Description
Describe the bug
Currently when creating a SAML client with this provider (i.e. resource keycloak_saml_client), the client DB entry is created with the public_client flag set to false (presumably because it's the default if unspecified). The result of this is that the client's secret is also generated by KC and in the Admin UI, the SAML client has a "Credentials" tab that's visible and manageable.
However, for SAML this doesn't make sense since a SAML client should always be treated as public and client credentials are not used by SAML.
Version
26.0.7
Expected behavior
The public_client flag in the client DB records should be true, same as if the client was created directly in the Admin UI. This would in turn prevent the secret from being auto-generated and hide the "Credentials" tab in the Admin UI for the client.
Actual behavior
All of the opposite of the Expected Behavior above.
How to Reproduce?
Just create a simple SAML client with the keycloak_saml_client resource.
Anything else?
Tried with the latest TF provider 5.2.0.