deploy-templates/keycloak-idps/templates/keycloakidentityprovider_idgovua.yaml (24 lines of code) (raw):
apiVersion: v1.edp.epam.com/v1
kind: KeycloakRealmIdentityProvider
metadata:
name: id-gov-ua
spec:
realm: id-gov-ua
alias: idgovua
authenticateByDefault: true
enabled: true
firstBrokerLoginFlowAlias: "custom-first-broker-login-feature"
providerId: "idgovuav2"
config:
clientId: {{ .Values.idgovua.clientId }}
clientSecret: {{ .Values.idgovua.clientSecret }}
hideOnLoginPage: "true"
dsoCertificateUrl: http://digital-signature-ops:8080/api/key/certificate
dsoDecryptInfoUrl: http://digital-signature-ops:8080/api/key/decrypt
{{- if (default .Values.idgovua.sandbox true) }}
url: https://test.id.gov.ua?auth_type=dig_sign%2Cbank_id
{{ else }}
url: https://id.gov.ua?auth_type=dig_sign%2Cbank_id%2Cdiia_id
{{ end -}}
syncMode: "IMPORT"
useJwksUrl: "true"