Set directAccessGrantsEnabled default value to false (#37505)

dasniko · 2martens · web-flow · commit 9a3f47d68cbe · 2025-02-19T14:10:54.000-05:00
* Set directAccessGrantsEnabled to false

The Resource Owner Password Credentials Grant must not be used and should not be the default in Keycloak.

Signed-off-by: Jim Martens &lt;github@2martens.de&gt;
Closes #30226

* another default value...

Signed-off-by: Niko Köbler &lt;niko@n-k.de&gt;

---------

Signed-off-by: Niko Köbler &lt;niko@n-k.de&gt;
Co-authored-by: Jim Martens &lt;github@2martens.de&gt;
diff --git a/js/apps/admin-ui/src/clients/add/CapabilityConfig.tsx b/js/apps/admin-ui/src/clients/add/CapabilityConfig.tsx
@@ -152,7 +152,7 @@ export const CapabilityConfig = ({
               <GridItem lg={8} sm={6}>
                 <Controller
                   name="directAccessGrantsEnabled"
-                  defaultValue={true}
+                  defaultValue={false}
                   control={control}
                   render={({ field }) => (
                     <InputGroup>
diff --git a/js/apps/admin-ui/src/clients/add/NewClientForm.tsx b/js/apps/admin-ui/src/clients/add/NewClientForm.tsx
@@ -68,7 +68,7 @@ export default function NewClientForm() {
       authorizationServicesEnabled: false,
       serviceAccountsEnabled: false,
       implicitFlowEnabled: false,
-      directAccessGrantsEnabled: true,
+      directAccessGrantsEnabled: false,
       standardFlowEnabled: true,
       frontchannelLogout: true,
       attributes: {
