A.1.12 Client Update
M-CNCC IAM UI - Cncc Realm - Updating Authentication flow to Direct Access Grant for cncc-api-access client
Figure -17 cncc-api-access
Figure -18 Capability config
M-CNCC IAM Kc
Logs:
{"timestamp":"2025-11-27T16:12:30.027887228Z","sequence":2648,"loggerClassName":"org.jboss.logging.Logger","loggerName":"org.keycloak.events","level":"DEBUG","message":"operationType=\"UPDATE\", realmId=\"master\", realmName=\"master\", clientId=\"6d475927-19a8-4082-a9f4-8d6b68afbb1a\", userId=\"acc21615-964a-4055-8c20-fb2705bd641b\", ipAddress=\"10.75.213.184\", resourceType=\"CLIENT\", resourcePath=\"clients/f07c1ee9-d40d-4814-89de-77c09cda068d\"","threadName":"executor-thread-109","threadId":207,"mdc":{},"ndc":"","hostName":"cncc-iam","processName":"/opt/java/jre/bin/java","processId":571}M-CNCC IAM Ingress Gateway logs
SECURITY- Request
log:
{
"instant": {
"epochSecond": 1764259949,
"nanoOfSecond": 942497792
},
"thread": "igw-app-thread12",
"level": "INFO",
"loggerName": "ocpm.cne.gateway.cncc.filters.CnccLoggingFilter",
"message": {
"logType": "SECURITY",
"type": "REQUEST",
"operationType": "PUT",
"userId": "acc21615-964a-4055-8c20-fb2705bd641b",
"username": "admin",
"remoteAddress": "xx.xx.xx.xx:31778",
"localAddress": "xx.xx.xx.xx:8081",
"resourcePath": "/cncc/auth/admin/realms/cncc/clients/f07c1ee9-d40d-4814-89de-77c09cda068d",
"scheme": "http",
"queryParams": {},
"headers": {
"Origin": "http://xx.xx.xx.xx:30085",
"Cookie": "{masked}",
"Connection": "keep-alive",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36",
"uuidToken": "25880323-4c4d-4e39-aefe-c7d8ca70a06e",
"Host": "xx.xx.xx.xx:30085",
"Accept-Encoding": "gzip, deflate",
"svcName": "cncc-iam-kc-http.cncc.svc.cluster.local",
"ocLogId": "1764259949940_92_cncc-iam-ingress-gateway-85d6d57584-wt9zk",
"accept": "application/json, text/plain, */*",
"sbi-timer-publish-headers": "false",
"authorization": "{masked}",
"content-type": "application/json",
"Accept-Language": "en-US,en;q=0.9",
"Content-Length": "1995",
"sbi-timer-feature": "false"
},
"payload": {
"id": "f07c1ee9-d40d-4814-89de-77c09cda068d",
"clientId": "cncc-api-access",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": false,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"id.token.as.detached.signature": "false",
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"oauth2.device.authorization.grant.enabled": "false",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"use.refresh.tokens": "true",
"exclude.session.state.from.auth.response": "false",
"realm_client": "false",
"oidc.ciba.grant.enabled": "false",
"saml.artifact.binding": "false",
"backchannel.logout.session.required": "false",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"require.pushed.authorization.requests": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"authorization.signed.response.alg": "RS256",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false",
"standard.token.exchange.enabled": false,
"pkce.code.challenge.method": "-",
"dpop.bound.access.tokens": "false",
"login_theme": "-",
"consent.screen.text": "-",
"backchannel.logout.url": "-"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": ["web-origins","roles","profile","basic","email"],
"optionalClientScopes": ["address","phone","offline_access","microprofile-jwt"],
"access": {"view": true, "configure": true, "manage": true},
"name": "-",
"description": "-",
"rootUrl": "-",
"baseUrl": "-",
"adminUrl": "-",
"authorizationServicesEnabled": false
},
"authenticationType": "UNKNOWN"
},
"endOfBatch": false,
"loggerFqcn": "org.apache.logging.log4j.internal.DefaultLogBuilder",
"threadId": 128,
"threadPriority": 5,
"messageTimestamp": "2025-11-27T16:12:29.942+0000",
"processId": "1",
"ingressTxId": "ingress-tx-1873501864",
"pod": "cncc-iam-ingress-gateway-85d6d57584-wt9zk",
"ocLogId": "1764259949940_92_cncc-iam-ingress-gateway-85d6d57584-wt9zk",
"instanceType": "prod",
"xRequestId": "-"
}SECURITY- Response
log:
{
"instant": {
"epochSecond": 1764259950,
"nanoOfSecond": 33824423
},
"thread": "igw-app-thread11",
"level": "INFO",
"loggerName": "ocpm.cne.gateway.cncc.filters.CnccLoggingFilter",
"message": {
"logType": "SECURITY",
"type": "RESPONSE",
"operationType": "PUT",
"userId": "acc21615-964a-4055-8c20-fb2705bd641b",
"username": "admin",
"resourcePath": "/cncc/auth/admin/realms/cncc/clients/f07c1ee9-d40d-4814-89de-77c09cda068d",
"scheme": "http",
"headers": {
"Referrer-Policy": "no-referrer",
"X-Frame-Options": "SAMEORIGIN",
"Access-Control-Expose-Headers": "Location",
"Strict-Transport-Security": "max-age=31536000; includeSubDomains",
"transfer-encoding": "chunked",
"Access-Control-Allow-Origin": "http://xx.xx.xx.xx:30085",
"Access-Control-Allow-Credentials": "true",
"X-Content-Type-Options": "nosniff",
"RequestMethod": "PUT",
"NettyLatency": "1764259949940"
},
"payload": {},
"authenticationType": "UNKNOWN",
"status": "204 NO_CONTENT"
},
"endOfBatch": false,
"loggerFqcn": "org.apache.logging.log4j.internal.DefaultLogBuilder",
"threadId": 127,
"threadPriority": 5,
"messageTimestamp": "2025-11-27T16:12:30.033+0000",
"processId": "1",
"ingressTxId": "ingress-tx-1437990706",
"pod": "cncc-iam-ingress-gateway-85d6d57584-wt9zk",
"ocLogId": "-",
"instanceType": "prod",
"xRequestId": "-"
}Note:
Similar logs will also be observed for the default realm.
Parent topic: CNC Console UI Event Logs