<Access>

Defines which role can access the Web App.

Possible values: Name of a previously defined role

Note:

The roles are managed in the Keycloak Administration Console.

Defines which authorization flow is used. If you do not want to require a login, use Public Access.

Note:

To use the single sign-on functionality, you must use the Authorization Code Flow.

Possible values:

• Public Access

  

  Note:

  Users who access the Web App without login are recognized as ANONYMOUS_USER. They cannot be granted special rights.

• Ressource Owner Password Flow

  

  Note:

  If a Web App uses the Resource Owner Password Flow authorization flow, a user with a temporary password cannot log in to that Web App.

  If you want to use temporary passwords, use the Authorization Code Flow.

  The Resource Owner Password Flow authorization flow will be removed in the next version. It is not recommended to use the Authorization Code Flow due to security reasons.

• Authorization Code Flow

Note:

Keycloak must be configured according to the selected authorization flow.

For more information, please visit the official Auth0® Inc. website.

• https://auth0.com/docs/authorization/flows/resource-owner-password-flow
• https://auth0.com/docs/authorization/flows/authorization-code-flow

Defines which realm from Keycloak will be used.

Note:

The realm must be specified if the Authorization Code Flow or Resource Owner Password Flow is used and a realm other than the default should be used.

Defines which client from Keycloak will be used.

Note:

The client must be specified if the Authorization Code Flow or Resource Owner Password Flow is used and a client other than the default should be used.

Client Secret of the defined client, which can be read from Keycloak.

Note:

The client secret must be specified if the Authorization Code Flow or Resource Owner Password Flow is used and a client secret other than the default should be used.