } ], "clients": [ { "clientId": "tos-frontend", "name": "tOS Frontend Application", "enabled": true, "publicClient": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "protocol": "openid-connect", "secret": "${KEYCLOAK_FRONTEND_CLIENT_SECRET:-tos-frontend-secret-CHANGE-IN-PRODUCTION}", "rootUrl": "http://localhost:3000", "baseUrl": "http://localhost:3000", "redirectUris": ["http://localhost:3000/*", "http://127.0.0.1:3000/*"], "webOrigins": ["http://localhost:3000", "http://127.0.0.1:3000"], "attributes": { "pkce.code.challenge.method": "S256", "post.logout.redirect.uris": "http://localhost:3000/*" }, "defaultClientScopes": ["web-origins", "acr", "profile", "roles", "email"] }, { "clientId": "tos-backend", "name": "tOS Backend API", "enabled": true, "publicClient": false, "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": true, "protocol": "openid-connect", "secret": "${KEYCLOAK_BACKEND_CLIENT_SECRET:-tos-backend-secret-CHANGE-IN-PRODUCTION}", "rootUrl": "http://localhost:3001", "baseUrl": "http://localhost:3001", "redirectUris": ["http://localhost:3001/*"], "webOrigins": ["http://localhost:3001"], "defaultClientScopes": ["web-origins", "acr", "profile", "roles", "email"] } ], "users": [ { "username": "admin", "email": "admin@tos.local", "emailVerified": true, "enabled": true, "firstName": "System", "lastName": "Administrator", "credentials": [{ "type": "password", "value": "admin123", "temporary": true }], "realmRoles": ["admin"], "groups": ["/Administrators"] }, { "username": "manager", "email": "manager@tos.local", "emailVerified": true, "enabled": true, "firstName": "Max", "lastName": "Manager", "credentials": [{ "type": "password", "value": "manager123", "temporary": true }], "realmRoles": ["manager"], "groups": ["/Management"] }, { "username": "depthead", "email": "depthead@tos.local", "emailVerified": true, "enabled": true, "firstName": "Diana", "lastName": "DepartmentHead", "credentials": [{ "type": "password", "value": "depthead123", "temporary": true }], "realmRoles": ["department_head"], "groups": ["/Departments/IT"] }, { "username": "employee", "email": "employee@tos.local", "emailVerified": true, "enabled": true, "firstName": "Eva", "lastName": "Employee", "credentials": [{ "type": "password", "value": "employee123", "temporary": true }], "realmRoles": ["employee"], "groups": ["/Departments/IT"] }, { "username": "hrmanager", "email": "hrmanager@tos.local", "emailVerified": true, "enabled": true, "firstName": "Hannah", "lastName": "HRManager", "credentials": [{ "type": "password", "value": "hrmanager123", "temporary": true }], "realmRoles": ["hr-manager"], "groups": ["/Departments/HR"] }, { "username": "teamlead", "email": "teamlead@tos.local", "emailVerified": true, "enabled": true, "firstName": "Tim", "lastName": "TeamLead", "credentials": [{ "type": "password", "value": "teamlead123", "temporary": true }], "realmRoles": ["team-lead"], "groups": ["/Departments/Engineering"] } ], "internationalizationEnabled": true, "supportedLocales": ["de", "en"], "defaultLocale": "de" }