Added WebAuth
This commit is contained in:
@@ -19,6 +19,26 @@ resource "keycloak_realm" "hexor" {
|
||||
duplicate_emails_allowed = false
|
||||
|
||||
ssl_required = "external"
|
||||
|
||||
web_authn_passwordless_policy {
|
||||
relying_party_entity_name = "Hexor"
|
||||
relying_party_id = "hexor.cy"
|
||||
signature_algorithms = ["ES256", "RS256"]
|
||||
user_verification_requirement = "required"
|
||||
attestation_conveyance_preference = "none"
|
||||
}
|
||||
}
|
||||
|
||||
# =============================================================================
|
||||
# Passkey (WebAuthn Passwordless) — required action
|
||||
# =============================================================================
|
||||
|
||||
resource "keycloak_required_action" "webauthn_register_passwordless" {
|
||||
realm_id = keycloak_realm.hexor.id
|
||||
alias = "webauthn-register-passwordless"
|
||||
name = "Webauthn Register Passwordless"
|
||||
enabled = true
|
||||
default_action = false
|
||||
}
|
||||
|
||||
# =============================================================================
|
||||
|
||||
Reference in New Issue
Block a user