KeycloakUser
v1
resource to define a User within a KeyclaokRealm
spec
Type: object
| Property | Type | Required |
|---|---|---|
| definition | object | ✅ |
| options | object | |
| patchFrom | object | |
| realmRef | string | ✅ |
| userSecret | object |
the KeycloakUser resource
spec.definition
Type: object
| Property | Type | Required |
|---|---|---|
| access | object | |
| applicationRoles | object | |
| attributes | object | |
| clientConsents[] | object | |
| clientRoles | object | |
| createdTimestamp | integer | |
| credentials[] | object | |
| disableableCredentialTypes[] | string | |
| string | ||
| emailVerified | boolean | |
| enabled | boolean | |
| federatedIdentities[] | object | |
| federationLink | string | |
| firstName | string | |
| groups[] | string | |
| id | string | |
| lastName | string | |
| notBefore | integer | |
| origin | string | |
| realmRoles[] | string | |
| requiredActions[] | string | |
| self | string | |
| serviceAccountClientId | string | |
| socialLinks[] | object | |
| totp | boolean | |
| userProfileMetadata | object | |
| username | string |
| Validation Rule | Error Message |
|---|---|
| has(self.id) == has(oldSelf.id) | Value is immutable |
missing
spec.definition.access
Type: object
missing
spec.definition.applicationRoles
Type: object
missing
spec.definition.attributes
Type: object
missing
spec.definition.clientConsents[]
Type: object
| Property | Type | Required |
|---|---|---|
| clientId | string | |
| createdDate | integer | |
| grantedClientScopes[] | string | |
| grantedRealmRoles[] | string | |
| lastUpdatedDate | integer |
missing
spec.definition.clientConsents[].clientId
Type: string
missing
spec.definition.clientConsents[].createdDate
Type: integer
missing
spec.definition.clientConsents[].grantedClientScopes[]
Type: string
missing
spec.definition.clientConsents[].grantedRealmRoles[]
Type: string
missing
spec.definition.clientConsents[].lastUpdatedDate
Type: integer
missing
spec.definition.clientRoles
Type: object
missing
spec.definition.createdTimestamp
Type: integer
missing
spec.definition.credentials[]
Type: object
| Property | Type | Required |
|---|---|---|
| algorithm | string | |
| config | object | |
| counter | integer | |
| createdDate | integer | |
| credentialData | string | |
| device | string | |
| digits | integer | |
| hashIterations | integer | |
| hashedSaltedValue | string | |
| id | string | |
| period | integer | |
| priority | integer | |
| salt | string | |
| secretData | string | |
| temporary | boolean | |
| type | string | |
| userLabel | string | |
| value | string |
missing
spec.definition.credentials[].algorithm
Type: string
missing
spec.definition.credentials[].config
Type: object
missing
spec.definition.credentials[].counter
Type: integer
missing
spec.definition.credentials[].createdDate
Type: integer
missing
spec.definition.credentials[].credentialData
Type: string
missing
spec.definition.credentials[].device
Type: string
missing
spec.definition.credentials[].digits
Type: integer
missing
spec.definition.credentials[].hashIterations
Type: integer
missing
spec.definition.credentials[].hashedSaltedValue
Type: string
missing
spec.definition.credentials[].id
Type: string
missing
spec.definition.credentials[].period
Type: integer
missing
spec.definition.credentials[].priority
Type: integer
missing
spec.definition.credentials[].salt
Type: string
missing
spec.definition.credentials[].secretData
Type: string
missing
spec.definition.credentials[].temporary
Type: boolean
missing
spec.definition.credentials[].type
Type: string
missing
spec.definition.credentials[].userLabel
Type: string
missing
spec.definition.credentials[].value
Type: string
missing
spec.definition.disableableCredentialTypes[]
Type: string
missing
spec.definition.email
Type: string
missing
spec.definition.emailVerified
Type: boolean
missing
spec.definition.enabled
Type: boolean
missing
spec.definition.federatedIdentities[]
Type: object
| Property | Type | Required |
|---|---|---|
| identityProvider | string | |
| userId | string | |
| userName | string |
missing
spec.definition.federatedIdentities[].identityProvider
Type: string
missing
spec.definition.federatedIdentities[].userId
Type: string
missing
spec.definition.federatedIdentities[].userName
Type: string
missing
spec.definition.federationLink
Type: string
missing
spec.definition.firstName
Type: string
missing
spec.definition.groups[]
Type: string
missing
spec.definition.id
Type: string
| Validation Rule | Error Message |
|---|---|
| self == oldSelf | Value is immutable |
missing
spec.definition.lastName
Type: string
missing
spec.definition.notBefore
Type: integer
missing
spec.definition.origin
Type: string
missing
spec.definition.realmRoles[]
Type: string
missing
spec.definition.requiredActions[]
Type: string
missing
spec.definition.self
Type: string
missing
spec.definition.serviceAccountClientId
Type: string
missing
spec.definition.socialLinks[]
Type: object
| Property | Type | Required |
|---|---|---|
| socialProvider | string | |
| socialUserId | string | |
| socialUsername | string |
missing
spec.definition.socialLinks[].socialProvider
Type: string
missing
spec.definition.socialLinks[].socialUserId
Type: string
missing
spec.definition.socialLinks[].socialUsername
Type: string
missing
spec.definition.totp
Type: boolean
missing
spec.definition.userProfileMetadata
Type: object
| Property | Type | Required |
|---|---|---|
| attributes[] | object | |
| groups[] | object |
missing
spec.definition.userProfileMetadata.attributes[]
Type: object
| Property | Type | Required |
|---|---|---|
| annotations | object | |
| displayName | string | |
| group | string | |
| multivalued | boolean | |
| name | string | |
| readOnly | boolean | |
| required | boolean | |
| validators | object |
missing
spec.definition.userProfileMetadata.attributes[].annotations
Type: object
missing
spec.definition.userProfileMetadata.attributes[].displayName
Type: string
missing
spec.definition.userProfileMetadata.attributes[].group
Type: string
missing
spec.definition.userProfileMetadata.attributes[].multivalued
Type: boolean
missing
spec.definition.userProfileMetadata.attributes[].name
Type: string
missing
spec.definition.userProfileMetadata.attributes[].readOnly
Type: boolean
missing
spec.definition.userProfileMetadata.attributes[].required
Type: boolean
missing
spec.definition.userProfileMetadata.attributes[].validators
Type: object
missing
spec.definition.userProfileMetadata.groups[]
Type: object
| Property | Type | Required |
|---|---|---|
| annotations | object | |
| displayDescription | string | |
| displayHeader | string | |
| name | string |
missing
spec.definition.userProfileMetadata.groups[].annotations
Type: object
missing
spec.definition.userProfileMetadata.groups[].displayDescription
Type: string
missing
spec.definition.userProfileMetadata.groups[].displayHeader
Type: string
missing
spec.definition.userProfileMetadata.groups[].name
Type: string
missing
spec.definition.username
Type: string
missing
spec.options
Type: object
Options for the request to the Keycloak Admin API.
spec.patchFrom
Type: object
Defines additional values that can be loaded from secrets or configmaps. Field selectors are not supported. For more informations see the patches documentation.
spec.realmRef
Type: string
the name of the kubernetes object that created the realm.
spec.userSecret
Type: object
| Property | Type | Required |
|---|---|---|
| passwordKey | string | |
| secretName | string | ✅ |
| usernameKey | string |
missing
spec.userSecret.passwordKey
Type: string
missing
spec.userSecret.secretName
Type: string
missing
spec.userSecret.usernameKey
Type: string
missing
status
Type: object
| Property | Type | Required |
|---|---|---|
| conditions[] | object | |
| message | string | |
| ready | boolean | ✅ |
| resourcePath | string | |
| status | string |
missing
status.conditions[]
Type: object
| Property | Type | Required |
|---|---|---|
| lastTransitionTime | string | |
| lastUpdateTime | string | |
| message | string | |
| reason | string | |
| status | string | ✅ |
| type | string | ✅ |
missing
status.conditions[].lastTransitionTime
Type: string
Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.
status.conditions[].lastUpdateTime
Type: string
Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON. Wrappers are provided for many of the factory methods that the time package offers.
status.conditions[].message
Type: string
missing
status.conditions[].reason
Type: string
missing
status.conditions[].status
Type: string
missing
status.conditions[].type
Type: string
missing
status.message
Type: string
missing
status.ready
Type: boolean
missing
status.resourcePath
Type: string
missing
status.status
Type: string
missing