keycloak-operator/config/crd/bases/keycloak.bitmask.me_keycloakclients.yaml

159 lines
6 KiB
YAML
Raw Permalink Normal View History

2021-01-10 23:53:43 +01:00
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: keycloakclients.keycloak.bitmask.me
spec:
group: keycloak.bitmask.me
names:
kind: KeycloakClient
listKind: KeycloakClientList
plural: keycloakclients
singular: keycloakclient
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: KeycloakClient is the Schema for the keycloakclients API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: KeycloakClientSpec defines the desired state of KeycloakClient
properties:
2021-01-11 04:21:29 +01:00
adminUrl:
description: URL to the admin interface of the client
2021-01-10 23:53:43 +01:00
type: string
2021-01-11 04:21:29 +01:00
baseUrl:
description: Default URL to use when the auth server needs to redirect
or link back to the client
type: string
bearerOnly:
description: The access type of this client is bearer-only.
type: boolean
clientAuthenticatorType:
description: How should Clients authenticate to the server? either
'client-secret' or 'client-jwt'.
type: string
clientId:
description: ClientID is the alphanumeric identifier of the client
in a realm.
type: string
consentRequired:
description: If enabled, users have to consent to client access.
type: boolean
defaultClientScopes:
description: Which client scopes chould be granted by default, even
without specifying them.
items:
type: string
type: array
description:
description: Human Readable description
type: string
directAccessGrantsEnabled:
description: Are direct access grants enabled for this client or not
(OpenID connect).
type: boolean
enabled:
description: If the client is enabled and active
type: boolean
implicitFlowEnabled:
description: Enable implicit flow for this client or not (OpenID connect).
type: boolean
name:
description: Displayed Name of the Client
type: string
optionalClientScopes:
description: Which additional scopes can be specified by the client
items:
type: string
type: array
protocol:
description: Protocol, either 'openid-connect' or 'saml'
type: string
publicClient:
description: Is the access type for this client public or not.
type: boolean
realmName:
description: Name of the Realm the client should be created in
type: string
redirectUris:
description: URL to the admin interface of the client
items:
type: string
type: array
registrationAccessToken:
description: Used for authentication when registering new clients
type: string
rootUrl:
description: Root URL appended to relative URLs for this client
type: string
secret:
description: A client Secret is not always required
properties:
key:
default: password
description: Key of the attribute, that holds the value in the
Secret.
type: string
name:
description: Name of the Secret containing the client Secret.
type: string
required:
- name
type: object
serviceAccountsEnabled:
description: Are service accounts enabled for this client or not (OpenID
connect).
type: boolean
standardFlowEnabled:
description: Enable standard flow for this client or not (OpenID connect).
type: boolean
surrogateAuthRequired:
description: Whether or not surrogate auth is required.
type: boolean
webOrigins:
description: List of allowed CORS origins
items:
type: string
type: array
required:
- clientId
- realmName
2021-01-10 23:53:43 +01:00
type: object
status:
description: KeycloakClientStatus defines the observed state of KeycloakClient
2021-01-11 04:21:29 +01:00
properties:
available:
type: boolean
required:
- available
2021-01-10 23:53:43 +01:00
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []