Documentation
¶
Index ¶
- type Client
- type ClientArgs
- type ClientArray
- type ClientArrayInput
- type ClientArrayOutput
- type ClientAuthenticationFlowBindingOverrides
- type ClientAuthenticationFlowBindingOverridesArgs
- func (ClientAuthenticationFlowBindingOverridesArgs) ElementType() reflect.Type
- func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutput() ClientAuthenticationFlowBindingOverridesOutput
- func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesOutput
- func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput
- func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput
- type ClientAuthenticationFlowBindingOverridesInput
- type ClientAuthenticationFlowBindingOverridesOutput
- func (o ClientAuthenticationFlowBindingOverridesOutput) BrowserId() pulumi.StringPtrOutput
- func (o ClientAuthenticationFlowBindingOverridesOutput) DirectGrantId() pulumi.StringPtrOutput
- func (ClientAuthenticationFlowBindingOverridesOutput) ElementType() reflect.Type
- func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutput() ClientAuthenticationFlowBindingOverridesOutput
- func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesOutput
- func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput
- func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput
- type ClientAuthenticationFlowBindingOverridesPtrInput
- type ClientAuthenticationFlowBindingOverridesPtrOutput
- func (o ClientAuthenticationFlowBindingOverridesPtrOutput) BrowserId() pulumi.StringPtrOutput
- func (o ClientAuthenticationFlowBindingOverridesPtrOutput) DirectGrantId() pulumi.StringPtrOutput
- func (o ClientAuthenticationFlowBindingOverridesPtrOutput) Elem() ClientAuthenticationFlowBindingOverridesOutput
- func (ClientAuthenticationFlowBindingOverridesPtrOutput) ElementType() reflect.Type
- func (o ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput
- func (o ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput
- type ClientDefaultScope
- type ClientDefaultScopeArgs
- type ClientDefaultScopeArray
- type ClientDefaultScopeArrayInput
- type ClientDefaultScopeArrayOutput
- func (ClientDefaultScopeArrayOutput) ElementType() reflect.Type
- func (o ClientDefaultScopeArrayOutput) Index(i pulumi.IntInput) ClientDefaultScopeOutput
- func (o ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutput() ClientDefaultScopeArrayOutput
- func (o ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutputWithContext(ctx context.Context) ClientDefaultScopeArrayOutput
- type ClientDefaultScopeInput
- type ClientDefaultScopeMap
- type ClientDefaultScopeMapInput
- type ClientDefaultScopeMapOutput
- func (ClientDefaultScopeMapOutput) ElementType() reflect.Type
- func (o ClientDefaultScopeMapOutput) MapIndex(k pulumi.StringInput) ClientDefaultScopeOutput
- func (o ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutput() ClientDefaultScopeMapOutput
- func (o ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutputWithContext(ctx context.Context) ClientDefaultScopeMapOutput
- type ClientDefaultScopeOutput
- func (o ClientDefaultScopeOutput) ClientId() pulumi.StringOutput
- func (o ClientDefaultScopeOutput) DefaultScopes() pulumi.StringArrayOutput
- func (ClientDefaultScopeOutput) ElementType() reflect.Type
- func (o ClientDefaultScopeOutput) RealmId() pulumi.StringOutput
- func (o ClientDefaultScopeOutput) ToClientDefaultScopeOutput() ClientDefaultScopeOutput
- func (o ClientDefaultScopeOutput) ToClientDefaultScopeOutputWithContext(ctx context.Context) ClientDefaultScopeOutput
- type ClientDefaultScopeState
- type ClientInput
- type ClientMap
- type ClientMapInput
- type ClientMapOutput
- type ClientOutput
- func (o ClientOutput) AssertionConsumerPostUrl() pulumi.StringPtrOutput
- func (o ClientOutput) AssertionConsumerRedirectUrl() pulumi.StringPtrOutput
- func (o ClientOutput) AuthenticationFlowBindingOverrides() ClientAuthenticationFlowBindingOverridesPtrOutput
- func (o ClientOutput) BaseUrl() pulumi.StringPtrOutput
- func (o ClientOutput) CanonicalizationMethod() pulumi.StringPtrOutput
- func (o ClientOutput) ClientId() pulumi.StringOutput
- func (o ClientOutput) ClientSignatureRequired() pulumi.BoolPtrOutput
- func (o ClientOutput) Description() pulumi.StringPtrOutput
- func (ClientOutput) ElementType() reflect.Type
- func (o ClientOutput) Enabled() pulumi.BoolPtrOutput
- func (o ClientOutput) EncryptAssertions() pulumi.BoolPtrOutput
- func (o ClientOutput) EncryptionCertificate() pulumi.StringOutput
- func (o ClientOutput) EncryptionCertificateSha1() pulumi.StringOutput
- func (o ClientOutput) ExtraConfig() pulumi.StringMapOutput
- func (o ClientOutput) ForceNameIdFormat() pulumi.BoolPtrOutput
- func (o ClientOutput) ForcePostBinding() pulumi.BoolPtrOutput
- func (o ClientOutput) FrontChannelLogout() pulumi.BoolPtrOutput
- func (o ClientOutput) FullScopeAllowed() pulumi.BoolPtrOutput
- func (o ClientOutput) IdpInitiatedSsoRelayState() pulumi.StringPtrOutput
- func (o ClientOutput) IdpInitiatedSsoUrlName() pulumi.StringPtrOutput
- func (o ClientOutput) IncludeAuthnStatement() pulumi.BoolPtrOutput
- func (o ClientOutput) LoginTheme() pulumi.StringPtrOutput
- func (o ClientOutput) LogoutServicePostBindingUrl() pulumi.StringPtrOutput
- func (o ClientOutput) LogoutServiceRedirectBindingUrl() pulumi.StringPtrOutput
- func (o ClientOutput) MasterSamlProcessingUrl() pulumi.StringPtrOutput
- func (o ClientOutput) Name() pulumi.StringOutput
- func (o ClientOutput) NameIdFormat() pulumi.StringOutput
- func (o ClientOutput) RealmId() pulumi.StringOutput
- func (o ClientOutput) RootUrl() pulumi.StringPtrOutput
- func (o ClientOutput) SignAssertions() pulumi.BoolPtrOutput
- func (o ClientOutput) SignDocuments() pulumi.BoolPtrOutput
- func (o ClientOutput) SignatureAlgorithm() pulumi.StringPtrOutput
- func (o ClientOutput) SignatureKeyName() pulumi.StringPtrOutput
- func (o ClientOutput) SigningCertificate() pulumi.StringOutput
- func (o ClientOutput) SigningCertificateSha1() pulumi.StringOutput
- func (o ClientOutput) SigningPrivateKey() pulumi.StringOutput
- func (o ClientOutput) SigningPrivateKeySha1() pulumi.StringOutput
- func (o ClientOutput) ToClientOutput() ClientOutput
- func (o ClientOutput) ToClientOutputWithContext(ctx context.Context) ClientOutput
- func (o ClientOutput) ValidRedirectUris() pulumi.StringArrayOutput
- type ClientScope
- type ClientScopeArgs
- type ClientScopeArray
- type ClientScopeArrayInput
- type ClientScopeArrayOutput
- func (ClientScopeArrayOutput) ElementType() reflect.Type
- func (o ClientScopeArrayOutput) Index(i pulumi.IntInput) ClientScopeOutput
- func (o ClientScopeArrayOutput) ToClientScopeArrayOutput() ClientScopeArrayOutput
- func (o ClientScopeArrayOutput) ToClientScopeArrayOutputWithContext(ctx context.Context) ClientScopeArrayOutput
- type ClientScopeInput
- type ClientScopeMap
- type ClientScopeMapInput
- type ClientScopeMapOutput
- func (ClientScopeMapOutput) ElementType() reflect.Type
- func (o ClientScopeMapOutput) MapIndex(k pulumi.StringInput) ClientScopeOutput
- func (o ClientScopeMapOutput) ToClientScopeMapOutput() ClientScopeMapOutput
- func (o ClientScopeMapOutput) ToClientScopeMapOutputWithContext(ctx context.Context) ClientScopeMapOutput
- type ClientScopeOutput
- func (o ClientScopeOutput) ConsentScreenText() pulumi.StringPtrOutput
- func (o ClientScopeOutput) Description() pulumi.StringPtrOutput
- func (ClientScopeOutput) ElementType() reflect.Type
- func (o ClientScopeOutput) GuiOrder() pulumi.IntPtrOutput
- func (o ClientScopeOutput) Name() pulumi.StringOutput
- func (o ClientScopeOutput) RealmId() pulumi.StringOutput
- func (o ClientScopeOutput) ToClientScopeOutput() ClientScopeOutput
- func (o ClientScopeOutput) ToClientScopeOutputWithContext(ctx context.Context) ClientScopeOutput
- type ClientScopeState
- type ClientState
- type GetClientAuthenticationFlowBindingOverride
- type GetClientAuthenticationFlowBindingOverrideArgs
- func (GetClientAuthenticationFlowBindingOverrideArgs) ElementType() reflect.Type
- func (i GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutput() GetClientAuthenticationFlowBindingOverrideOutput
- func (i GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideOutput
- type GetClientAuthenticationFlowBindingOverrideArray
- func (GetClientAuthenticationFlowBindingOverrideArray) ElementType() reflect.Type
- func (i GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutput() GetClientAuthenticationFlowBindingOverrideArrayOutput
- func (i GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideArrayOutput
- type GetClientAuthenticationFlowBindingOverrideArrayInput
- type GetClientAuthenticationFlowBindingOverrideArrayOutput
- func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ElementType() reflect.Type
- func (o GetClientAuthenticationFlowBindingOverrideArrayOutput) Index(i pulumi.IntInput) GetClientAuthenticationFlowBindingOverrideOutput
- func (o GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutput() GetClientAuthenticationFlowBindingOverrideArrayOutput
- func (o GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideArrayOutput
- type GetClientAuthenticationFlowBindingOverrideInput
- type GetClientAuthenticationFlowBindingOverrideOutput
- func (o GetClientAuthenticationFlowBindingOverrideOutput) BrowserId() pulumi.StringOutput
- func (o GetClientAuthenticationFlowBindingOverrideOutput) DirectGrantId() pulumi.StringOutput
- func (GetClientAuthenticationFlowBindingOverrideOutput) ElementType() reflect.Type
- func (o GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutput() GetClientAuthenticationFlowBindingOverrideOutput
- func (o GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideOutput
- type GetClientInstallationProviderArgs
- type GetClientInstallationProviderOutputArgs
- type GetClientInstallationProviderResult
- type GetClientInstallationProviderResultOutput
- func (o GetClientInstallationProviderResultOutput) ClientId() pulumi.StringOutput
- func (GetClientInstallationProviderResultOutput) ElementType() reflect.Type
- func (o GetClientInstallationProviderResultOutput) Id() pulumi.StringOutput
- func (o GetClientInstallationProviderResultOutput) ProviderId() pulumi.StringOutput
- func (o GetClientInstallationProviderResultOutput) RealmId() pulumi.StringOutput
- func (o GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutput() GetClientInstallationProviderResultOutput
- func (o GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutputWithContext(ctx context.Context) GetClientInstallationProviderResultOutput
- func (o GetClientInstallationProviderResultOutput) Value() pulumi.StringOutput
- type IdentityProvider
- type IdentityProviderArgs
- type IdentityProviderArray
- type IdentityProviderArrayInput
- type IdentityProviderArrayOutput
- func (IdentityProviderArrayOutput) ElementType() reflect.Type
- func (o IdentityProviderArrayOutput) Index(i pulumi.IntInput) IdentityProviderOutput
- func (o IdentityProviderArrayOutput) ToIdentityProviderArrayOutput() IdentityProviderArrayOutput
- func (o IdentityProviderArrayOutput) ToIdentityProviderArrayOutputWithContext(ctx context.Context) IdentityProviderArrayOutput
- type IdentityProviderInput
- type IdentityProviderMap
- type IdentityProviderMapInput
- type IdentityProviderMapOutput
- func (IdentityProviderMapOutput) ElementType() reflect.Type
- func (o IdentityProviderMapOutput) MapIndex(k pulumi.StringInput) IdentityProviderOutput
- func (o IdentityProviderMapOutput) ToIdentityProviderMapOutput() IdentityProviderMapOutput
- func (o IdentityProviderMapOutput) ToIdentityProviderMapOutputWithContext(ctx context.Context) IdentityProviderMapOutput
- type IdentityProviderOutput
- func (o IdentityProviderOutput) AddReadTokenRoleOnCreate() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) Alias() pulumi.StringOutput
- func (o IdentityProviderOutput) AuthenticateByDefault() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) AuthnContextClassRefs() pulumi.StringArrayOutput
- func (o IdentityProviderOutput) AuthnContextComparisonType() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) AuthnContextDeclRefs() pulumi.StringArrayOutput
- func (o IdentityProviderOutput) BackchannelSupported() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) DisplayName() pulumi.StringPtrOutput
- func (IdentityProviderOutput) ElementType() reflect.Type
- func (o IdentityProviderOutput) Enabled() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) EntityId() pulumi.StringOutput
- func (o IdentityProviderOutput) ExtraConfig() pulumi.StringMapOutput
- func (o IdentityProviderOutput) FirstBrokerLoginFlowAlias() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) ForceAuthn() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) GuiOrder() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) HideOnLoginPage() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) InternalId() pulumi.StringOutput
- func (o IdentityProviderOutput) LinkOnly() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) LoginHint() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) NameIdPolicyFormat() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) PostBindingAuthnRequest() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) PostBindingLogout() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) PostBindingResponse() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) PostBrokerLoginFlowAlias() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) PrincipalAttribute() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) PrincipalType() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) ProviderId() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) Realm() pulumi.StringOutput
- func (o IdentityProviderOutput) SignatureAlgorithm() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) SigningCertificate() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) SingleLogoutServiceUrl() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) SingleSignOnServiceUrl() pulumi.StringOutput
- func (o IdentityProviderOutput) StoreToken() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) SyncMode() pulumi.StringPtrOutput
- func (o IdentityProviderOutput) ToIdentityProviderOutput() IdentityProviderOutput
- func (o IdentityProviderOutput) ToIdentityProviderOutputWithContext(ctx context.Context) IdentityProviderOutput
- func (o IdentityProviderOutput) TrustEmail() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) ValidateSignature() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) WantAssertionsEncrypted() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) WantAssertionsSigned() pulumi.BoolPtrOutput
- func (o IdentityProviderOutput) XmlSignKeyInfoKeyNameTransformer() pulumi.StringPtrOutput
- type IdentityProviderState
- type LookupClientArgs
- type LookupClientOutputArgs
- type LookupClientResult
- type LookupClientResultOutput
- func (o LookupClientResultOutput) AssertionConsumerPostUrl() pulumi.StringOutput
- func (o LookupClientResultOutput) AssertionConsumerRedirectUrl() pulumi.StringOutput
- func (o LookupClientResultOutput) AuthenticationFlowBindingOverrides() GetClientAuthenticationFlowBindingOverrideArrayOutput
- func (o LookupClientResultOutput) BaseUrl() pulumi.StringOutput
- func (o LookupClientResultOutput) CanonicalizationMethod() pulumi.StringOutput
- func (o LookupClientResultOutput) ClientId() pulumi.StringOutput
- func (o LookupClientResultOutput) ClientSignatureRequired() pulumi.BoolOutput
- func (o LookupClientResultOutput) Description() pulumi.StringOutput
- func (LookupClientResultOutput) ElementType() reflect.Type
- func (o LookupClientResultOutput) Enabled() pulumi.BoolOutput
- func (o LookupClientResultOutput) EncryptAssertions() pulumi.BoolOutput
- func (o LookupClientResultOutput) EncryptionCertificate() pulumi.StringOutput
- func (o LookupClientResultOutput) EncryptionCertificateSha1() pulumi.StringOutput
- func (o LookupClientResultOutput) ExtraConfig() pulumi.StringMapOutput
- func (o LookupClientResultOutput) ForceNameIdFormat() pulumi.BoolOutput
- func (o LookupClientResultOutput) ForcePostBinding() pulumi.BoolOutput
- func (o LookupClientResultOutput) FrontChannelLogout() pulumi.BoolOutput
- func (o LookupClientResultOutput) FullScopeAllowed() pulumi.BoolOutput
- func (o LookupClientResultOutput) Id() pulumi.StringOutput
- func (o LookupClientResultOutput) IdpInitiatedSsoRelayState() pulumi.StringOutput
- func (o LookupClientResultOutput) IdpInitiatedSsoUrlName() pulumi.StringOutput
- func (o LookupClientResultOutput) IncludeAuthnStatement() pulumi.BoolOutput
- func (o LookupClientResultOutput) LoginTheme() pulumi.StringOutput
- func (o LookupClientResultOutput) LogoutServicePostBindingUrl() pulumi.StringOutput
- func (o LookupClientResultOutput) LogoutServiceRedirectBindingUrl() pulumi.StringOutput
- func (o LookupClientResultOutput) MasterSamlProcessingUrl() pulumi.StringOutput
- func (o LookupClientResultOutput) Name() pulumi.StringOutput
- func (o LookupClientResultOutput) NameIdFormat() pulumi.StringOutput
- func (o LookupClientResultOutput) RealmId() pulumi.StringOutput
- func (o LookupClientResultOutput) RootUrl() pulumi.StringOutput
- func (o LookupClientResultOutput) SamlSignatureKeyName() pulumi.StringOutput
- func (o LookupClientResultOutput) SignAssertions() pulumi.BoolOutput
- func (o LookupClientResultOutput) SignDocuments() pulumi.BoolOutput
- func (o LookupClientResultOutput) SignatureAlgorithm() pulumi.StringOutput
- func (o LookupClientResultOutput) SignatureKeyName() pulumi.StringOutput
- func (o LookupClientResultOutput) SigningCertificate() pulumi.StringOutput
- func (o LookupClientResultOutput) SigningCertificateSha1() pulumi.StringOutput
- func (o LookupClientResultOutput) SigningPrivateKey() pulumi.StringOutput
- func (o LookupClientResultOutput) SigningPrivateKeySha1() pulumi.StringOutput
- func (o LookupClientResultOutput) ToLookupClientResultOutput() LookupClientResultOutput
- func (o LookupClientResultOutput) ToLookupClientResultOutputWithContext(ctx context.Context) LookupClientResultOutput
- func (o LookupClientResultOutput) ValidRedirectUris() pulumi.StringArrayOutput
- type ScriptProtocolMapper
- type ScriptProtocolMapperArgs
- type ScriptProtocolMapperArray
- type ScriptProtocolMapperArrayInput
- type ScriptProtocolMapperArrayOutput
- func (ScriptProtocolMapperArrayOutput) ElementType() reflect.Type
- func (o ScriptProtocolMapperArrayOutput) Index(i pulumi.IntInput) ScriptProtocolMapperOutput
- func (o ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutput() ScriptProtocolMapperArrayOutput
- func (o ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutputWithContext(ctx context.Context) ScriptProtocolMapperArrayOutput
- type ScriptProtocolMapperInput
- type ScriptProtocolMapperMap
- type ScriptProtocolMapperMapInput
- type ScriptProtocolMapperMapOutput
- func (ScriptProtocolMapperMapOutput) ElementType() reflect.Type
- func (o ScriptProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) ScriptProtocolMapperOutput
- func (o ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutput() ScriptProtocolMapperMapOutput
- func (o ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutputWithContext(ctx context.Context) ScriptProtocolMapperMapOutput
- type ScriptProtocolMapperOutput
- func (o ScriptProtocolMapperOutput) ClientId() pulumi.StringPtrOutput
- func (o ScriptProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput
- func (ScriptProtocolMapperOutput) ElementType() reflect.Type
- func (o ScriptProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput
- func (o ScriptProtocolMapperOutput) Name() pulumi.StringOutput
- func (o ScriptProtocolMapperOutput) RealmId() pulumi.StringOutput
- func (o ScriptProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput
- func (o ScriptProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput
- func (o ScriptProtocolMapperOutput) Script() pulumi.StringOutput
- func (o ScriptProtocolMapperOutput) SingleValueAttribute() pulumi.BoolPtrOutput
- func (o ScriptProtocolMapperOutput) ToScriptProtocolMapperOutput() ScriptProtocolMapperOutput
- func (o ScriptProtocolMapperOutput) ToScriptProtocolMapperOutputWithContext(ctx context.Context) ScriptProtocolMapperOutput
- type ScriptProtocolMapperState
- type UserAttributeProtocolMapper
- func (*UserAttributeProtocolMapper) ElementType() reflect.Type
- func (i *UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutput() UserAttributeProtocolMapperOutput
- func (i *UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutputWithContext(ctx context.Context) UserAttributeProtocolMapperOutput
- type UserAttributeProtocolMapperArgs
- type UserAttributeProtocolMapperArray
- func (UserAttributeProtocolMapperArray) ElementType() reflect.Type
- func (i UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutput() UserAttributeProtocolMapperArrayOutput
- func (i UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutputWithContext(ctx context.Context) UserAttributeProtocolMapperArrayOutput
- type UserAttributeProtocolMapperArrayInput
- type UserAttributeProtocolMapperArrayOutput
- func (UserAttributeProtocolMapperArrayOutput) ElementType() reflect.Type
- func (o UserAttributeProtocolMapperArrayOutput) Index(i pulumi.IntInput) UserAttributeProtocolMapperOutput
- func (o UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutput() UserAttributeProtocolMapperArrayOutput
- func (o UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutputWithContext(ctx context.Context) UserAttributeProtocolMapperArrayOutput
- type UserAttributeProtocolMapperInput
- type UserAttributeProtocolMapperMap
- func (UserAttributeProtocolMapperMap) ElementType() reflect.Type
- func (i UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutput() UserAttributeProtocolMapperMapOutput
- func (i UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutputWithContext(ctx context.Context) UserAttributeProtocolMapperMapOutput
- type UserAttributeProtocolMapperMapInput
- type UserAttributeProtocolMapperMapOutput
- func (UserAttributeProtocolMapperMapOutput) ElementType() reflect.Type
- func (o UserAttributeProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) UserAttributeProtocolMapperOutput
- func (o UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutput() UserAttributeProtocolMapperMapOutput
- func (o UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutputWithContext(ctx context.Context) UserAttributeProtocolMapperMapOutput
- type UserAttributeProtocolMapperOutput
- func (o UserAttributeProtocolMapperOutput) ClientId() pulumi.StringPtrOutput
- func (o UserAttributeProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput
- func (UserAttributeProtocolMapperOutput) ElementType() reflect.Type
- func (o UserAttributeProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput
- func (o UserAttributeProtocolMapperOutput) Name() pulumi.StringOutput
- func (o UserAttributeProtocolMapperOutput) RealmId() pulumi.StringOutput
- func (o UserAttributeProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput
- func (o UserAttributeProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput
- func (o UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutput() UserAttributeProtocolMapperOutput
- func (o UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutputWithContext(ctx context.Context) UserAttributeProtocolMapperOutput
- func (o UserAttributeProtocolMapperOutput) UserAttribute() pulumi.StringOutput
- type UserAttributeProtocolMapperState
- type UserPropertyProtocolMapper
- func (*UserPropertyProtocolMapper) ElementType() reflect.Type
- func (i *UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutput() UserPropertyProtocolMapperOutput
- func (i *UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutputWithContext(ctx context.Context) UserPropertyProtocolMapperOutput
- type UserPropertyProtocolMapperArgs
- type UserPropertyProtocolMapperArray
- func (UserPropertyProtocolMapperArray) ElementType() reflect.Type
- func (i UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutput() UserPropertyProtocolMapperArrayOutput
- func (i UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutputWithContext(ctx context.Context) UserPropertyProtocolMapperArrayOutput
- type UserPropertyProtocolMapperArrayInput
- type UserPropertyProtocolMapperArrayOutput
- func (UserPropertyProtocolMapperArrayOutput) ElementType() reflect.Type
- func (o UserPropertyProtocolMapperArrayOutput) Index(i pulumi.IntInput) UserPropertyProtocolMapperOutput
- func (o UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutput() UserPropertyProtocolMapperArrayOutput
- func (o UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutputWithContext(ctx context.Context) UserPropertyProtocolMapperArrayOutput
- type UserPropertyProtocolMapperInput
- type UserPropertyProtocolMapperMap
- func (UserPropertyProtocolMapperMap) ElementType() reflect.Type
- func (i UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutput() UserPropertyProtocolMapperMapOutput
- func (i UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutputWithContext(ctx context.Context) UserPropertyProtocolMapperMapOutput
- type UserPropertyProtocolMapperMapInput
- type UserPropertyProtocolMapperMapOutput
- func (UserPropertyProtocolMapperMapOutput) ElementType() reflect.Type
- func (o UserPropertyProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) UserPropertyProtocolMapperOutput
- func (o UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutput() UserPropertyProtocolMapperMapOutput
- func (o UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutputWithContext(ctx context.Context) UserPropertyProtocolMapperMapOutput
- type UserPropertyProtocolMapperOutput
- func (o UserPropertyProtocolMapperOutput) ClientId() pulumi.StringPtrOutput
- func (o UserPropertyProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput
- func (UserPropertyProtocolMapperOutput) ElementType() reflect.Type
- func (o UserPropertyProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput
- func (o UserPropertyProtocolMapperOutput) Name() pulumi.StringOutput
- func (o UserPropertyProtocolMapperOutput) RealmId() pulumi.StringOutput
- func (o UserPropertyProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput
- func (o UserPropertyProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput
- func (o UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutput() UserPropertyProtocolMapperOutput
- func (o UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutputWithContext(ctx context.Context) UserPropertyProtocolMapperOutput
- func (o UserPropertyProtocolMapperOutput) UserProperty() pulumi.StringOutput
- type UserPropertyProtocolMapperState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct { pulumi.CustomResourceState // SAML POST Binding URL for the client's assertion consumer service (login responses). AssertionConsumerPostUrl pulumi.StringPtrOutput `pulumi:"assertionConsumerPostUrl"` // SAML Redirect Binding URL for the client's assertion consumer service (login responses). AssertionConsumerRedirectUrl pulumi.StringPtrOutput `pulumi:"assertionConsumerRedirectUrl"` // Override realm authentication flow bindings AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverridesPtrOutput `pulumi:"authenticationFlowBindingOverrides"` // When specified, this URL will be used whenever Keycloak needs to link to this client. BaseUrl pulumi.StringPtrOutput `pulumi:"baseUrl"` // The Canonicalization Method for XML signatures. Should be one of "EXCLUSIVE", "EXCLUSIVE_WITH_COMMENTS", "INCLUSIVE", or "INCLUSIVE_WITH_COMMENTS". Defaults to "EXCLUSIVE". CanonicalizationMethod pulumi.StringPtrOutput `pulumi:"canonicalizationMethod"` // The unique ID of this client, referenced in the URI during authentication and in issued tokens. ClientId pulumi.StringOutput `pulumi:"clientId"` // When `true`, Keycloak will expect that documents originating from a client will be signed using the certificate and/or key configured via `signingCertificate` and `signingPrivateKey`. Defaults to `true`. ClientSignatureRequired pulumi.BoolPtrOutput `pulumi:"clientSignatureRequired"` // The description of this client in the GUI. Description pulumi.StringPtrOutput `pulumi:"description"` // When false, this client will not be able to initiate a login or obtain access tokens. Defaults to `true`. Enabled pulumi.BoolPtrOutput `pulumi:"enabled"` // When `true`, the SAML assertions will be encrypted by Keycloak using the client's public key. Defaults to `false`. EncryptAssertions pulumi.BoolPtrOutput `pulumi:"encryptAssertions"` // If assertions for the client are encrypted, this certificate will be used for encryption. EncryptionCertificate pulumi.StringOutput `pulumi:"encryptionCertificate"` // (Computed) The sha1sum fingerprint of the encryption certificate. If the encryption certificate is not in correct base64 format, this will be left empty. EncryptionCertificateSha1 pulumi.StringOutput `pulumi:"encryptionCertificateSha1"` ExtraConfig pulumi.StringMapOutput `pulumi:"extraConfig"` // Ignore requested NameID subject format and use the one defined in `nameIdFormat` instead. Defaults to `false`. ForceNameIdFormat pulumi.BoolPtrOutput `pulumi:"forceNameIdFormat"` // When `true`, Keycloak will always respond to an authentication request via the SAML POST Binding. Defaults to `true`. ForcePostBinding pulumi.BoolPtrOutput `pulumi:"forcePostBinding"` // When `true`, this client will require a browser redirect in order to perform a logout. Defaults to `true`. FrontChannelLogout pulumi.BoolPtrOutput `pulumi:"frontChannelLogout"` // Allow to include all roles mappings in the access token FullScopeAllowed pulumi.BoolPtrOutput `pulumi:"fullScopeAllowed"` // Relay state you want to send with SAML request when you want to do IDP Initiated SSO. IdpInitiatedSsoRelayState pulumi.StringPtrOutput `pulumi:"idpInitiatedSsoRelayState"` // URL fragment name to reference client when you want to do IDP Initiated SSO. IdpInitiatedSsoUrlName pulumi.StringPtrOutput `pulumi:"idpInitiatedSsoUrlName"` // When `true`, an `AuthnStatement` will be included in the SAML response. Defaults to `true`. IncludeAuthnStatement pulumi.BoolPtrOutput `pulumi:"includeAuthnStatement"` // The login theme of this client. LoginTheme pulumi.StringPtrOutput `pulumi:"loginTheme"` // SAML POST Binding URL for the client's single logout service. LogoutServicePostBindingUrl pulumi.StringPtrOutput `pulumi:"logoutServicePostBindingUrl"` // SAML Redirect Binding URL for the client's single logout service. LogoutServiceRedirectBindingUrl pulumi.StringPtrOutput `pulumi:"logoutServiceRedirectBindingUrl"` // When specified, this URL will be used for all SAML requests. MasterSamlProcessingUrl pulumi.StringPtrOutput `pulumi:"masterSamlProcessingUrl"` // The display name of this client in the GUI. Name pulumi.StringOutput `pulumi:"name"` // Sets the Name ID format for the subject. NameIdFormat pulumi.StringOutput `pulumi:"nameIdFormat"` // The realm this client is attached to. RealmId pulumi.StringOutput `pulumi:"realmId"` // When specified, this value is prepended to all relative URLs. RootUrl pulumi.StringPtrOutput `pulumi:"rootUrl"` // When `true`, the SAML assertions will be signed by Keycloak using the realm's private key, and embedded within the SAML XML Auth response. Defaults to `false`. SignAssertions pulumi.BoolPtrOutput `pulumi:"signAssertions"` // When `true`, the SAML document will be signed by Keycloak using the realm's private key. Defaults to `true`. SignDocuments pulumi.BoolPtrOutput `pulumi:"signDocuments"` // The signature algorithm used to sign documents. Should be one of "RSA_SHA1", "RSA_SHA256", "RSA_SHA256_MGF1, "RSA_SHA512", "RSA_SHA512_MGF1" or "DSA_SHA1". SignatureAlgorithm pulumi.StringPtrOutput `pulumi:"signatureAlgorithm"` // The value of the `KeyName` element within the signed SAML document. Should be one of "NONE", "KEY_ID", or "CERT_SUBJECT". Defaults to "KEY_ID". SignatureKeyName pulumi.StringPtrOutput `pulumi:"signatureKeyName"` // If documents or assertions from the client are signed, this certificate will be used to verify the signature. SigningCertificate pulumi.StringOutput `pulumi:"signingCertificate"` // (Computed) The sha1sum fingerprint of the signing certificate. If the signing certificate is not in correct base64 format, this will be left empty. SigningCertificateSha1 pulumi.StringOutput `pulumi:"signingCertificateSha1"` // If documents or assertions from the client are signed, this private key will be used to verify the signature. SigningPrivateKey pulumi.StringOutput `pulumi:"signingPrivateKey"` // (Computed) The sha1sum fingerprint of the signing private key. If the signing private key is not in correct base64 format, this will be left empty. SigningPrivateKeySha1 pulumi.StringOutput `pulumi:"signingPrivateKeySha1"` // When specified, Keycloak will use this list to validate given Assertion Consumer URLs specified in the authentication request. ValidRedirectUris pulumi.StringArrayOutput `pulumi:"validRedirectUris"` }
Allows for creating and managing Keycloak clients that use the SAML protocol.
Clients are entities that can use Keycloak for user authentication. Typically, clients are applications that redirect users to Keycloak for authentication in order to take advantage of Keycloak's user sessions for SSO.
## Import
Clients can be imported using the format `{{realm_id}}/{{client_keycloak_id}}`, where `client_keycloak_id` is the unique ID that Keycloak
assigns to the client upon creation. This value can be found in the URI when editing this client in the GUI, and is typically a GUID.
Example:
bash
```sh $ pulumi import keycloak:saml/client:Client saml_client my-realm/dcbc4c73-e478-4928-ae2e-d5e420223352 ```
func GetClient ¶
func GetClient(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ClientState, opts ...pulumi.ResourceOption) (*Client, error)
GetClient gets an existing Client resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewClient ¶
func NewClient(ctx *pulumi.Context, name string, args *ClientArgs, opts ...pulumi.ResourceOption) (*Client, error)
NewClient registers a new resource with the given unique name, arguments, and options.
func (*Client) ElementType ¶
func (*Client) ToClientOutput ¶
func (i *Client) ToClientOutput() ClientOutput
func (*Client) ToClientOutputWithContext ¶
func (i *Client) ToClientOutputWithContext(ctx context.Context) ClientOutput
type ClientArgs ¶
type ClientArgs struct { // SAML POST Binding URL for the client's assertion consumer service (login responses). AssertionConsumerPostUrl pulumi.StringPtrInput // SAML Redirect Binding URL for the client's assertion consumer service (login responses). AssertionConsumerRedirectUrl pulumi.StringPtrInput // Override realm authentication flow bindings AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverridesPtrInput // When specified, this URL will be used whenever Keycloak needs to link to this client. BaseUrl pulumi.StringPtrInput // The Canonicalization Method for XML signatures. Should be one of "EXCLUSIVE", "EXCLUSIVE_WITH_COMMENTS", "INCLUSIVE", or "INCLUSIVE_WITH_COMMENTS". Defaults to "EXCLUSIVE". CanonicalizationMethod pulumi.StringPtrInput // The unique ID of this client, referenced in the URI during authentication and in issued tokens. ClientId pulumi.StringInput // When `true`, Keycloak will expect that documents originating from a client will be signed using the certificate and/or key configured via `signingCertificate` and `signingPrivateKey`. Defaults to `true`. ClientSignatureRequired pulumi.BoolPtrInput // The description of this client in the GUI. Description pulumi.StringPtrInput // When false, this client will not be able to initiate a login or obtain access tokens. Defaults to `true`. Enabled pulumi.BoolPtrInput // When `true`, the SAML assertions will be encrypted by Keycloak using the client's public key. Defaults to `false`. EncryptAssertions pulumi.BoolPtrInput // If assertions for the client are encrypted, this certificate will be used for encryption. EncryptionCertificate pulumi.StringPtrInput ExtraConfig pulumi.StringMapInput // Ignore requested NameID subject format and use the one defined in `nameIdFormat` instead. Defaults to `false`. ForceNameIdFormat pulumi.BoolPtrInput // When `true`, Keycloak will always respond to an authentication request via the SAML POST Binding. Defaults to `true`. ForcePostBinding pulumi.BoolPtrInput // When `true`, this client will require a browser redirect in order to perform a logout. Defaults to `true`. FrontChannelLogout pulumi.BoolPtrInput // Allow to include all roles mappings in the access token FullScopeAllowed pulumi.BoolPtrInput // Relay state you want to send with SAML request when you want to do IDP Initiated SSO. IdpInitiatedSsoRelayState pulumi.StringPtrInput // URL fragment name to reference client when you want to do IDP Initiated SSO. IdpInitiatedSsoUrlName pulumi.StringPtrInput // When `true`, an `AuthnStatement` will be included in the SAML response. Defaults to `true`. IncludeAuthnStatement pulumi.BoolPtrInput // The login theme of this client. LoginTheme pulumi.StringPtrInput // SAML POST Binding URL for the client's single logout service. LogoutServicePostBindingUrl pulumi.StringPtrInput // SAML Redirect Binding URL for the client's single logout service. LogoutServiceRedirectBindingUrl pulumi.StringPtrInput // When specified, this URL will be used for all SAML requests. MasterSamlProcessingUrl pulumi.StringPtrInput // The display name of this client in the GUI. Name pulumi.StringPtrInput // Sets the Name ID format for the subject. NameIdFormat pulumi.StringPtrInput // The realm this client is attached to. RealmId pulumi.StringInput // When specified, this value is prepended to all relative URLs. RootUrl pulumi.StringPtrInput // When `true`, the SAML assertions will be signed by Keycloak using the realm's private key, and embedded within the SAML XML Auth response. Defaults to `false`. SignAssertions pulumi.BoolPtrInput // When `true`, the SAML document will be signed by Keycloak using the realm's private key. Defaults to `true`. SignDocuments pulumi.BoolPtrInput // The signature algorithm used to sign documents. Should be one of "RSA_SHA1", "RSA_SHA256", "RSA_SHA256_MGF1, "RSA_SHA512", "RSA_SHA512_MGF1" or "DSA_SHA1". SignatureAlgorithm pulumi.StringPtrInput // The value of the `KeyName` element within the signed SAML document. Should be one of "NONE", "KEY_ID", or "CERT_SUBJECT". Defaults to "KEY_ID". SignatureKeyName pulumi.StringPtrInput // If documents or assertions from the client are signed, this certificate will be used to verify the signature. SigningCertificate pulumi.StringPtrInput // If documents or assertions from the client are signed, this private key will be used to verify the signature. SigningPrivateKey pulumi.StringPtrInput // When specified, Keycloak will use this list to validate given Assertion Consumer URLs specified in the authentication request. ValidRedirectUris pulumi.StringArrayInput }
The set of arguments for constructing a Client resource.
func (ClientArgs) ElementType ¶
func (ClientArgs) ElementType() reflect.Type
type ClientArray ¶
type ClientArray []ClientInput
func (ClientArray) ElementType ¶
func (ClientArray) ElementType() reflect.Type
func (ClientArray) ToClientArrayOutput ¶
func (i ClientArray) ToClientArrayOutput() ClientArrayOutput
func (ClientArray) ToClientArrayOutputWithContext ¶
func (i ClientArray) ToClientArrayOutputWithContext(ctx context.Context) ClientArrayOutput
type ClientArrayInput ¶
type ClientArrayInput interface { pulumi.Input ToClientArrayOutput() ClientArrayOutput ToClientArrayOutputWithContext(context.Context) ClientArrayOutput }
ClientArrayInput is an input type that accepts ClientArray and ClientArrayOutput values. You can construct a concrete instance of `ClientArrayInput` via:
ClientArray{ ClientArgs{...} }
type ClientArrayOutput ¶
type ClientArrayOutput struct{ *pulumi.OutputState }
func (ClientArrayOutput) ElementType ¶
func (ClientArrayOutput) ElementType() reflect.Type
func (ClientArrayOutput) Index ¶
func (o ClientArrayOutput) Index(i pulumi.IntInput) ClientOutput
func (ClientArrayOutput) ToClientArrayOutput ¶
func (o ClientArrayOutput) ToClientArrayOutput() ClientArrayOutput
func (ClientArrayOutput) ToClientArrayOutputWithContext ¶
func (o ClientArrayOutput) ToClientArrayOutputWithContext(ctx context.Context) ClientArrayOutput
type ClientAuthenticationFlowBindingOverridesArgs ¶
type ClientAuthenticationFlowBindingOverridesArgs struct { // Browser flow id, (flow needs to exist) BrowserId pulumi.StringPtrInput `pulumi:"browserId"` // Direct grant flow id (flow needs to exist) DirectGrantId pulumi.StringPtrInput `pulumi:"directGrantId"` }
func (ClientAuthenticationFlowBindingOverridesArgs) ElementType ¶
func (ClientAuthenticationFlowBindingOverridesArgs) ElementType() reflect.Type
func (ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutput ¶
func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutput() ClientAuthenticationFlowBindingOverridesOutput
func (ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutputWithContext ¶
func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesOutput
func (ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutput ¶
func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput
func (ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext ¶
func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput
type ClientAuthenticationFlowBindingOverridesInput ¶
type ClientAuthenticationFlowBindingOverridesInput interface { pulumi.Input ToClientAuthenticationFlowBindingOverridesOutput() ClientAuthenticationFlowBindingOverridesOutput ToClientAuthenticationFlowBindingOverridesOutputWithContext(context.Context) ClientAuthenticationFlowBindingOverridesOutput }
ClientAuthenticationFlowBindingOverridesInput is an input type that accepts ClientAuthenticationFlowBindingOverridesArgs and ClientAuthenticationFlowBindingOverridesOutput values. You can construct a concrete instance of `ClientAuthenticationFlowBindingOverridesInput` via:
ClientAuthenticationFlowBindingOverridesArgs{...}
type ClientAuthenticationFlowBindingOverridesOutput ¶
type ClientAuthenticationFlowBindingOverridesOutput struct{ *pulumi.OutputState }
func (ClientAuthenticationFlowBindingOverridesOutput) BrowserId ¶
func (o ClientAuthenticationFlowBindingOverridesOutput) BrowserId() pulumi.StringPtrOutput
Browser flow id, (flow needs to exist)
func (ClientAuthenticationFlowBindingOverridesOutput) DirectGrantId ¶
func (o ClientAuthenticationFlowBindingOverridesOutput) DirectGrantId() pulumi.StringPtrOutput
Direct grant flow id (flow needs to exist)
func (ClientAuthenticationFlowBindingOverridesOutput) ElementType ¶
func (ClientAuthenticationFlowBindingOverridesOutput) ElementType() reflect.Type
func (ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutput ¶
func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutput() ClientAuthenticationFlowBindingOverridesOutput
func (ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutputWithContext ¶
func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesOutput
func (ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput ¶
func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput
func (ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext ¶
func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput
type ClientAuthenticationFlowBindingOverridesPtrInput ¶
type ClientAuthenticationFlowBindingOverridesPtrInput interface { pulumi.Input ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput }
ClientAuthenticationFlowBindingOverridesPtrInput is an input type that accepts ClientAuthenticationFlowBindingOverridesArgs, ClientAuthenticationFlowBindingOverridesPtr and ClientAuthenticationFlowBindingOverridesPtrOutput values. You can construct a concrete instance of `ClientAuthenticationFlowBindingOverridesPtrInput` via:
ClientAuthenticationFlowBindingOverridesArgs{...} or: nil
func ClientAuthenticationFlowBindingOverridesPtr ¶
func ClientAuthenticationFlowBindingOverridesPtr(v *ClientAuthenticationFlowBindingOverridesArgs) ClientAuthenticationFlowBindingOverridesPtrInput
type ClientAuthenticationFlowBindingOverridesPtrOutput ¶
type ClientAuthenticationFlowBindingOverridesPtrOutput struct{ *pulumi.OutputState }
func (ClientAuthenticationFlowBindingOverridesPtrOutput) BrowserId ¶
func (o ClientAuthenticationFlowBindingOverridesPtrOutput) BrowserId() pulumi.StringPtrOutput
Browser flow id, (flow needs to exist)
func (ClientAuthenticationFlowBindingOverridesPtrOutput) DirectGrantId ¶
func (o ClientAuthenticationFlowBindingOverridesPtrOutput) DirectGrantId() pulumi.StringPtrOutput
Direct grant flow id (flow needs to exist)
func (ClientAuthenticationFlowBindingOverridesPtrOutput) ElementType ¶
func (ClientAuthenticationFlowBindingOverridesPtrOutput) ElementType() reflect.Type
func (ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput ¶
func (o ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput
func (ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext ¶
func (o ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput
type ClientDefaultScope ¶
type ClientDefaultScope struct { pulumi.CustomResourceState // The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak. ClientId pulumi.StringOutput `pulumi:"clientId"` // An array of client scope names to attach to this client. DefaultScopes pulumi.StringArrayOutput `pulumi:"defaultScopes"` // The realm this client and scopes exists in. RealmId pulumi.StringOutput `pulumi:"realmId"` }
## Example Usage
func GetClientDefaultScope ¶
func GetClientDefaultScope(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ClientDefaultScopeState, opts ...pulumi.ResourceOption) (*ClientDefaultScope, error)
GetClientDefaultScope gets an existing ClientDefaultScope resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewClientDefaultScope ¶
func NewClientDefaultScope(ctx *pulumi.Context, name string, args *ClientDefaultScopeArgs, opts ...pulumi.ResourceOption) (*ClientDefaultScope, error)
NewClientDefaultScope registers a new resource with the given unique name, arguments, and options.
func (*ClientDefaultScope) ElementType ¶
func (*ClientDefaultScope) ElementType() reflect.Type
func (*ClientDefaultScope) ToClientDefaultScopeOutput ¶
func (i *ClientDefaultScope) ToClientDefaultScopeOutput() ClientDefaultScopeOutput
func (*ClientDefaultScope) ToClientDefaultScopeOutputWithContext ¶
func (i *ClientDefaultScope) ToClientDefaultScopeOutputWithContext(ctx context.Context) ClientDefaultScopeOutput
type ClientDefaultScopeArgs ¶
type ClientDefaultScopeArgs struct { // The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak. ClientId pulumi.StringInput // An array of client scope names to attach to this client. DefaultScopes pulumi.StringArrayInput // The realm this client and scopes exists in. RealmId pulumi.StringInput }
The set of arguments for constructing a ClientDefaultScope resource.
func (ClientDefaultScopeArgs) ElementType ¶
func (ClientDefaultScopeArgs) ElementType() reflect.Type
type ClientDefaultScopeArray ¶
type ClientDefaultScopeArray []ClientDefaultScopeInput
func (ClientDefaultScopeArray) ElementType ¶
func (ClientDefaultScopeArray) ElementType() reflect.Type
func (ClientDefaultScopeArray) ToClientDefaultScopeArrayOutput ¶
func (i ClientDefaultScopeArray) ToClientDefaultScopeArrayOutput() ClientDefaultScopeArrayOutput
func (ClientDefaultScopeArray) ToClientDefaultScopeArrayOutputWithContext ¶
func (i ClientDefaultScopeArray) ToClientDefaultScopeArrayOutputWithContext(ctx context.Context) ClientDefaultScopeArrayOutput
type ClientDefaultScopeArrayInput ¶
type ClientDefaultScopeArrayInput interface { pulumi.Input ToClientDefaultScopeArrayOutput() ClientDefaultScopeArrayOutput ToClientDefaultScopeArrayOutputWithContext(context.Context) ClientDefaultScopeArrayOutput }
ClientDefaultScopeArrayInput is an input type that accepts ClientDefaultScopeArray and ClientDefaultScopeArrayOutput values. You can construct a concrete instance of `ClientDefaultScopeArrayInput` via:
ClientDefaultScopeArray{ ClientDefaultScopeArgs{...} }
type ClientDefaultScopeArrayOutput ¶
type ClientDefaultScopeArrayOutput struct{ *pulumi.OutputState }
func (ClientDefaultScopeArrayOutput) ElementType ¶
func (ClientDefaultScopeArrayOutput) ElementType() reflect.Type
func (ClientDefaultScopeArrayOutput) Index ¶
func (o ClientDefaultScopeArrayOutput) Index(i pulumi.IntInput) ClientDefaultScopeOutput
func (ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutput ¶
func (o ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutput() ClientDefaultScopeArrayOutput
func (ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutputWithContext ¶
func (o ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutputWithContext(ctx context.Context) ClientDefaultScopeArrayOutput
type ClientDefaultScopeInput ¶
type ClientDefaultScopeInput interface { pulumi.Input ToClientDefaultScopeOutput() ClientDefaultScopeOutput ToClientDefaultScopeOutputWithContext(ctx context.Context) ClientDefaultScopeOutput }
type ClientDefaultScopeMap ¶
type ClientDefaultScopeMap map[string]ClientDefaultScopeInput
func (ClientDefaultScopeMap) ElementType ¶
func (ClientDefaultScopeMap) ElementType() reflect.Type
func (ClientDefaultScopeMap) ToClientDefaultScopeMapOutput ¶
func (i ClientDefaultScopeMap) ToClientDefaultScopeMapOutput() ClientDefaultScopeMapOutput
func (ClientDefaultScopeMap) ToClientDefaultScopeMapOutputWithContext ¶
func (i ClientDefaultScopeMap) ToClientDefaultScopeMapOutputWithContext(ctx context.Context) ClientDefaultScopeMapOutput
type ClientDefaultScopeMapInput ¶
type ClientDefaultScopeMapInput interface { pulumi.Input ToClientDefaultScopeMapOutput() ClientDefaultScopeMapOutput ToClientDefaultScopeMapOutputWithContext(context.Context) ClientDefaultScopeMapOutput }
ClientDefaultScopeMapInput is an input type that accepts ClientDefaultScopeMap and ClientDefaultScopeMapOutput values. You can construct a concrete instance of `ClientDefaultScopeMapInput` via:
ClientDefaultScopeMap{ "key": ClientDefaultScopeArgs{...} }
type ClientDefaultScopeMapOutput ¶
type ClientDefaultScopeMapOutput struct{ *pulumi.OutputState }
func (ClientDefaultScopeMapOutput) ElementType ¶
func (ClientDefaultScopeMapOutput) ElementType() reflect.Type
func (ClientDefaultScopeMapOutput) MapIndex ¶
func (o ClientDefaultScopeMapOutput) MapIndex(k pulumi.StringInput) ClientDefaultScopeOutput
func (ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutput ¶
func (o ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutput() ClientDefaultScopeMapOutput
func (ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutputWithContext ¶
func (o ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutputWithContext(ctx context.Context) ClientDefaultScopeMapOutput
type ClientDefaultScopeOutput ¶
type ClientDefaultScopeOutput struct{ *pulumi.OutputState }
func (ClientDefaultScopeOutput) ClientId ¶
func (o ClientDefaultScopeOutput) ClientId() pulumi.StringOutput
The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
func (ClientDefaultScopeOutput) DefaultScopes ¶
func (o ClientDefaultScopeOutput) DefaultScopes() pulumi.StringArrayOutput
An array of client scope names to attach to this client.
func (ClientDefaultScopeOutput) ElementType ¶
func (ClientDefaultScopeOutput) ElementType() reflect.Type
func (ClientDefaultScopeOutput) RealmId ¶
func (o ClientDefaultScopeOutput) RealmId() pulumi.StringOutput
The realm this client and scopes exists in.
func (ClientDefaultScopeOutput) ToClientDefaultScopeOutput ¶
func (o ClientDefaultScopeOutput) ToClientDefaultScopeOutput() ClientDefaultScopeOutput
func (ClientDefaultScopeOutput) ToClientDefaultScopeOutputWithContext ¶
func (o ClientDefaultScopeOutput) ToClientDefaultScopeOutputWithContext(ctx context.Context) ClientDefaultScopeOutput
type ClientDefaultScopeState ¶
type ClientDefaultScopeState struct { // The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak. ClientId pulumi.StringPtrInput // An array of client scope names to attach to this client. DefaultScopes pulumi.StringArrayInput // The realm this client and scopes exists in. RealmId pulumi.StringPtrInput }
func (ClientDefaultScopeState) ElementType ¶
func (ClientDefaultScopeState) ElementType() reflect.Type
type ClientInput ¶
type ClientInput interface { pulumi.Input ToClientOutput() ClientOutput ToClientOutputWithContext(ctx context.Context) ClientOutput }
type ClientMap ¶
type ClientMap map[string]ClientInput
func (ClientMap) ElementType ¶
func (ClientMap) ToClientMapOutput ¶
func (i ClientMap) ToClientMapOutput() ClientMapOutput
func (ClientMap) ToClientMapOutputWithContext ¶
func (i ClientMap) ToClientMapOutputWithContext(ctx context.Context) ClientMapOutput
type ClientMapInput ¶
type ClientMapInput interface { pulumi.Input ToClientMapOutput() ClientMapOutput ToClientMapOutputWithContext(context.Context) ClientMapOutput }
ClientMapInput is an input type that accepts ClientMap and ClientMapOutput values. You can construct a concrete instance of `ClientMapInput` via:
ClientMap{ "key": ClientArgs{...} }
type ClientMapOutput ¶
type ClientMapOutput struct{ *pulumi.OutputState }
func (ClientMapOutput) ElementType ¶
func (ClientMapOutput) ElementType() reflect.Type
func (ClientMapOutput) MapIndex ¶
func (o ClientMapOutput) MapIndex(k pulumi.StringInput) ClientOutput
func (ClientMapOutput) ToClientMapOutput ¶
func (o ClientMapOutput) ToClientMapOutput() ClientMapOutput
func (ClientMapOutput) ToClientMapOutputWithContext ¶
func (o ClientMapOutput) ToClientMapOutputWithContext(ctx context.Context) ClientMapOutput
type ClientOutput ¶
type ClientOutput struct{ *pulumi.OutputState }
func (ClientOutput) AssertionConsumerPostUrl ¶
func (o ClientOutput) AssertionConsumerPostUrl() pulumi.StringPtrOutput
SAML POST Binding URL for the client's assertion consumer service (login responses).
func (ClientOutput) AssertionConsumerRedirectUrl ¶
func (o ClientOutput) AssertionConsumerRedirectUrl() pulumi.StringPtrOutput
SAML Redirect Binding URL for the client's assertion consumer service (login responses).
func (ClientOutput) AuthenticationFlowBindingOverrides ¶
func (o ClientOutput) AuthenticationFlowBindingOverrides() ClientAuthenticationFlowBindingOverridesPtrOutput
Override realm authentication flow bindings
func (ClientOutput) BaseUrl ¶
func (o ClientOutput) BaseUrl() pulumi.StringPtrOutput
When specified, this URL will be used whenever Keycloak needs to link to this client.
func (ClientOutput) CanonicalizationMethod ¶
func (o ClientOutput) CanonicalizationMethod() pulumi.StringPtrOutput
The Canonicalization Method for XML signatures. Should be one of "EXCLUSIVE", "EXCLUSIVE_WITH_COMMENTS", "INCLUSIVE", or "INCLUSIVE_WITH_COMMENTS". Defaults to "EXCLUSIVE".
func (ClientOutput) ClientId ¶
func (o ClientOutput) ClientId() pulumi.StringOutput
The unique ID of this client, referenced in the URI during authentication and in issued tokens.
func (ClientOutput) ClientSignatureRequired ¶
func (o ClientOutput) ClientSignatureRequired() pulumi.BoolPtrOutput
When `true`, Keycloak will expect that documents originating from a client will be signed using the certificate and/or key configured via `signingCertificate` and `signingPrivateKey`. Defaults to `true`.
func (ClientOutput) Description ¶
func (o ClientOutput) Description() pulumi.StringPtrOutput
The description of this client in the GUI.
func (ClientOutput) ElementType ¶
func (ClientOutput) ElementType() reflect.Type
func (ClientOutput) Enabled ¶
func (o ClientOutput) Enabled() pulumi.BoolPtrOutput
When false, this client will not be able to initiate a login or obtain access tokens. Defaults to `true`.
func (ClientOutput) EncryptAssertions ¶
func (o ClientOutput) EncryptAssertions() pulumi.BoolPtrOutput
When `true`, the SAML assertions will be encrypted by Keycloak using the client's public key. Defaults to `false`.
func (ClientOutput) EncryptionCertificate ¶
func (o ClientOutput) EncryptionCertificate() pulumi.StringOutput
If assertions for the client are encrypted, this certificate will be used for encryption.
func (ClientOutput) EncryptionCertificateSha1 ¶
func (o ClientOutput) EncryptionCertificateSha1() pulumi.StringOutput
(Computed) The sha1sum fingerprint of the encryption certificate. If the encryption certificate is not in correct base64 format, this will be left empty.
func (ClientOutput) ExtraConfig ¶
func (o ClientOutput) ExtraConfig() pulumi.StringMapOutput
func (ClientOutput) ForceNameIdFormat ¶
func (o ClientOutput) ForceNameIdFormat() pulumi.BoolPtrOutput
Ignore requested NameID subject format and use the one defined in `nameIdFormat` instead. Defaults to `false`.
func (ClientOutput) ForcePostBinding ¶
func (o ClientOutput) ForcePostBinding() pulumi.BoolPtrOutput
When `true`, Keycloak will always respond to an authentication request via the SAML POST Binding. Defaults to `true`.
func (ClientOutput) FrontChannelLogout ¶
func (o ClientOutput) FrontChannelLogout() pulumi.BoolPtrOutput
When `true`, this client will require a browser redirect in order to perform a logout. Defaults to `true`.
func (ClientOutput) FullScopeAllowed ¶
func (o ClientOutput) FullScopeAllowed() pulumi.BoolPtrOutput
Allow to include all roles mappings in the access token
func (ClientOutput) IdpInitiatedSsoRelayState ¶
func (o ClientOutput) IdpInitiatedSsoRelayState() pulumi.StringPtrOutput
Relay state you want to send with SAML request when you want to do IDP Initiated SSO.
func (ClientOutput) IdpInitiatedSsoUrlName ¶
func (o ClientOutput) IdpInitiatedSsoUrlName() pulumi.StringPtrOutput
URL fragment name to reference client when you want to do IDP Initiated SSO.
func (ClientOutput) IncludeAuthnStatement ¶
func (o ClientOutput) IncludeAuthnStatement() pulumi.BoolPtrOutput
When `true`, an `AuthnStatement` will be included in the SAML response. Defaults to `true`.
func (ClientOutput) LoginTheme ¶
func (o ClientOutput) LoginTheme() pulumi.StringPtrOutput
The login theme of this client.
func (ClientOutput) LogoutServicePostBindingUrl ¶
func (o ClientOutput) LogoutServicePostBindingUrl() pulumi.StringPtrOutput
SAML POST Binding URL for the client's single logout service.
func (ClientOutput) LogoutServiceRedirectBindingUrl ¶
func (o ClientOutput) LogoutServiceRedirectBindingUrl() pulumi.StringPtrOutput
SAML Redirect Binding URL for the client's single logout service.
func (ClientOutput) MasterSamlProcessingUrl ¶
func (o ClientOutput) MasterSamlProcessingUrl() pulumi.StringPtrOutput
When specified, this URL will be used for all SAML requests.
func (ClientOutput) Name ¶
func (o ClientOutput) Name() pulumi.StringOutput
The display name of this client in the GUI.
func (ClientOutput) NameIdFormat ¶
func (o ClientOutput) NameIdFormat() pulumi.StringOutput
Sets the Name ID format for the subject.
func (ClientOutput) RealmId ¶
func (o ClientOutput) RealmId() pulumi.StringOutput
The realm this client is attached to.
func (ClientOutput) RootUrl ¶
func (o ClientOutput) RootUrl() pulumi.StringPtrOutput
When specified, this value is prepended to all relative URLs.
func (ClientOutput) SignAssertions ¶
func (o ClientOutput) SignAssertions() pulumi.BoolPtrOutput
When `true`, the SAML assertions will be signed by Keycloak using the realm's private key, and embedded within the SAML XML Auth response. Defaults to `false`.
func (ClientOutput) SignDocuments ¶
func (o ClientOutput) SignDocuments() pulumi.BoolPtrOutput
When `true`, the SAML document will be signed by Keycloak using the realm's private key. Defaults to `true`.
func (ClientOutput) SignatureAlgorithm ¶
func (o ClientOutput) SignatureAlgorithm() pulumi.StringPtrOutput
The signature algorithm used to sign documents. Should be one of "RSA_SHA1", "RSA_SHA256", "RSA_SHA256_MGF1, "RSA_SHA512", "RSA_SHA512_MGF1" or "DSA_SHA1".
func (ClientOutput) SignatureKeyName ¶
func (o ClientOutput) SignatureKeyName() pulumi.StringPtrOutput
The value of the `KeyName` element within the signed SAML document. Should be one of "NONE", "KEY_ID", or "CERT_SUBJECT". Defaults to "KEY_ID".
func (ClientOutput) SigningCertificate ¶
func (o ClientOutput) SigningCertificate() pulumi.StringOutput
If documents or assertions from the client are signed, this certificate will be used to verify the signature.
func (ClientOutput) SigningCertificateSha1 ¶
func (o ClientOutput) SigningCertificateSha1() pulumi.StringOutput
(Computed) The sha1sum fingerprint of the signing certificate. If the signing certificate is not in correct base64 format, this will be left empty.
func (ClientOutput) SigningPrivateKey ¶
func (o ClientOutput) SigningPrivateKey() pulumi.StringOutput
If documents or assertions from the client are signed, this private key will be used to verify the signature.
func (ClientOutput) SigningPrivateKeySha1 ¶
func (o ClientOutput) SigningPrivateKeySha1() pulumi.StringOutput
(Computed) The sha1sum fingerprint of the signing private key. If the signing private key is not in correct base64 format, this will be left empty.
func (ClientOutput) ToClientOutput ¶
func (o ClientOutput) ToClientOutput() ClientOutput
func (ClientOutput) ToClientOutputWithContext ¶
func (o ClientOutput) ToClientOutputWithContext(ctx context.Context) ClientOutput
func (ClientOutput) ValidRedirectUris ¶
func (o ClientOutput) ValidRedirectUris() pulumi.StringArrayOutput
When specified, Keycloak will use this list to validate given Assertion Consumer URLs specified in the authentication request.
type ClientScope ¶
type ClientScope struct { pulumi.CustomResourceState // When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute. ConsentScreenText pulumi.StringPtrOutput `pulumi:"consentScreenText"` // The description of this client scope in the GUI. Description pulumi.StringPtrOutput `pulumi:"description"` // Specify order of the client scope in GUI (such as in Consent page) as integer. GuiOrder pulumi.IntPtrOutput `pulumi:"guiOrder"` // The display name of this client scope in the GUI. Name pulumi.StringOutput `pulumi:"name"` // The realm this client scope belongs to. RealmId pulumi.StringOutput `pulumi:"realmId"` }
Allows for creating and managing Keycloak client scopes that can be attached to clients that use the SAML protocol.
Client Scopes can be used to share common protocol and role mappings between multiple clients within a realm.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } _, err = saml.NewClientScope(ctx, "saml_client_scope", &saml.ClientScopeArgs{ RealmId: realm.ID(), Name: pulumi.String("groups"), Description: pulumi.String("This scope will map a user's group memberships to SAML assertion"), GuiOrder: pulumi.Int(1), }) if err != nil { return err } return nil }) }
```
## Import
Client scopes can be imported using the format `{{realm_id}}/{{client_scope_id}}`, where `client_scope_id` is the unique ID that Keycloak
assigns to the client scope upon creation. This value can be found in the URI when editing this client scope in the GUI, and is typically a GUID.
Example:
bash
```sh $ pulumi import keycloak:saml/clientScope:ClientScope saml_client_scope my-realm/e8a5d115-6985-4de3-a0f5-732e1be4525e ```
func GetClientScope ¶
func GetClientScope(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ClientScopeState, opts ...pulumi.ResourceOption) (*ClientScope, error)
GetClientScope gets an existing ClientScope resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewClientScope ¶
func NewClientScope(ctx *pulumi.Context, name string, args *ClientScopeArgs, opts ...pulumi.ResourceOption) (*ClientScope, error)
NewClientScope registers a new resource with the given unique name, arguments, and options.
func (*ClientScope) ElementType ¶
func (*ClientScope) ElementType() reflect.Type
func (*ClientScope) ToClientScopeOutput ¶
func (i *ClientScope) ToClientScopeOutput() ClientScopeOutput
func (*ClientScope) ToClientScopeOutputWithContext ¶
func (i *ClientScope) ToClientScopeOutputWithContext(ctx context.Context) ClientScopeOutput
type ClientScopeArgs ¶
type ClientScopeArgs struct { // When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute. ConsentScreenText pulumi.StringPtrInput // The description of this client scope in the GUI. Description pulumi.StringPtrInput // Specify order of the client scope in GUI (such as in Consent page) as integer. GuiOrder pulumi.IntPtrInput // The display name of this client scope in the GUI. Name pulumi.StringPtrInput // The realm this client scope belongs to. RealmId pulumi.StringInput }
The set of arguments for constructing a ClientScope resource.
func (ClientScopeArgs) ElementType ¶
func (ClientScopeArgs) ElementType() reflect.Type
type ClientScopeArray ¶
type ClientScopeArray []ClientScopeInput
func (ClientScopeArray) ElementType ¶
func (ClientScopeArray) ElementType() reflect.Type
func (ClientScopeArray) ToClientScopeArrayOutput ¶
func (i ClientScopeArray) ToClientScopeArrayOutput() ClientScopeArrayOutput
func (ClientScopeArray) ToClientScopeArrayOutputWithContext ¶
func (i ClientScopeArray) ToClientScopeArrayOutputWithContext(ctx context.Context) ClientScopeArrayOutput
type ClientScopeArrayInput ¶
type ClientScopeArrayInput interface { pulumi.Input ToClientScopeArrayOutput() ClientScopeArrayOutput ToClientScopeArrayOutputWithContext(context.Context) ClientScopeArrayOutput }
ClientScopeArrayInput is an input type that accepts ClientScopeArray and ClientScopeArrayOutput values. You can construct a concrete instance of `ClientScopeArrayInput` via:
ClientScopeArray{ ClientScopeArgs{...} }
type ClientScopeArrayOutput ¶
type ClientScopeArrayOutput struct{ *pulumi.OutputState }
func (ClientScopeArrayOutput) ElementType ¶
func (ClientScopeArrayOutput) ElementType() reflect.Type
func (ClientScopeArrayOutput) Index ¶
func (o ClientScopeArrayOutput) Index(i pulumi.IntInput) ClientScopeOutput
func (ClientScopeArrayOutput) ToClientScopeArrayOutput ¶
func (o ClientScopeArrayOutput) ToClientScopeArrayOutput() ClientScopeArrayOutput
func (ClientScopeArrayOutput) ToClientScopeArrayOutputWithContext ¶
func (o ClientScopeArrayOutput) ToClientScopeArrayOutputWithContext(ctx context.Context) ClientScopeArrayOutput
type ClientScopeInput ¶
type ClientScopeInput interface { pulumi.Input ToClientScopeOutput() ClientScopeOutput ToClientScopeOutputWithContext(ctx context.Context) ClientScopeOutput }
type ClientScopeMap ¶
type ClientScopeMap map[string]ClientScopeInput
func (ClientScopeMap) ElementType ¶
func (ClientScopeMap) ElementType() reflect.Type
func (ClientScopeMap) ToClientScopeMapOutput ¶
func (i ClientScopeMap) ToClientScopeMapOutput() ClientScopeMapOutput
func (ClientScopeMap) ToClientScopeMapOutputWithContext ¶
func (i ClientScopeMap) ToClientScopeMapOutputWithContext(ctx context.Context) ClientScopeMapOutput
type ClientScopeMapInput ¶
type ClientScopeMapInput interface { pulumi.Input ToClientScopeMapOutput() ClientScopeMapOutput ToClientScopeMapOutputWithContext(context.Context) ClientScopeMapOutput }
ClientScopeMapInput is an input type that accepts ClientScopeMap and ClientScopeMapOutput values. You can construct a concrete instance of `ClientScopeMapInput` via:
ClientScopeMap{ "key": ClientScopeArgs{...} }
type ClientScopeMapOutput ¶
type ClientScopeMapOutput struct{ *pulumi.OutputState }
func (ClientScopeMapOutput) ElementType ¶
func (ClientScopeMapOutput) ElementType() reflect.Type
func (ClientScopeMapOutput) MapIndex ¶
func (o ClientScopeMapOutput) MapIndex(k pulumi.StringInput) ClientScopeOutput
func (ClientScopeMapOutput) ToClientScopeMapOutput ¶
func (o ClientScopeMapOutput) ToClientScopeMapOutput() ClientScopeMapOutput
func (ClientScopeMapOutput) ToClientScopeMapOutputWithContext ¶
func (o ClientScopeMapOutput) ToClientScopeMapOutputWithContext(ctx context.Context) ClientScopeMapOutput
type ClientScopeOutput ¶
type ClientScopeOutput struct{ *pulumi.OutputState }
func (ClientScopeOutput) ConsentScreenText ¶
func (o ClientScopeOutput) ConsentScreenText() pulumi.StringPtrOutput
When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
func (ClientScopeOutput) Description ¶
func (o ClientScopeOutput) Description() pulumi.StringPtrOutput
The description of this client scope in the GUI.
func (ClientScopeOutput) ElementType ¶
func (ClientScopeOutput) ElementType() reflect.Type
func (ClientScopeOutput) GuiOrder ¶
func (o ClientScopeOutput) GuiOrder() pulumi.IntPtrOutput
Specify order of the client scope in GUI (such as in Consent page) as integer.
func (ClientScopeOutput) Name ¶
func (o ClientScopeOutput) Name() pulumi.StringOutput
The display name of this client scope in the GUI.
func (ClientScopeOutput) RealmId ¶
func (o ClientScopeOutput) RealmId() pulumi.StringOutput
The realm this client scope belongs to.
func (ClientScopeOutput) ToClientScopeOutput ¶
func (o ClientScopeOutput) ToClientScopeOutput() ClientScopeOutput
func (ClientScopeOutput) ToClientScopeOutputWithContext ¶
func (o ClientScopeOutput) ToClientScopeOutputWithContext(ctx context.Context) ClientScopeOutput
type ClientScopeState ¶
type ClientScopeState struct { // When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute. ConsentScreenText pulumi.StringPtrInput // The description of this client scope in the GUI. Description pulumi.StringPtrInput // Specify order of the client scope in GUI (such as in Consent page) as integer. GuiOrder pulumi.IntPtrInput // The display name of this client scope in the GUI. Name pulumi.StringPtrInput // The realm this client scope belongs to. RealmId pulumi.StringPtrInput }
func (ClientScopeState) ElementType ¶
func (ClientScopeState) ElementType() reflect.Type
type ClientState ¶
type ClientState struct { // SAML POST Binding URL for the client's assertion consumer service (login responses). AssertionConsumerPostUrl pulumi.StringPtrInput // SAML Redirect Binding URL for the client's assertion consumer service (login responses). AssertionConsumerRedirectUrl pulumi.StringPtrInput // Override realm authentication flow bindings AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverridesPtrInput // When specified, this URL will be used whenever Keycloak needs to link to this client. BaseUrl pulumi.StringPtrInput // The Canonicalization Method for XML signatures. Should be one of "EXCLUSIVE", "EXCLUSIVE_WITH_COMMENTS", "INCLUSIVE", or "INCLUSIVE_WITH_COMMENTS". Defaults to "EXCLUSIVE". CanonicalizationMethod pulumi.StringPtrInput // The unique ID of this client, referenced in the URI during authentication and in issued tokens. ClientId pulumi.StringPtrInput // When `true`, Keycloak will expect that documents originating from a client will be signed using the certificate and/or key configured via `signingCertificate` and `signingPrivateKey`. Defaults to `true`. ClientSignatureRequired pulumi.BoolPtrInput // The description of this client in the GUI. Description pulumi.StringPtrInput // When false, this client will not be able to initiate a login or obtain access tokens. Defaults to `true`. Enabled pulumi.BoolPtrInput // When `true`, the SAML assertions will be encrypted by Keycloak using the client's public key. Defaults to `false`. EncryptAssertions pulumi.BoolPtrInput // If assertions for the client are encrypted, this certificate will be used for encryption. EncryptionCertificate pulumi.StringPtrInput // (Computed) The sha1sum fingerprint of the encryption certificate. If the encryption certificate is not in correct base64 format, this will be left empty. EncryptionCertificateSha1 pulumi.StringPtrInput ExtraConfig pulumi.StringMapInput // Ignore requested NameID subject format and use the one defined in `nameIdFormat` instead. Defaults to `false`. ForceNameIdFormat pulumi.BoolPtrInput // When `true`, Keycloak will always respond to an authentication request via the SAML POST Binding. Defaults to `true`. ForcePostBinding pulumi.BoolPtrInput // When `true`, this client will require a browser redirect in order to perform a logout. Defaults to `true`. FrontChannelLogout pulumi.BoolPtrInput // Allow to include all roles mappings in the access token FullScopeAllowed pulumi.BoolPtrInput // Relay state you want to send with SAML request when you want to do IDP Initiated SSO. IdpInitiatedSsoRelayState pulumi.StringPtrInput // URL fragment name to reference client when you want to do IDP Initiated SSO. IdpInitiatedSsoUrlName pulumi.StringPtrInput // When `true`, an `AuthnStatement` will be included in the SAML response. Defaults to `true`. IncludeAuthnStatement pulumi.BoolPtrInput // The login theme of this client. LoginTheme pulumi.StringPtrInput // SAML POST Binding URL for the client's single logout service. LogoutServicePostBindingUrl pulumi.StringPtrInput // SAML Redirect Binding URL for the client's single logout service. LogoutServiceRedirectBindingUrl pulumi.StringPtrInput // When specified, this URL will be used for all SAML requests. MasterSamlProcessingUrl pulumi.StringPtrInput // The display name of this client in the GUI. Name pulumi.StringPtrInput // Sets the Name ID format for the subject. NameIdFormat pulumi.StringPtrInput // The realm this client is attached to. RealmId pulumi.StringPtrInput // When specified, this value is prepended to all relative URLs. RootUrl pulumi.StringPtrInput // When `true`, the SAML assertions will be signed by Keycloak using the realm's private key, and embedded within the SAML XML Auth response. Defaults to `false`. SignAssertions pulumi.BoolPtrInput // When `true`, the SAML document will be signed by Keycloak using the realm's private key. Defaults to `true`. SignDocuments pulumi.BoolPtrInput // The signature algorithm used to sign documents. Should be one of "RSA_SHA1", "RSA_SHA256", "RSA_SHA256_MGF1, "RSA_SHA512", "RSA_SHA512_MGF1" or "DSA_SHA1". SignatureAlgorithm pulumi.StringPtrInput // The value of the `KeyName` element within the signed SAML document. Should be one of "NONE", "KEY_ID", or "CERT_SUBJECT". Defaults to "KEY_ID". SignatureKeyName pulumi.StringPtrInput // If documents or assertions from the client are signed, this certificate will be used to verify the signature. SigningCertificate pulumi.StringPtrInput // (Computed) The sha1sum fingerprint of the signing certificate. If the signing certificate is not in correct base64 format, this will be left empty. SigningCertificateSha1 pulumi.StringPtrInput // If documents or assertions from the client are signed, this private key will be used to verify the signature. SigningPrivateKey pulumi.StringPtrInput // (Computed) The sha1sum fingerprint of the signing private key. If the signing private key is not in correct base64 format, this will be left empty. SigningPrivateKeySha1 pulumi.StringPtrInput // When specified, Keycloak will use this list to validate given Assertion Consumer URLs specified in the authentication request. ValidRedirectUris pulumi.StringArrayInput }
func (ClientState) ElementType ¶
func (ClientState) ElementType() reflect.Type
type GetClientAuthenticationFlowBindingOverrideArgs ¶
type GetClientAuthenticationFlowBindingOverrideArgs struct { BrowserId pulumi.StringInput `pulumi:"browserId"` DirectGrantId pulumi.StringInput `pulumi:"directGrantId"` }
func (GetClientAuthenticationFlowBindingOverrideArgs) ElementType ¶
func (GetClientAuthenticationFlowBindingOverrideArgs) ElementType() reflect.Type
func (GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutput ¶
func (i GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutput() GetClientAuthenticationFlowBindingOverrideOutput
func (GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext ¶
func (i GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideOutput
type GetClientAuthenticationFlowBindingOverrideArray ¶
type GetClientAuthenticationFlowBindingOverrideArray []GetClientAuthenticationFlowBindingOverrideInput
func (GetClientAuthenticationFlowBindingOverrideArray) ElementType ¶
func (GetClientAuthenticationFlowBindingOverrideArray) ElementType() reflect.Type
func (GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutput ¶
func (i GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutput() GetClientAuthenticationFlowBindingOverrideArrayOutput
func (GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext ¶
func (i GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideArrayOutput
type GetClientAuthenticationFlowBindingOverrideArrayInput ¶
type GetClientAuthenticationFlowBindingOverrideArrayInput interface { pulumi.Input ToGetClientAuthenticationFlowBindingOverrideArrayOutput() GetClientAuthenticationFlowBindingOverrideArrayOutput ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext(context.Context) GetClientAuthenticationFlowBindingOverrideArrayOutput }
GetClientAuthenticationFlowBindingOverrideArrayInput is an input type that accepts GetClientAuthenticationFlowBindingOverrideArray and GetClientAuthenticationFlowBindingOverrideArrayOutput values. You can construct a concrete instance of `GetClientAuthenticationFlowBindingOverrideArrayInput` via:
GetClientAuthenticationFlowBindingOverrideArray{ GetClientAuthenticationFlowBindingOverrideArgs{...} }
type GetClientAuthenticationFlowBindingOverrideArrayOutput ¶
type GetClientAuthenticationFlowBindingOverrideArrayOutput struct{ *pulumi.OutputState }
func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ElementType ¶
func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ElementType() reflect.Type
func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutput ¶
func (o GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutput() GetClientAuthenticationFlowBindingOverrideArrayOutput
func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext ¶
func (o GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideArrayOutput
type GetClientAuthenticationFlowBindingOverrideInput ¶
type GetClientAuthenticationFlowBindingOverrideInput interface { pulumi.Input ToGetClientAuthenticationFlowBindingOverrideOutput() GetClientAuthenticationFlowBindingOverrideOutput ToGetClientAuthenticationFlowBindingOverrideOutputWithContext(context.Context) GetClientAuthenticationFlowBindingOverrideOutput }
GetClientAuthenticationFlowBindingOverrideInput is an input type that accepts GetClientAuthenticationFlowBindingOverrideArgs and GetClientAuthenticationFlowBindingOverrideOutput values. You can construct a concrete instance of `GetClientAuthenticationFlowBindingOverrideInput` via:
GetClientAuthenticationFlowBindingOverrideArgs{...}
type GetClientAuthenticationFlowBindingOverrideOutput ¶
type GetClientAuthenticationFlowBindingOverrideOutput struct{ *pulumi.OutputState }
func (GetClientAuthenticationFlowBindingOverrideOutput) BrowserId ¶
func (o GetClientAuthenticationFlowBindingOverrideOutput) BrowserId() pulumi.StringOutput
func (GetClientAuthenticationFlowBindingOverrideOutput) DirectGrantId ¶
func (o GetClientAuthenticationFlowBindingOverrideOutput) DirectGrantId() pulumi.StringOutput
func (GetClientAuthenticationFlowBindingOverrideOutput) ElementType ¶
func (GetClientAuthenticationFlowBindingOverrideOutput) ElementType() reflect.Type
func (GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutput ¶
func (o GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutput() GetClientAuthenticationFlowBindingOverrideOutput
func (GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext ¶
func (o GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideOutput
type GetClientInstallationProviderArgs ¶
type GetClientInstallationProviderArgs struct { // The ID of the SAML client. The `id` attribute of a `keycloakClient` resource should be used here. ClientId string `pulumi:"clientId"` // The ID of the SAML installation provider. Could be one of `saml-idp-descriptor`, `keycloak-saml`, `saml-sp-descriptor`, `keycloak-saml-subsystem`, `mod-auth-mellon`, etc. ProviderId string `pulumi:"providerId"` // The realm that the SAML client exists within. RealmId string `pulumi:"realmId"` }
A collection of arguments for invoking getClientInstallationProvider.
type GetClientInstallationProviderOutputArgs ¶
type GetClientInstallationProviderOutputArgs struct { // The ID of the SAML client. The `id` attribute of a `keycloakClient` resource should be used here. ClientId pulumi.StringInput `pulumi:"clientId"` // The ID of the SAML installation provider. Could be one of `saml-idp-descriptor`, `keycloak-saml`, `saml-sp-descriptor`, `keycloak-saml-subsystem`, `mod-auth-mellon`, etc. ProviderId pulumi.StringInput `pulumi:"providerId"` // The realm that the SAML client exists within. RealmId pulumi.StringInput `pulumi:"realmId"` }
A collection of arguments for invoking getClientInstallationProvider.
func (GetClientInstallationProviderOutputArgs) ElementType ¶
func (GetClientInstallationProviderOutputArgs) ElementType() reflect.Type
type GetClientInstallationProviderResult ¶
type GetClientInstallationProviderResult struct { ClientId string `pulumi:"clientId"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` ProviderId string `pulumi:"providerId"` RealmId string `pulumi:"realmId"` // (Computed) The returned document needed for SAML installation. Value string `pulumi:"value"` }
A collection of values returned by getClientInstallationProvider.
func GetClientInstallationProvider ¶
func GetClientInstallationProvider(ctx *pulumi.Context, args *GetClientInstallationProviderArgs, opts ...pulumi.InvokeOption) (*GetClientInstallationProviderResult, error)
This data source can be used to retrieve Installation Provider of a SAML Client.
type GetClientInstallationProviderResultOutput ¶
type GetClientInstallationProviderResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getClientInstallationProvider.
func GetClientInstallationProviderOutput ¶
func GetClientInstallationProviderOutput(ctx *pulumi.Context, args GetClientInstallationProviderOutputArgs, opts ...pulumi.InvokeOption) GetClientInstallationProviderResultOutput
func (GetClientInstallationProviderResultOutput) ClientId ¶
func (o GetClientInstallationProviderResultOutput) ClientId() pulumi.StringOutput
func (GetClientInstallationProviderResultOutput) ElementType ¶
func (GetClientInstallationProviderResultOutput) ElementType() reflect.Type
func (GetClientInstallationProviderResultOutput) Id ¶
func (o GetClientInstallationProviderResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (GetClientInstallationProviderResultOutput) ProviderId ¶
func (o GetClientInstallationProviderResultOutput) ProviderId() pulumi.StringOutput
func (GetClientInstallationProviderResultOutput) RealmId ¶
func (o GetClientInstallationProviderResultOutput) RealmId() pulumi.StringOutput
func (GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutput ¶
func (o GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutput() GetClientInstallationProviderResultOutput
func (GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutputWithContext ¶
func (o GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutputWithContext(ctx context.Context) GetClientInstallationProviderResultOutput
func (GetClientInstallationProviderResultOutput) Value ¶
func (o GetClientInstallationProviderResultOutput) Value() pulumi.StringOutput
(Computed) The returned document needed for SAML installation.
type IdentityProvider ¶
type IdentityProvider struct { pulumi.CustomResourceState // When `true`, new users will be able to read stored tokens. This will automatically assign the `broker.read-token` role. Defaults to `false`. AddReadTokenRoleOnCreate pulumi.BoolPtrOutput `pulumi:"addReadTokenRoleOnCreate"` // The unique name of identity provider. Alias pulumi.StringOutput `pulumi:"alias"` // Authenticate users by default. Defaults to `false`. AuthenticateByDefault pulumi.BoolPtrOutput `pulumi:"authenticateByDefault"` // Ordered list of requested AuthnContext ClassRefs. AuthnContextClassRefs pulumi.StringArrayOutput `pulumi:"authnContextClassRefs"` // Specifies the comparison method used to evaluate the requested context classes or statements. AuthnContextComparisonType pulumi.StringPtrOutput `pulumi:"authnContextComparisonType"` // Ordered list of requested AuthnContext DeclRefs. AuthnContextDeclRefs pulumi.StringArrayOutput `pulumi:"authnContextDeclRefs"` // Does the external IDP support backchannel logout?. Defaults to `false`. BackchannelSupported pulumi.BoolPtrOutput `pulumi:"backchannelSupported"` // The display name for the realm that is shown when logging in to the admin console. DisplayName pulumi.StringPtrOutput `pulumi:"displayName"` // When `false`, users and clients will not be able to access this realm. Defaults to `true`. Enabled pulumi.BoolPtrOutput `pulumi:"enabled"` // The Entity ID that will be used to uniquely identify this SAML Service Provider. EntityId pulumi.StringOutput `pulumi:"entityId"` ExtraConfig pulumi.StringMapOutput `pulumi:"extraConfig"` // Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that there is not yet existing Keycloak account linked with the authenticated identity provider account. Defaults to `first broker login`. FirstBrokerLoginFlowAlias pulumi.StringPtrOutput `pulumi:"firstBrokerLoginFlowAlias"` // Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context. ForceAuthn pulumi.BoolPtrOutput `pulumi:"forceAuthn"` // A number defining the order of this identity provider in the GUI. GuiOrder pulumi.StringPtrOutput `pulumi:"guiOrder"` // If hidden, then login with this provider is possible only if requested explicitly, e.g. using the 'kc_idp_hint' parameter. HideOnLoginPage pulumi.BoolPtrOutput `pulumi:"hideOnLoginPage"` // Internal Identity Provider Id InternalId pulumi.StringOutput `pulumi:"internalId"` // When `true`, users cannot login using this provider, but their existing accounts will be linked when possible. Defaults to `false`. LinkOnly pulumi.BoolPtrOutput `pulumi:"linkOnly"` // Login Hint. LoginHint pulumi.StringPtrOutput `pulumi:"loginHint"` // Specifies the URI reference corresponding to a name identifier format. Defaults to empty. NameIdPolicyFormat pulumi.StringPtrOutput `pulumi:"nameIdPolicyFormat"` // Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. PostBindingAuthnRequest pulumi.BoolPtrOutput `pulumi:"postBindingAuthnRequest"` // Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. PostBindingLogout pulumi.BoolPtrOutput `pulumi:"postBindingLogout"` // Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.. PostBindingResponse pulumi.BoolPtrOutput `pulumi:"postBindingResponse"` // Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it. Defaults to empty. PostBrokerLoginFlowAlias pulumi.StringPtrOutput `pulumi:"postBrokerLoginFlowAlias"` // The principal attribute. PrincipalAttribute pulumi.StringPtrOutput `pulumi:"principalAttribute"` // The principal type. Can be one of `SUBJECT`, `ATTRIBUTE` or `FRIENDLY_ATTRIBUTE`. PrincipalType pulumi.StringPtrOutput `pulumi:"principalType"` // The ID of the identity provider to use. Defaults to `saml`, which should be used unless you have extended Keycloak and provided your own implementation. ProviderId pulumi.StringPtrOutput `pulumi:"providerId"` // The name of the realm. This is unique across Keycloak. Realm pulumi.StringOutput `pulumi:"realm"` // Signing Algorithm. Defaults to empty. SignatureAlgorithm pulumi.StringPtrOutput `pulumi:"signatureAlgorithm"` // Signing Certificate. SigningCertificate pulumi.StringPtrOutput `pulumi:"signingCertificate"` // The Url that must be used to send logout requests. SingleLogoutServiceUrl pulumi.StringPtrOutput `pulumi:"singleLogoutServiceUrl"` // The Url that must be used to send authentication requests (SAML AuthnRequest). SingleSignOnServiceUrl pulumi.StringOutput `pulumi:"singleSignOnServiceUrl"` // When `true`, tokens will be stored after authenticating users. Defaults to `true`. StoreToken pulumi.BoolPtrOutput `pulumi:"storeToken"` // The default sync mode to use for all mappers attached to this identity provider. Can be one of `IMPORT`, `FORCE`, or `LEGACY`. SyncMode pulumi.StringPtrOutput `pulumi:"syncMode"` // When `true`, email addresses for users in this provider will automatically be verified regardless of the realm's email verification policy. Defaults to `false`. TrustEmail pulumi.BoolPtrOutput `pulumi:"trustEmail"` // Enable/disable signature validation of SAML responses. ValidateSignature pulumi.BoolPtrOutput `pulumi:"validateSignature"` // Indicates whether this service provider expects an encrypted Assertion. WantAssertionsEncrypted pulumi.BoolPtrOutput `pulumi:"wantAssertionsEncrypted"` // Indicates whether this service provider expects a signed Assertion. WantAssertionsSigned pulumi.BoolPtrOutput `pulumi:"wantAssertionsSigned"` // The SAML signature key name. Can be one of `NONE`, `KEY_ID`, or `CERT_SUBJECT`. XmlSignKeyInfoKeyNameTransformer pulumi.StringPtrOutput `pulumi:"xmlSignKeyInfoKeyNameTransformer"` }
Allows for creating and managing SAML Identity Providers within Keycloak.
SAML (Security Assertion Markup Language) identity providers allows users to authenticate through a third-party system using the SAML protocol.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } _, err = saml.NewIdentityProvider(ctx, "realm_saml_identity_provider", &saml.IdentityProviderArgs{ Realm: realm.ID(), Alias: pulumi.String("my-saml-idp"), EntityId: pulumi.String("https://domain.com/entity_id"), SingleSignOnServiceUrl: pulumi.String("https://domain.com/adfs/ls/"), SingleLogoutServiceUrl: pulumi.String("https://domain.com/adfs/ls/?wa=wsignout1.0"), BackchannelSupported: pulumi.Bool(true), PostBindingResponse: pulumi.Bool(true), PostBindingLogout: pulumi.Bool(true), PostBindingAuthnRequest: pulumi.Bool(true), StoreToken: pulumi.Bool(false), TrustEmail: pulumi.Bool(true), ForceAuthn: pulumi.Bool(true), }) if err != nil { return err } return nil }) }
```
## Import
Identity providers can be imported using the format `{{realm_id}}/{{idp_alias}}`, where `idp_alias` is the identity provider alias.
Example:
bash
```sh $ pulumi import keycloak:saml/identityProvider:IdentityProvider realm_saml_identity_provider my-realm/my-saml-idp ```
func GetIdentityProvider ¶
func GetIdentityProvider(ctx *pulumi.Context, name string, id pulumi.IDInput, state *IdentityProviderState, opts ...pulumi.ResourceOption) (*IdentityProvider, error)
GetIdentityProvider gets an existing IdentityProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewIdentityProvider ¶
func NewIdentityProvider(ctx *pulumi.Context, name string, args *IdentityProviderArgs, opts ...pulumi.ResourceOption) (*IdentityProvider, error)
NewIdentityProvider registers a new resource with the given unique name, arguments, and options.
func (*IdentityProvider) ElementType ¶
func (*IdentityProvider) ElementType() reflect.Type
func (*IdentityProvider) ToIdentityProviderOutput ¶
func (i *IdentityProvider) ToIdentityProviderOutput() IdentityProviderOutput
func (*IdentityProvider) ToIdentityProviderOutputWithContext ¶
func (i *IdentityProvider) ToIdentityProviderOutputWithContext(ctx context.Context) IdentityProviderOutput
type IdentityProviderArgs ¶
type IdentityProviderArgs struct { // When `true`, new users will be able to read stored tokens. This will automatically assign the `broker.read-token` role. Defaults to `false`. AddReadTokenRoleOnCreate pulumi.BoolPtrInput // The unique name of identity provider. Alias pulumi.StringInput // Authenticate users by default. Defaults to `false`. AuthenticateByDefault pulumi.BoolPtrInput // Ordered list of requested AuthnContext ClassRefs. AuthnContextClassRefs pulumi.StringArrayInput // Specifies the comparison method used to evaluate the requested context classes or statements. AuthnContextComparisonType pulumi.StringPtrInput // Ordered list of requested AuthnContext DeclRefs. AuthnContextDeclRefs pulumi.StringArrayInput // Does the external IDP support backchannel logout?. Defaults to `false`. BackchannelSupported pulumi.BoolPtrInput // The display name for the realm that is shown when logging in to the admin console. DisplayName pulumi.StringPtrInput // When `false`, users and clients will not be able to access this realm. Defaults to `true`. Enabled pulumi.BoolPtrInput // The Entity ID that will be used to uniquely identify this SAML Service Provider. EntityId pulumi.StringInput ExtraConfig pulumi.StringMapInput // Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that there is not yet existing Keycloak account linked with the authenticated identity provider account. Defaults to `first broker login`. FirstBrokerLoginFlowAlias pulumi.StringPtrInput // Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context. ForceAuthn pulumi.BoolPtrInput // A number defining the order of this identity provider in the GUI. GuiOrder pulumi.StringPtrInput // If hidden, then login with this provider is possible only if requested explicitly, e.g. using the 'kc_idp_hint' parameter. HideOnLoginPage pulumi.BoolPtrInput // When `true`, users cannot login using this provider, but their existing accounts will be linked when possible. Defaults to `false`. LinkOnly pulumi.BoolPtrInput // Login Hint. LoginHint pulumi.StringPtrInput // Specifies the URI reference corresponding to a name identifier format. Defaults to empty. NameIdPolicyFormat pulumi.StringPtrInput // Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. PostBindingAuthnRequest pulumi.BoolPtrInput // Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. PostBindingLogout pulumi.BoolPtrInput // Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.. PostBindingResponse pulumi.BoolPtrInput // Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it. Defaults to empty. PostBrokerLoginFlowAlias pulumi.StringPtrInput // The principal attribute. PrincipalAttribute pulumi.StringPtrInput // The principal type. Can be one of `SUBJECT`, `ATTRIBUTE` or `FRIENDLY_ATTRIBUTE`. PrincipalType pulumi.StringPtrInput // The ID of the identity provider to use. Defaults to `saml`, which should be used unless you have extended Keycloak and provided your own implementation. ProviderId pulumi.StringPtrInput // The name of the realm. This is unique across Keycloak. Realm pulumi.StringInput // Signing Algorithm. Defaults to empty. SignatureAlgorithm pulumi.StringPtrInput // Signing Certificate. SigningCertificate pulumi.StringPtrInput // The Url that must be used to send logout requests. SingleLogoutServiceUrl pulumi.StringPtrInput // The Url that must be used to send authentication requests (SAML AuthnRequest). SingleSignOnServiceUrl pulumi.StringInput // When `true`, tokens will be stored after authenticating users. Defaults to `true`. StoreToken pulumi.BoolPtrInput // The default sync mode to use for all mappers attached to this identity provider. Can be one of `IMPORT`, `FORCE`, or `LEGACY`. SyncMode pulumi.StringPtrInput // When `true`, email addresses for users in this provider will automatically be verified regardless of the realm's email verification policy. Defaults to `false`. TrustEmail pulumi.BoolPtrInput // Enable/disable signature validation of SAML responses. ValidateSignature pulumi.BoolPtrInput // Indicates whether this service provider expects an encrypted Assertion. WantAssertionsEncrypted pulumi.BoolPtrInput // Indicates whether this service provider expects a signed Assertion. WantAssertionsSigned pulumi.BoolPtrInput // The SAML signature key name. Can be one of `NONE`, `KEY_ID`, or `CERT_SUBJECT`. XmlSignKeyInfoKeyNameTransformer pulumi.StringPtrInput }
The set of arguments for constructing a IdentityProvider resource.
func (IdentityProviderArgs) ElementType ¶
func (IdentityProviderArgs) ElementType() reflect.Type
type IdentityProviderArray ¶
type IdentityProviderArray []IdentityProviderInput
func (IdentityProviderArray) ElementType ¶
func (IdentityProviderArray) ElementType() reflect.Type
func (IdentityProviderArray) ToIdentityProviderArrayOutput ¶
func (i IdentityProviderArray) ToIdentityProviderArrayOutput() IdentityProviderArrayOutput
func (IdentityProviderArray) ToIdentityProviderArrayOutputWithContext ¶
func (i IdentityProviderArray) ToIdentityProviderArrayOutputWithContext(ctx context.Context) IdentityProviderArrayOutput
type IdentityProviderArrayInput ¶
type IdentityProviderArrayInput interface { pulumi.Input ToIdentityProviderArrayOutput() IdentityProviderArrayOutput ToIdentityProviderArrayOutputWithContext(context.Context) IdentityProviderArrayOutput }
IdentityProviderArrayInput is an input type that accepts IdentityProviderArray and IdentityProviderArrayOutput values. You can construct a concrete instance of `IdentityProviderArrayInput` via:
IdentityProviderArray{ IdentityProviderArgs{...} }
type IdentityProviderArrayOutput ¶
type IdentityProviderArrayOutput struct{ *pulumi.OutputState }
func (IdentityProviderArrayOutput) ElementType ¶
func (IdentityProviderArrayOutput) ElementType() reflect.Type
func (IdentityProviderArrayOutput) Index ¶
func (o IdentityProviderArrayOutput) Index(i pulumi.IntInput) IdentityProviderOutput
func (IdentityProviderArrayOutput) ToIdentityProviderArrayOutput ¶
func (o IdentityProviderArrayOutput) ToIdentityProviderArrayOutput() IdentityProviderArrayOutput
func (IdentityProviderArrayOutput) ToIdentityProviderArrayOutputWithContext ¶
func (o IdentityProviderArrayOutput) ToIdentityProviderArrayOutputWithContext(ctx context.Context) IdentityProviderArrayOutput
type IdentityProviderInput ¶
type IdentityProviderInput interface { pulumi.Input ToIdentityProviderOutput() IdentityProviderOutput ToIdentityProviderOutputWithContext(ctx context.Context) IdentityProviderOutput }
type IdentityProviderMap ¶
type IdentityProviderMap map[string]IdentityProviderInput
func (IdentityProviderMap) ElementType ¶
func (IdentityProviderMap) ElementType() reflect.Type
func (IdentityProviderMap) ToIdentityProviderMapOutput ¶
func (i IdentityProviderMap) ToIdentityProviderMapOutput() IdentityProviderMapOutput
func (IdentityProviderMap) ToIdentityProviderMapOutputWithContext ¶
func (i IdentityProviderMap) ToIdentityProviderMapOutputWithContext(ctx context.Context) IdentityProviderMapOutput
type IdentityProviderMapInput ¶
type IdentityProviderMapInput interface { pulumi.Input ToIdentityProviderMapOutput() IdentityProviderMapOutput ToIdentityProviderMapOutputWithContext(context.Context) IdentityProviderMapOutput }
IdentityProviderMapInput is an input type that accepts IdentityProviderMap and IdentityProviderMapOutput values. You can construct a concrete instance of `IdentityProviderMapInput` via:
IdentityProviderMap{ "key": IdentityProviderArgs{...} }
type IdentityProviderMapOutput ¶
type IdentityProviderMapOutput struct{ *pulumi.OutputState }
func (IdentityProviderMapOutput) ElementType ¶
func (IdentityProviderMapOutput) ElementType() reflect.Type
func (IdentityProviderMapOutput) MapIndex ¶
func (o IdentityProviderMapOutput) MapIndex(k pulumi.StringInput) IdentityProviderOutput
func (IdentityProviderMapOutput) ToIdentityProviderMapOutput ¶
func (o IdentityProviderMapOutput) ToIdentityProviderMapOutput() IdentityProviderMapOutput
func (IdentityProviderMapOutput) ToIdentityProviderMapOutputWithContext ¶
func (o IdentityProviderMapOutput) ToIdentityProviderMapOutputWithContext(ctx context.Context) IdentityProviderMapOutput
type IdentityProviderOutput ¶
type IdentityProviderOutput struct{ *pulumi.OutputState }
func (IdentityProviderOutput) AddReadTokenRoleOnCreate ¶
func (o IdentityProviderOutput) AddReadTokenRoleOnCreate() pulumi.BoolPtrOutput
When `true`, new users will be able to read stored tokens. This will automatically assign the `broker.read-token` role. Defaults to `false`.
func (IdentityProviderOutput) Alias ¶
func (o IdentityProviderOutput) Alias() pulumi.StringOutput
The unique name of identity provider.
func (IdentityProviderOutput) AuthenticateByDefault ¶
func (o IdentityProviderOutput) AuthenticateByDefault() pulumi.BoolPtrOutput
Authenticate users by default. Defaults to `false`.
func (IdentityProviderOutput) AuthnContextClassRefs ¶
func (o IdentityProviderOutput) AuthnContextClassRefs() pulumi.StringArrayOutput
Ordered list of requested AuthnContext ClassRefs.
func (IdentityProviderOutput) AuthnContextComparisonType ¶
func (o IdentityProviderOutput) AuthnContextComparisonType() pulumi.StringPtrOutput
Specifies the comparison method used to evaluate the requested context classes or statements.
func (IdentityProviderOutput) AuthnContextDeclRefs ¶
func (o IdentityProviderOutput) AuthnContextDeclRefs() pulumi.StringArrayOutput
Ordered list of requested AuthnContext DeclRefs.
func (IdentityProviderOutput) BackchannelSupported ¶
func (o IdentityProviderOutput) BackchannelSupported() pulumi.BoolPtrOutput
Does the external IDP support backchannel logout?. Defaults to `false`.
func (IdentityProviderOutput) DisplayName ¶
func (o IdentityProviderOutput) DisplayName() pulumi.StringPtrOutput
The display name for the realm that is shown when logging in to the admin console.
func (IdentityProviderOutput) ElementType ¶
func (IdentityProviderOutput) ElementType() reflect.Type
func (IdentityProviderOutput) Enabled ¶
func (o IdentityProviderOutput) Enabled() pulumi.BoolPtrOutput
When `false`, users and clients will not be able to access this realm. Defaults to `true`.
func (IdentityProviderOutput) EntityId ¶
func (o IdentityProviderOutput) EntityId() pulumi.StringOutput
The Entity ID that will be used to uniquely identify this SAML Service Provider.
func (IdentityProviderOutput) ExtraConfig ¶
func (o IdentityProviderOutput) ExtraConfig() pulumi.StringMapOutput
func (IdentityProviderOutput) FirstBrokerLoginFlowAlias ¶
func (o IdentityProviderOutput) FirstBrokerLoginFlowAlias() pulumi.StringPtrOutput
Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that there is not yet existing Keycloak account linked with the authenticated identity provider account. Defaults to `first broker login`.
func (IdentityProviderOutput) ForceAuthn ¶
func (o IdentityProviderOutput) ForceAuthn() pulumi.BoolPtrOutput
Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context.
func (IdentityProviderOutput) GuiOrder ¶
func (o IdentityProviderOutput) GuiOrder() pulumi.StringPtrOutput
A number defining the order of this identity provider in the GUI.
func (IdentityProviderOutput) HideOnLoginPage ¶
func (o IdentityProviderOutput) HideOnLoginPage() pulumi.BoolPtrOutput
If hidden, then login with this provider is possible only if requested explicitly, e.g. using the 'kc_idp_hint' parameter.
func (IdentityProviderOutput) InternalId ¶
func (o IdentityProviderOutput) InternalId() pulumi.StringOutput
Internal Identity Provider Id
func (IdentityProviderOutput) LinkOnly ¶
func (o IdentityProviderOutput) LinkOnly() pulumi.BoolPtrOutput
When `true`, users cannot login using this provider, but their existing accounts will be linked when possible. Defaults to `false`.
func (IdentityProviderOutput) LoginHint ¶ added in v5.2.0
func (o IdentityProviderOutput) LoginHint() pulumi.StringPtrOutput
Login Hint.
func (IdentityProviderOutput) NameIdPolicyFormat ¶
func (o IdentityProviderOutput) NameIdPolicyFormat() pulumi.StringPtrOutput
Specifies the URI reference corresponding to a name identifier format. Defaults to empty.
func (IdentityProviderOutput) PostBindingAuthnRequest ¶
func (o IdentityProviderOutput) PostBindingAuthnRequest() pulumi.BoolPtrOutput
Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.
func (IdentityProviderOutput) PostBindingLogout ¶
func (o IdentityProviderOutput) PostBindingLogout() pulumi.BoolPtrOutput
Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.
func (IdentityProviderOutput) PostBindingResponse ¶
func (o IdentityProviderOutput) PostBindingResponse() pulumi.BoolPtrOutput
Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used..
func (IdentityProviderOutput) PostBrokerLoginFlowAlias ¶
func (o IdentityProviderOutput) PostBrokerLoginFlowAlias() pulumi.StringPtrOutput
Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it. Defaults to empty.
func (IdentityProviderOutput) PrincipalAttribute ¶
func (o IdentityProviderOutput) PrincipalAttribute() pulumi.StringPtrOutput
The principal attribute.
func (IdentityProviderOutput) PrincipalType ¶
func (o IdentityProviderOutput) PrincipalType() pulumi.StringPtrOutput
The principal type. Can be one of `SUBJECT`, `ATTRIBUTE` or `FRIENDLY_ATTRIBUTE`.
func (IdentityProviderOutput) ProviderId ¶
func (o IdentityProviderOutput) ProviderId() pulumi.StringPtrOutput
The ID of the identity provider to use. Defaults to `saml`, which should be used unless you have extended Keycloak and provided your own implementation.
func (IdentityProviderOutput) Realm ¶
func (o IdentityProviderOutput) Realm() pulumi.StringOutput
The name of the realm. This is unique across Keycloak.
func (IdentityProviderOutput) SignatureAlgorithm ¶
func (o IdentityProviderOutput) SignatureAlgorithm() pulumi.StringPtrOutput
Signing Algorithm. Defaults to empty.
func (IdentityProviderOutput) SigningCertificate ¶
func (o IdentityProviderOutput) SigningCertificate() pulumi.StringPtrOutput
Signing Certificate.
func (IdentityProviderOutput) SingleLogoutServiceUrl ¶
func (o IdentityProviderOutput) SingleLogoutServiceUrl() pulumi.StringPtrOutput
The Url that must be used to send logout requests.
func (IdentityProviderOutput) SingleSignOnServiceUrl ¶
func (o IdentityProviderOutput) SingleSignOnServiceUrl() pulumi.StringOutput
The Url that must be used to send authentication requests (SAML AuthnRequest).
func (IdentityProviderOutput) StoreToken ¶
func (o IdentityProviderOutput) StoreToken() pulumi.BoolPtrOutput
When `true`, tokens will be stored after authenticating users. Defaults to `true`.
func (IdentityProviderOutput) SyncMode ¶
func (o IdentityProviderOutput) SyncMode() pulumi.StringPtrOutput
The default sync mode to use for all mappers attached to this identity provider. Can be one of `IMPORT`, `FORCE`, or `LEGACY`.
func (IdentityProviderOutput) ToIdentityProviderOutput ¶
func (o IdentityProviderOutput) ToIdentityProviderOutput() IdentityProviderOutput
func (IdentityProviderOutput) ToIdentityProviderOutputWithContext ¶
func (o IdentityProviderOutput) ToIdentityProviderOutputWithContext(ctx context.Context) IdentityProviderOutput
func (IdentityProviderOutput) TrustEmail ¶
func (o IdentityProviderOutput) TrustEmail() pulumi.BoolPtrOutput
When `true`, email addresses for users in this provider will automatically be verified regardless of the realm's email verification policy. Defaults to `false`.
func (IdentityProviderOutput) ValidateSignature ¶
func (o IdentityProviderOutput) ValidateSignature() pulumi.BoolPtrOutput
Enable/disable signature validation of SAML responses.
func (IdentityProviderOutput) WantAssertionsEncrypted ¶
func (o IdentityProviderOutput) WantAssertionsEncrypted() pulumi.BoolPtrOutput
Indicates whether this service provider expects an encrypted Assertion.
func (IdentityProviderOutput) WantAssertionsSigned ¶
func (o IdentityProviderOutput) WantAssertionsSigned() pulumi.BoolPtrOutput
Indicates whether this service provider expects a signed Assertion.
func (IdentityProviderOutput) XmlSignKeyInfoKeyNameTransformer ¶
func (o IdentityProviderOutput) XmlSignKeyInfoKeyNameTransformer() pulumi.StringPtrOutput
The SAML signature key name. Can be one of `NONE`, `KEY_ID`, or `CERT_SUBJECT`.
type IdentityProviderState ¶
type IdentityProviderState struct { // When `true`, new users will be able to read stored tokens. This will automatically assign the `broker.read-token` role. Defaults to `false`. AddReadTokenRoleOnCreate pulumi.BoolPtrInput // The unique name of identity provider. Alias pulumi.StringPtrInput // Authenticate users by default. Defaults to `false`. AuthenticateByDefault pulumi.BoolPtrInput // Ordered list of requested AuthnContext ClassRefs. AuthnContextClassRefs pulumi.StringArrayInput // Specifies the comparison method used to evaluate the requested context classes or statements. AuthnContextComparisonType pulumi.StringPtrInput // Ordered list of requested AuthnContext DeclRefs. AuthnContextDeclRefs pulumi.StringArrayInput // Does the external IDP support backchannel logout?. Defaults to `false`. BackchannelSupported pulumi.BoolPtrInput // The display name for the realm that is shown when logging in to the admin console. DisplayName pulumi.StringPtrInput // When `false`, users and clients will not be able to access this realm. Defaults to `true`. Enabled pulumi.BoolPtrInput // The Entity ID that will be used to uniquely identify this SAML Service Provider. EntityId pulumi.StringPtrInput ExtraConfig pulumi.StringMapInput // Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that there is not yet existing Keycloak account linked with the authenticated identity provider account. Defaults to `first broker login`. FirstBrokerLoginFlowAlias pulumi.StringPtrInput // Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context. ForceAuthn pulumi.BoolPtrInput // A number defining the order of this identity provider in the GUI. GuiOrder pulumi.StringPtrInput // If hidden, then login with this provider is possible only if requested explicitly, e.g. using the 'kc_idp_hint' parameter. HideOnLoginPage pulumi.BoolPtrInput // Internal Identity Provider Id InternalId pulumi.StringPtrInput // When `true`, users cannot login using this provider, but their existing accounts will be linked when possible. Defaults to `false`. LinkOnly pulumi.BoolPtrInput // Login Hint. LoginHint pulumi.StringPtrInput // Specifies the URI reference corresponding to a name identifier format. Defaults to empty. NameIdPolicyFormat pulumi.StringPtrInput // Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. PostBindingAuthnRequest pulumi.BoolPtrInput // Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. PostBindingLogout pulumi.BoolPtrInput // Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.. PostBindingResponse pulumi.BoolPtrInput // Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it. Defaults to empty. PostBrokerLoginFlowAlias pulumi.StringPtrInput // The principal attribute. PrincipalAttribute pulumi.StringPtrInput // The principal type. Can be one of `SUBJECT`, `ATTRIBUTE` or `FRIENDLY_ATTRIBUTE`. PrincipalType pulumi.StringPtrInput // The ID of the identity provider to use. Defaults to `saml`, which should be used unless you have extended Keycloak and provided your own implementation. ProviderId pulumi.StringPtrInput // The name of the realm. This is unique across Keycloak. Realm pulumi.StringPtrInput // Signing Algorithm. Defaults to empty. SignatureAlgorithm pulumi.StringPtrInput // Signing Certificate. SigningCertificate pulumi.StringPtrInput // The Url that must be used to send logout requests. SingleLogoutServiceUrl pulumi.StringPtrInput // The Url that must be used to send authentication requests (SAML AuthnRequest). SingleSignOnServiceUrl pulumi.StringPtrInput // When `true`, tokens will be stored after authenticating users. Defaults to `true`. StoreToken pulumi.BoolPtrInput // The default sync mode to use for all mappers attached to this identity provider. Can be one of `IMPORT`, `FORCE`, or `LEGACY`. SyncMode pulumi.StringPtrInput // When `true`, email addresses for users in this provider will automatically be verified regardless of the realm's email verification policy. Defaults to `false`. TrustEmail pulumi.BoolPtrInput // Enable/disable signature validation of SAML responses. ValidateSignature pulumi.BoolPtrInput // Indicates whether this service provider expects an encrypted Assertion. WantAssertionsEncrypted pulumi.BoolPtrInput // Indicates whether this service provider expects a signed Assertion. WantAssertionsSigned pulumi.BoolPtrInput // The SAML signature key name. Can be one of `NONE`, `KEY_ID`, or `CERT_SUBJECT`. XmlSignKeyInfoKeyNameTransformer pulumi.StringPtrInput }
func (IdentityProviderState) ElementType ¶
func (IdentityProviderState) ElementType() reflect.Type
type LookupClientArgs ¶
type LookupClientArgs struct { // The client id (not its unique ID). ClientId string `pulumi:"clientId"` // The realm id. RealmId string `pulumi:"realmId"` }
A collection of arguments for invoking getClient.
type LookupClientOutputArgs ¶
type LookupClientOutputArgs struct { // The client id (not its unique ID). ClientId pulumi.StringInput `pulumi:"clientId"` // The realm id. RealmId pulumi.StringInput `pulumi:"realmId"` }
A collection of arguments for invoking getClient.
func (LookupClientOutputArgs) ElementType ¶
func (LookupClientOutputArgs) ElementType() reflect.Type
type LookupClientResult ¶
type LookupClientResult struct { AssertionConsumerPostUrl string `pulumi:"assertionConsumerPostUrl"` AssertionConsumerRedirectUrl string `pulumi:"assertionConsumerRedirectUrl"` AuthenticationFlowBindingOverrides []GetClientAuthenticationFlowBindingOverride `pulumi:"authenticationFlowBindingOverrides"` BaseUrl string `pulumi:"baseUrl"` CanonicalizationMethod string `pulumi:"canonicalizationMethod"` ClientId string `pulumi:"clientId"` ClientSignatureRequired bool `pulumi:"clientSignatureRequired"` Description string `pulumi:"description"` Enabled bool `pulumi:"enabled"` EncryptAssertions bool `pulumi:"encryptAssertions"` EncryptionCertificate string `pulumi:"encryptionCertificate"` EncryptionCertificateSha1 string `pulumi:"encryptionCertificateSha1"` ExtraConfig map[string]string `pulumi:"extraConfig"` ForceNameIdFormat bool `pulumi:"forceNameIdFormat"` ForcePostBinding bool `pulumi:"forcePostBinding"` FrontChannelLogout bool `pulumi:"frontChannelLogout"` FullScopeAllowed bool `pulumi:"fullScopeAllowed"` // The provider-assigned unique ID for this managed resource. Id string `pulumi:"id"` IdpInitiatedSsoRelayState string `pulumi:"idpInitiatedSsoRelayState"` IdpInitiatedSsoUrlName string `pulumi:"idpInitiatedSsoUrlName"` IncludeAuthnStatement bool `pulumi:"includeAuthnStatement"` LoginTheme string `pulumi:"loginTheme"` LogoutServicePostBindingUrl string `pulumi:"logoutServicePostBindingUrl"` LogoutServiceRedirectBindingUrl string `pulumi:"logoutServiceRedirectBindingUrl"` MasterSamlProcessingUrl string `pulumi:"masterSamlProcessingUrl"` Name string `pulumi:"name"` NameIdFormat string `pulumi:"nameIdFormat"` RealmId string `pulumi:"realmId"` RootUrl string `pulumi:"rootUrl"` SamlSignatureKeyName string `pulumi:"samlSignatureKeyName"` SignAssertions bool `pulumi:"signAssertions"` SignDocuments bool `pulumi:"signDocuments"` SignatureAlgorithm string `pulumi:"signatureAlgorithm"` SignatureKeyName string `pulumi:"signatureKeyName"` SigningCertificate string `pulumi:"signingCertificate"` SigningCertificateSha1 string `pulumi:"signingCertificateSha1"` SigningPrivateKey string `pulumi:"signingPrivateKey"` SigningPrivateKeySha1 string `pulumi:"signingPrivateKeySha1"` ValidRedirectUris []string `pulumi:"validRedirectUris"` }
A collection of values returned by getClient.
func LookupClient ¶
func LookupClient(ctx *pulumi.Context, args *LookupClientArgs, opts ...pulumi.InvokeOption) (*LookupClientResult, error)
This data source can be used to fetch properties of a Keycloak client that uses the SAML protocol.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realmManagement, err := saml.LookupClient(ctx, &saml.LookupClientArgs{ RealmId: "my-realm", ClientId: "realm-management", }, nil) if err != nil { return err } // use the data source _, err = keycloak.LookupRole(ctx, &keycloak.LookupRoleArgs{ RealmId: "my-realm", ClientId: pulumi.StringRef(realmManagement.Id), Name: "realm-admin", }, nil) if err != nil { return err } return nil }) }
```
type LookupClientResultOutput ¶
type LookupClientResultOutput struct{ *pulumi.OutputState }
A collection of values returned by getClient.
func LookupClientOutput ¶
func LookupClientOutput(ctx *pulumi.Context, args LookupClientOutputArgs, opts ...pulumi.InvokeOption) LookupClientResultOutput
func (LookupClientResultOutput) AssertionConsumerPostUrl ¶
func (o LookupClientResultOutput) AssertionConsumerPostUrl() pulumi.StringOutput
func (LookupClientResultOutput) AssertionConsumerRedirectUrl ¶
func (o LookupClientResultOutput) AssertionConsumerRedirectUrl() pulumi.StringOutput
func (LookupClientResultOutput) AuthenticationFlowBindingOverrides ¶
func (o LookupClientResultOutput) AuthenticationFlowBindingOverrides() GetClientAuthenticationFlowBindingOverrideArrayOutput
func (LookupClientResultOutput) BaseUrl ¶
func (o LookupClientResultOutput) BaseUrl() pulumi.StringOutput
func (LookupClientResultOutput) CanonicalizationMethod ¶
func (o LookupClientResultOutput) CanonicalizationMethod() pulumi.StringOutput
func (LookupClientResultOutput) ClientId ¶
func (o LookupClientResultOutput) ClientId() pulumi.StringOutput
func (LookupClientResultOutput) ClientSignatureRequired ¶
func (o LookupClientResultOutput) ClientSignatureRequired() pulumi.BoolOutput
func (LookupClientResultOutput) Description ¶
func (o LookupClientResultOutput) Description() pulumi.StringOutput
func (LookupClientResultOutput) ElementType ¶
func (LookupClientResultOutput) ElementType() reflect.Type
func (LookupClientResultOutput) Enabled ¶
func (o LookupClientResultOutput) Enabled() pulumi.BoolOutput
func (LookupClientResultOutput) EncryptAssertions ¶
func (o LookupClientResultOutput) EncryptAssertions() pulumi.BoolOutput
func (LookupClientResultOutput) EncryptionCertificate ¶
func (o LookupClientResultOutput) EncryptionCertificate() pulumi.StringOutput
func (LookupClientResultOutput) EncryptionCertificateSha1 ¶
func (o LookupClientResultOutput) EncryptionCertificateSha1() pulumi.StringOutput
func (LookupClientResultOutput) ExtraConfig ¶
func (o LookupClientResultOutput) ExtraConfig() pulumi.StringMapOutput
func (LookupClientResultOutput) ForceNameIdFormat ¶
func (o LookupClientResultOutput) ForceNameIdFormat() pulumi.BoolOutput
func (LookupClientResultOutput) ForcePostBinding ¶
func (o LookupClientResultOutput) ForcePostBinding() pulumi.BoolOutput
func (LookupClientResultOutput) FrontChannelLogout ¶
func (o LookupClientResultOutput) FrontChannelLogout() pulumi.BoolOutput
func (LookupClientResultOutput) FullScopeAllowed ¶
func (o LookupClientResultOutput) FullScopeAllowed() pulumi.BoolOutput
func (LookupClientResultOutput) Id ¶
func (o LookupClientResultOutput) Id() pulumi.StringOutput
The provider-assigned unique ID for this managed resource.
func (LookupClientResultOutput) IdpInitiatedSsoRelayState ¶
func (o LookupClientResultOutput) IdpInitiatedSsoRelayState() pulumi.StringOutput
func (LookupClientResultOutput) IdpInitiatedSsoUrlName ¶
func (o LookupClientResultOutput) IdpInitiatedSsoUrlName() pulumi.StringOutput
func (LookupClientResultOutput) IncludeAuthnStatement ¶
func (o LookupClientResultOutput) IncludeAuthnStatement() pulumi.BoolOutput
func (LookupClientResultOutput) LoginTheme ¶
func (o LookupClientResultOutput) LoginTheme() pulumi.StringOutput
func (LookupClientResultOutput) LogoutServicePostBindingUrl ¶
func (o LookupClientResultOutput) LogoutServicePostBindingUrl() pulumi.StringOutput
func (LookupClientResultOutput) LogoutServiceRedirectBindingUrl ¶
func (o LookupClientResultOutput) LogoutServiceRedirectBindingUrl() pulumi.StringOutput
func (LookupClientResultOutput) MasterSamlProcessingUrl ¶
func (o LookupClientResultOutput) MasterSamlProcessingUrl() pulumi.StringOutput
func (LookupClientResultOutput) Name ¶
func (o LookupClientResultOutput) Name() pulumi.StringOutput
func (LookupClientResultOutput) NameIdFormat ¶
func (o LookupClientResultOutput) NameIdFormat() pulumi.StringOutput
func (LookupClientResultOutput) RealmId ¶
func (o LookupClientResultOutput) RealmId() pulumi.StringOutput
func (LookupClientResultOutput) RootUrl ¶
func (o LookupClientResultOutput) RootUrl() pulumi.StringOutput
func (LookupClientResultOutput) SamlSignatureKeyName ¶
func (o LookupClientResultOutput) SamlSignatureKeyName() pulumi.StringOutput
func (LookupClientResultOutput) SignAssertions ¶
func (o LookupClientResultOutput) SignAssertions() pulumi.BoolOutput
func (LookupClientResultOutput) SignDocuments ¶
func (o LookupClientResultOutput) SignDocuments() pulumi.BoolOutput
func (LookupClientResultOutput) SignatureAlgorithm ¶
func (o LookupClientResultOutput) SignatureAlgorithm() pulumi.StringOutput
func (LookupClientResultOutput) SignatureKeyName ¶
func (o LookupClientResultOutput) SignatureKeyName() pulumi.StringOutput
func (LookupClientResultOutput) SigningCertificate ¶
func (o LookupClientResultOutput) SigningCertificate() pulumi.StringOutput
func (LookupClientResultOutput) SigningCertificateSha1 ¶
func (o LookupClientResultOutput) SigningCertificateSha1() pulumi.StringOutput
func (LookupClientResultOutput) SigningPrivateKey ¶
func (o LookupClientResultOutput) SigningPrivateKey() pulumi.StringOutput
func (LookupClientResultOutput) SigningPrivateKeySha1 ¶
func (o LookupClientResultOutput) SigningPrivateKeySha1() pulumi.StringOutput
func (LookupClientResultOutput) ToLookupClientResultOutput ¶
func (o LookupClientResultOutput) ToLookupClientResultOutput() LookupClientResultOutput
func (LookupClientResultOutput) ToLookupClientResultOutputWithContext ¶
func (o LookupClientResultOutput) ToLookupClientResultOutputWithContext(ctx context.Context) LookupClientResultOutput
func (LookupClientResultOutput) ValidRedirectUris ¶
func (o LookupClientResultOutput) ValidRedirectUris() pulumi.StringArrayOutput
type ScriptProtocolMapper ¶
type ScriptProtocolMapper struct { pulumi.CustomResourceState // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrOutput `pulumi:"clientId"` // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrOutput `pulumi:"clientScopeId"` // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrOutput `pulumi:"friendlyName"` // The display name of this protocol mapper in the GUI. Name pulumi.StringOutput `pulumi:"name"` // The realm this protocol mapper exists within. RealmId pulumi.StringOutput `pulumi:"realmId"` // The name of the SAML attribute. SamlAttributeName pulumi.StringOutput `pulumi:"samlAttributeName"` // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringOutput `pulumi:"samlAttributeNameFormat"` // JavaScript code to compute the attribute value. Script pulumi.StringOutput `pulumi:"script"` // When `true`, all values will be stored under one attribute with multiple attribute values. Defaults to `true`. SingleValueAttribute pulumi.BoolPtrOutput `pulumi:"singleValueAttribute"` }
Allows for creating and managing script protocol mappers for SAML clients within Keycloak.
Script protocol mappers evaluate a JavaScript function to produce an attribute value based on context information.
Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } samlClient, err := saml.NewClient(ctx, "saml_client", &saml.ClientArgs{ RealmId: realm.ID(), ClientId: pulumi.String("saml-client"), Name: pulumi.String("saml-client"), }) if err != nil { return err } _, err = saml.NewScriptProtocolMapper(ctx, "saml_script_mapper", &saml.ScriptProtocolMapperArgs{ RealmId: realm.ID(), ClientId: samlClient.ID(), Name: pulumi.String("script-mapper"), Script: pulumi.String("exports = 'foo';"), SamlAttributeName: pulumi.String("displayName"), SamlAttributeNameFormat: pulumi.String("Unspecified"), }) if err != nil { return err } return nil }) }
```
## Import
Protocol mappers can be imported using one of the following formats:
- Client: `{{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}`
- Client Scope: `{{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}}`
Example:
bash
```sh $ pulumi import keycloak:saml/scriptProtocolMapper:ScriptProtocolMapper saml_script_mapper my-realm/client/a7202154-8793-4656-b655-1dd18c181e14/71602afa-f7d1-4788-8c49-ef8fd00af0f4 ```
```sh $ pulumi import keycloak:saml/scriptProtocolMapper:ScriptProtocolMapper saml_script_mapper my-realm/client-scope/b799ea7e-73ee-4a73-990a-1eafebe8e20a/71602afa-f7d1-4788-8c49-ef8fd00af0f4 ```
func GetScriptProtocolMapper ¶
func GetScriptProtocolMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ScriptProtocolMapperState, opts ...pulumi.ResourceOption) (*ScriptProtocolMapper, error)
GetScriptProtocolMapper gets an existing ScriptProtocolMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewScriptProtocolMapper ¶
func NewScriptProtocolMapper(ctx *pulumi.Context, name string, args *ScriptProtocolMapperArgs, opts ...pulumi.ResourceOption) (*ScriptProtocolMapper, error)
NewScriptProtocolMapper registers a new resource with the given unique name, arguments, and options.
func (*ScriptProtocolMapper) ElementType ¶
func (*ScriptProtocolMapper) ElementType() reflect.Type
func (*ScriptProtocolMapper) ToScriptProtocolMapperOutput ¶
func (i *ScriptProtocolMapper) ToScriptProtocolMapperOutput() ScriptProtocolMapperOutput
func (*ScriptProtocolMapper) ToScriptProtocolMapperOutputWithContext ¶
func (i *ScriptProtocolMapper) ToScriptProtocolMapperOutputWithContext(ctx context.Context) ScriptProtocolMapperOutput
type ScriptProtocolMapperArgs ¶
type ScriptProtocolMapperArgs struct { // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrInput // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrInput // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrInput // The display name of this protocol mapper in the GUI. Name pulumi.StringPtrInput // The realm this protocol mapper exists within. RealmId pulumi.StringInput // The name of the SAML attribute. SamlAttributeName pulumi.StringInput // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringInput // JavaScript code to compute the attribute value. Script pulumi.StringInput // When `true`, all values will be stored under one attribute with multiple attribute values. Defaults to `true`. SingleValueAttribute pulumi.BoolPtrInput }
The set of arguments for constructing a ScriptProtocolMapper resource.
func (ScriptProtocolMapperArgs) ElementType ¶
func (ScriptProtocolMapperArgs) ElementType() reflect.Type
type ScriptProtocolMapperArray ¶
type ScriptProtocolMapperArray []ScriptProtocolMapperInput
func (ScriptProtocolMapperArray) ElementType ¶
func (ScriptProtocolMapperArray) ElementType() reflect.Type
func (ScriptProtocolMapperArray) ToScriptProtocolMapperArrayOutput ¶
func (i ScriptProtocolMapperArray) ToScriptProtocolMapperArrayOutput() ScriptProtocolMapperArrayOutput
func (ScriptProtocolMapperArray) ToScriptProtocolMapperArrayOutputWithContext ¶
func (i ScriptProtocolMapperArray) ToScriptProtocolMapperArrayOutputWithContext(ctx context.Context) ScriptProtocolMapperArrayOutput
type ScriptProtocolMapperArrayInput ¶
type ScriptProtocolMapperArrayInput interface { pulumi.Input ToScriptProtocolMapperArrayOutput() ScriptProtocolMapperArrayOutput ToScriptProtocolMapperArrayOutputWithContext(context.Context) ScriptProtocolMapperArrayOutput }
ScriptProtocolMapperArrayInput is an input type that accepts ScriptProtocolMapperArray and ScriptProtocolMapperArrayOutput values. You can construct a concrete instance of `ScriptProtocolMapperArrayInput` via:
ScriptProtocolMapperArray{ ScriptProtocolMapperArgs{...} }
type ScriptProtocolMapperArrayOutput ¶
type ScriptProtocolMapperArrayOutput struct{ *pulumi.OutputState }
func (ScriptProtocolMapperArrayOutput) ElementType ¶
func (ScriptProtocolMapperArrayOutput) ElementType() reflect.Type
func (ScriptProtocolMapperArrayOutput) Index ¶
func (o ScriptProtocolMapperArrayOutput) Index(i pulumi.IntInput) ScriptProtocolMapperOutput
func (ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutput ¶
func (o ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutput() ScriptProtocolMapperArrayOutput
func (ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutputWithContext ¶
func (o ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutputWithContext(ctx context.Context) ScriptProtocolMapperArrayOutput
type ScriptProtocolMapperInput ¶
type ScriptProtocolMapperInput interface { pulumi.Input ToScriptProtocolMapperOutput() ScriptProtocolMapperOutput ToScriptProtocolMapperOutputWithContext(ctx context.Context) ScriptProtocolMapperOutput }
type ScriptProtocolMapperMap ¶
type ScriptProtocolMapperMap map[string]ScriptProtocolMapperInput
func (ScriptProtocolMapperMap) ElementType ¶
func (ScriptProtocolMapperMap) ElementType() reflect.Type
func (ScriptProtocolMapperMap) ToScriptProtocolMapperMapOutput ¶
func (i ScriptProtocolMapperMap) ToScriptProtocolMapperMapOutput() ScriptProtocolMapperMapOutput
func (ScriptProtocolMapperMap) ToScriptProtocolMapperMapOutputWithContext ¶
func (i ScriptProtocolMapperMap) ToScriptProtocolMapperMapOutputWithContext(ctx context.Context) ScriptProtocolMapperMapOutput
type ScriptProtocolMapperMapInput ¶
type ScriptProtocolMapperMapInput interface { pulumi.Input ToScriptProtocolMapperMapOutput() ScriptProtocolMapperMapOutput ToScriptProtocolMapperMapOutputWithContext(context.Context) ScriptProtocolMapperMapOutput }
ScriptProtocolMapperMapInput is an input type that accepts ScriptProtocolMapperMap and ScriptProtocolMapperMapOutput values. You can construct a concrete instance of `ScriptProtocolMapperMapInput` via:
ScriptProtocolMapperMap{ "key": ScriptProtocolMapperArgs{...} }
type ScriptProtocolMapperMapOutput ¶
type ScriptProtocolMapperMapOutput struct{ *pulumi.OutputState }
func (ScriptProtocolMapperMapOutput) ElementType ¶
func (ScriptProtocolMapperMapOutput) ElementType() reflect.Type
func (ScriptProtocolMapperMapOutput) MapIndex ¶
func (o ScriptProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) ScriptProtocolMapperOutput
func (ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutput ¶
func (o ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutput() ScriptProtocolMapperMapOutput
func (ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutputWithContext ¶
func (o ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutputWithContext(ctx context.Context) ScriptProtocolMapperMapOutput
type ScriptProtocolMapperOutput ¶
type ScriptProtocolMapperOutput struct{ *pulumi.OutputState }
func (ScriptProtocolMapperOutput) ClientId ¶
func (o ScriptProtocolMapperOutput) ClientId() pulumi.StringPtrOutput
The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified.
func (ScriptProtocolMapperOutput) ClientScopeId ¶
func (o ScriptProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput
The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified.
func (ScriptProtocolMapperOutput) ElementType ¶
func (ScriptProtocolMapperOutput) ElementType() reflect.Type
func (ScriptProtocolMapperOutput) FriendlyName ¶
func (o ScriptProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput
An optional human-friendly name for this attribute.
func (ScriptProtocolMapperOutput) Name ¶
func (o ScriptProtocolMapperOutput) Name() pulumi.StringOutput
The display name of this protocol mapper in the GUI.
func (ScriptProtocolMapperOutput) RealmId ¶
func (o ScriptProtocolMapperOutput) RealmId() pulumi.StringOutput
The realm this protocol mapper exists within.
func (ScriptProtocolMapperOutput) SamlAttributeName ¶
func (o ScriptProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput
The name of the SAML attribute.
func (ScriptProtocolMapperOutput) SamlAttributeNameFormat ¶
func (o ScriptProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput
The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.
func (ScriptProtocolMapperOutput) Script ¶
func (o ScriptProtocolMapperOutput) Script() pulumi.StringOutput
JavaScript code to compute the attribute value.
func (ScriptProtocolMapperOutput) SingleValueAttribute ¶
func (o ScriptProtocolMapperOutput) SingleValueAttribute() pulumi.BoolPtrOutput
When `true`, all values will be stored under one attribute with multiple attribute values. Defaults to `true`.
func (ScriptProtocolMapperOutput) ToScriptProtocolMapperOutput ¶
func (o ScriptProtocolMapperOutput) ToScriptProtocolMapperOutput() ScriptProtocolMapperOutput
func (ScriptProtocolMapperOutput) ToScriptProtocolMapperOutputWithContext ¶
func (o ScriptProtocolMapperOutput) ToScriptProtocolMapperOutputWithContext(ctx context.Context) ScriptProtocolMapperOutput
type ScriptProtocolMapperState ¶
type ScriptProtocolMapperState struct { // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrInput // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrInput // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrInput // The display name of this protocol mapper in the GUI. Name pulumi.StringPtrInput // The realm this protocol mapper exists within. RealmId pulumi.StringPtrInput // The name of the SAML attribute. SamlAttributeName pulumi.StringPtrInput // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringPtrInput // JavaScript code to compute the attribute value. Script pulumi.StringPtrInput // When `true`, all values will be stored under one attribute with multiple attribute values. Defaults to `true`. SingleValueAttribute pulumi.BoolPtrInput }
func (ScriptProtocolMapperState) ElementType ¶
func (ScriptProtocolMapperState) ElementType() reflect.Type
type UserAttributeProtocolMapper ¶
type UserAttributeProtocolMapper struct { pulumi.CustomResourceState // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrOutput `pulumi:"clientId"` // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrOutput `pulumi:"clientScopeId"` // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrOutput `pulumi:"friendlyName"` // The display name of this protocol mapper in the GUI. Name pulumi.StringOutput `pulumi:"name"` // The realm this protocol mapper exists within. RealmId pulumi.StringOutput `pulumi:"realmId"` // The name of the SAML attribute. SamlAttributeName pulumi.StringOutput `pulumi:"samlAttributeName"` // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringOutput `pulumi:"samlAttributeNameFormat"` // The custom user attribute to map. UserAttribute pulumi.StringOutput `pulumi:"userAttribute"` }
Allows for creating and managing user attribute protocol mappers for SAML clients within Keycloak.
SAML user attribute protocol mappers allow you to map custom attributes defined for a user within Keycloak to an attribute in a SAML assertion.
Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } samlClient, err := saml.NewClient(ctx, "saml_client", &saml.ClientArgs{ RealmId: realm.ID(), ClientId: pulumi.String("saml-client"), Name: pulumi.String("saml-client"), }) if err != nil { return err } _, err = saml.NewUserAttributeProtocolMapper(ctx, "saml_user_attribute_mapper", &saml.UserAttributeProtocolMapperArgs{ RealmId: realm.ID(), ClientId: samlClient.ID(), Name: pulumi.String("displayname-user-attribute-mapper"), UserAttribute: pulumi.String("displayName"), SamlAttributeName: pulumi.String("displayName"), SamlAttributeNameFormat: pulumi.String("Unspecified"), }) if err != nil { return err } return nil }) }
```
## Import
Protocol mappers can be imported using one of the following formats:
- Client: `{{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}`
- Client Scope: `{{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}}`
Example:
bash
```sh $ pulumi import keycloak:saml/userAttributeProtocolMapper:UserAttributeProtocolMapper saml_user_attribute_mapper my-realm/client/a7202154-8793-4656-b655-1dd18c181e14/71602afa-f7d1-4788-8c49-ef8fd00af0f4 ```
```sh $ pulumi import keycloak:saml/userAttributeProtocolMapper:UserAttributeProtocolMapper saml_user_attribute_mapper my-realm/client-scope/b799ea7e-73ee-4a73-990a-1eafebe8e20a/71602afa-f7d1-4788-8c49-ef8fd00af0f4 ```
func GetUserAttributeProtocolMapper ¶
func GetUserAttributeProtocolMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserAttributeProtocolMapperState, opts ...pulumi.ResourceOption) (*UserAttributeProtocolMapper, error)
GetUserAttributeProtocolMapper gets an existing UserAttributeProtocolMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserAttributeProtocolMapper ¶
func NewUserAttributeProtocolMapper(ctx *pulumi.Context, name string, args *UserAttributeProtocolMapperArgs, opts ...pulumi.ResourceOption) (*UserAttributeProtocolMapper, error)
NewUserAttributeProtocolMapper registers a new resource with the given unique name, arguments, and options.
func (*UserAttributeProtocolMapper) ElementType ¶
func (*UserAttributeProtocolMapper) ElementType() reflect.Type
func (*UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutput ¶
func (i *UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutput() UserAttributeProtocolMapperOutput
func (*UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutputWithContext ¶
func (i *UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutputWithContext(ctx context.Context) UserAttributeProtocolMapperOutput
type UserAttributeProtocolMapperArgs ¶
type UserAttributeProtocolMapperArgs struct { // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrInput // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrInput // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrInput // The display name of this protocol mapper in the GUI. Name pulumi.StringPtrInput // The realm this protocol mapper exists within. RealmId pulumi.StringInput // The name of the SAML attribute. SamlAttributeName pulumi.StringInput // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringInput // The custom user attribute to map. UserAttribute pulumi.StringInput }
The set of arguments for constructing a UserAttributeProtocolMapper resource.
func (UserAttributeProtocolMapperArgs) ElementType ¶
func (UserAttributeProtocolMapperArgs) ElementType() reflect.Type
type UserAttributeProtocolMapperArray ¶
type UserAttributeProtocolMapperArray []UserAttributeProtocolMapperInput
func (UserAttributeProtocolMapperArray) ElementType ¶
func (UserAttributeProtocolMapperArray) ElementType() reflect.Type
func (UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutput ¶
func (i UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutput() UserAttributeProtocolMapperArrayOutput
func (UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutputWithContext ¶
func (i UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutputWithContext(ctx context.Context) UserAttributeProtocolMapperArrayOutput
type UserAttributeProtocolMapperArrayInput ¶
type UserAttributeProtocolMapperArrayInput interface { pulumi.Input ToUserAttributeProtocolMapperArrayOutput() UserAttributeProtocolMapperArrayOutput ToUserAttributeProtocolMapperArrayOutputWithContext(context.Context) UserAttributeProtocolMapperArrayOutput }
UserAttributeProtocolMapperArrayInput is an input type that accepts UserAttributeProtocolMapperArray and UserAttributeProtocolMapperArrayOutput values. You can construct a concrete instance of `UserAttributeProtocolMapperArrayInput` via:
UserAttributeProtocolMapperArray{ UserAttributeProtocolMapperArgs{...} }
type UserAttributeProtocolMapperArrayOutput ¶
type UserAttributeProtocolMapperArrayOutput struct{ *pulumi.OutputState }
func (UserAttributeProtocolMapperArrayOutput) ElementType ¶
func (UserAttributeProtocolMapperArrayOutput) ElementType() reflect.Type
func (UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutput ¶
func (o UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutput() UserAttributeProtocolMapperArrayOutput
func (UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutputWithContext ¶
func (o UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutputWithContext(ctx context.Context) UserAttributeProtocolMapperArrayOutput
type UserAttributeProtocolMapperInput ¶
type UserAttributeProtocolMapperInput interface { pulumi.Input ToUserAttributeProtocolMapperOutput() UserAttributeProtocolMapperOutput ToUserAttributeProtocolMapperOutputWithContext(ctx context.Context) UserAttributeProtocolMapperOutput }
type UserAttributeProtocolMapperMap ¶
type UserAttributeProtocolMapperMap map[string]UserAttributeProtocolMapperInput
func (UserAttributeProtocolMapperMap) ElementType ¶
func (UserAttributeProtocolMapperMap) ElementType() reflect.Type
func (UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutput ¶
func (i UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutput() UserAttributeProtocolMapperMapOutput
func (UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutputWithContext ¶
func (i UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutputWithContext(ctx context.Context) UserAttributeProtocolMapperMapOutput
type UserAttributeProtocolMapperMapInput ¶
type UserAttributeProtocolMapperMapInput interface { pulumi.Input ToUserAttributeProtocolMapperMapOutput() UserAttributeProtocolMapperMapOutput ToUserAttributeProtocolMapperMapOutputWithContext(context.Context) UserAttributeProtocolMapperMapOutput }
UserAttributeProtocolMapperMapInput is an input type that accepts UserAttributeProtocolMapperMap and UserAttributeProtocolMapperMapOutput values. You can construct a concrete instance of `UserAttributeProtocolMapperMapInput` via:
UserAttributeProtocolMapperMap{ "key": UserAttributeProtocolMapperArgs{...} }
type UserAttributeProtocolMapperMapOutput ¶
type UserAttributeProtocolMapperMapOutput struct{ *pulumi.OutputState }
func (UserAttributeProtocolMapperMapOutput) ElementType ¶
func (UserAttributeProtocolMapperMapOutput) ElementType() reflect.Type
func (UserAttributeProtocolMapperMapOutput) MapIndex ¶
func (o UserAttributeProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) UserAttributeProtocolMapperOutput
func (UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutput ¶
func (o UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutput() UserAttributeProtocolMapperMapOutput
func (UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutputWithContext ¶
func (o UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutputWithContext(ctx context.Context) UserAttributeProtocolMapperMapOutput
type UserAttributeProtocolMapperOutput ¶
type UserAttributeProtocolMapperOutput struct{ *pulumi.OutputState }
func (UserAttributeProtocolMapperOutput) ClientId ¶
func (o UserAttributeProtocolMapperOutput) ClientId() pulumi.StringPtrOutput
The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified.
func (UserAttributeProtocolMapperOutput) ClientScopeId ¶
func (o UserAttributeProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput
The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified.
func (UserAttributeProtocolMapperOutput) ElementType ¶
func (UserAttributeProtocolMapperOutput) ElementType() reflect.Type
func (UserAttributeProtocolMapperOutput) FriendlyName ¶
func (o UserAttributeProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput
An optional human-friendly name for this attribute.
func (UserAttributeProtocolMapperOutput) Name ¶
func (o UserAttributeProtocolMapperOutput) Name() pulumi.StringOutput
The display name of this protocol mapper in the GUI.
func (UserAttributeProtocolMapperOutput) RealmId ¶
func (o UserAttributeProtocolMapperOutput) RealmId() pulumi.StringOutput
The realm this protocol mapper exists within.
func (UserAttributeProtocolMapperOutput) SamlAttributeName ¶
func (o UserAttributeProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput
The name of the SAML attribute.
func (UserAttributeProtocolMapperOutput) SamlAttributeNameFormat ¶
func (o UserAttributeProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput
The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.
func (UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutput ¶
func (o UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutput() UserAttributeProtocolMapperOutput
func (UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutputWithContext ¶
func (o UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutputWithContext(ctx context.Context) UserAttributeProtocolMapperOutput
func (UserAttributeProtocolMapperOutput) UserAttribute ¶
func (o UserAttributeProtocolMapperOutput) UserAttribute() pulumi.StringOutput
The custom user attribute to map.
type UserAttributeProtocolMapperState ¶
type UserAttributeProtocolMapperState struct { // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrInput // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrInput // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrInput // The display name of this protocol mapper in the GUI. Name pulumi.StringPtrInput // The realm this protocol mapper exists within. RealmId pulumi.StringPtrInput // The name of the SAML attribute. SamlAttributeName pulumi.StringPtrInput // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringPtrInput // The custom user attribute to map. UserAttribute pulumi.StringPtrInput }
func (UserAttributeProtocolMapperState) ElementType ¶
func (UserAttributeProtocolMapperState) ElementType() reflect.Type
type UserPropertyProtocolMapper ¶
type UserPropertyProtocolMapper struct { pulumi.CustomResourceState // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrOutput `pulumi:"clientId"` // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrOutput `pulumi:"clientScopeId"` // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrOutput `pulumi:"friendlyName"` // The display name of this protocol mapper in the GUI. Name pulumi.StringOutput `pulumi:"name"` // The realm this protocol mapper exists within. RealmId pulumi.StringOutput `pulumi:"realmId"` // The name of the SAML attribute. SamlAttributeName pulumi.StringOutput `pulumi:"samlAttributeName"` // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringOutput `pulumi:"samlAttributeNameFormat"` // The property of the Keycloak user model to map. UserProperty pulumi.StringOutput `pulumi:"userProperty"` }
Allows for creating and managing user property protocol mappers for SAML clients within Keycloak.
SAML user property protocol mappers allow you to map properties of the Keycloak user model to an attribute in a SAML assertion.
Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak" "github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml" "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() { pulumi.Run(func(ctx *pulumi.Context) error { realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{ Realm: pulumi.String("my-realm"), Enabled: pulumi.Bool(true), }) if err != nil { return err } samlClient, err := saml.NewClient(ctx, "saml_client", &saml.ClientArgs{ RealmId: realm.ID(), ClientId: pulumi.String("saml-client"), Name: pulumi.String("saml-client"), }) if err != nil { return err } _, err = saml.NewUserPropertyProtocolMapper(ctx, "saml_user_property_mapper", &saml.UserPropertyProtocolMapperArgs{ RealmId: realm.ID(), ClientId: samlClient.ID(), Name: pulumi.String("email-user-property-mapper"), UserProperty: pulumi.String("email"), SamlAttributeName: pulumi.String("email"), SamlAttributeNameFormat: pulumi.String("Unspecified"), }) if err != nil { return err } return nil }) }
```
## Import
Protocol mappers can be imported using one of the following formats:
- Client: `{{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}`
- Client Scope: `{{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}}`
Example:
bash
```sh $ pulumi import keycloak:saml/userPropertyProtocolMapper:UserPropertyProtocolMapper saml_user_property_mapper my-realm/client/a7202154-8793-4656-b655-1dd18c181e14/71602afa-f7d1-4788-8c49-ef8fd00af0f4 ```
```sh $ pulumi import keycloak:saml/userPropertyProtocolMapper:UserPropertyProtocolMapper saml_user_property_mapper my-realm/client-scope/b799ea7e-73ee-4a73-990a-1eafebe8e20a/71602afa-f7d1-4788-8c49-ef8fd00af0f4 ```
func GetUserPropertyProtocolMapper ¶
func GetUserPropertyProtocolMapper(ctx *pulumi.Context, name string, id pulumi.IDInput, state *UserPropertyProtocolMapperState, opts ...pulumi.ResourceOption) (*UserPropertyProtocolMapper, error)
GetUserPropertyProtocolMapper gets an existing UserPropertyProtocolMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewUserPropertyProtocolMapper ¶
func NewUserPropertyProtocolMapper(ctx *pulumi.Context, name string, args *UserPropertyProtocolMapperArgs, opts ...pulumi.ResourceOption) (*UserPropertyProtocolMapper, error)
NewUserPropertyProtocolMapper registers a new resource with the given unique name, arguments, and options.
func (*UserPropertyProtocolMapper) ElementType ¶
func (*UserPropertyProtocolMapper) ElementType() reflect.Type
func (*UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutput ¶
func (i *UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutput() UserPropertyProtocolMapperOutput
func (*UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutputWithContext ¶
func (i *UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutputWithContext(ctx context.Context) UserPropertyProtocolMapperOutput
type UserPropertyProtocolMapperArgs ¶
type UserPropertyProtocolMapperArgs struct { // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrInput // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrInput // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrInput // The display name of this protocol mapper in the GUI. Name pulumi.StringPtrInput // The realm this protocol mapper exists within. RealmId pulumi.StringInput // The name of the SAML attribute. SamlAttributeName pulumi.StringInput // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringInput // The property of the Keycloak user model to map. UserProperty pulumi.StringInput }
The set of arguments for constructing a UserPropertyProtocolMapper resource.
func (UserPropertyProtocolMapperArgs) ElementType ¶
func (UserPropertyProtocolMapperArgs) ElementType() reflect.Type
type UserPropertyProtocolMapperArray ¶
type UserPropertyProtocolMapperArray []UserPropertyProtocolMapperInput
func (UserPropertyProtocolMapperArray) ElementType ¶
func (UserPropertyProtocolMapperArray) ElementType() reflect.Type
func (UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutput ¶
func (i UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutput() UserPropertyProtocolMapperArrayOutput
func (UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutputWithContext ¶
func (i UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutputWithContext(ctx context.Context) UserPropertyProtocolMapperArrayOutput
type UserPropertyProtocolMapperArrayInput ¶
type UserPropertyProtocolMapperArrayInput interface { pulumi.Input ToUserPropertyProtocolMapperArrayOutput() UserPropertyProtocolMapperArrayOutput ToUserPropertyProtocolMapperArrayOutputWithContext(context.Context) UserPropertyProtocolMapperArrayOutput }
UserPropertyProtocolMapperArrayInput is an input type that accepts UserPropertyProtocolMapperArray and UserPropertyProtocolMapperArrayOutput values. You can construct a concrete instance of `UserPropertyProtocolMapperArrayInput` via:
UserPropertyProtocolMapperArray{ UserPropertyProtocolMapperArgs{...} }
type UserPropertyProtocolMapperArrayOutput ¶
type UserPropertyProtocolMapperArrayOutput struct{ *pulumi.OutputState }
func (UserPropertyProtocolMapperArrayOutput) ElementType ¶
func (UserPropertyProtocolMapperArrayOutput) ElementType() reflect.Type
func (UserPropertyProtocolMapperArrayOutput) Index ¶
func (o UserPropertyProtocolMapperArrayOutput) Index(i pulumi.IntInput) UserPropertyProtocolMapperOutput
func (UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutput ¶
func (o UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutput() UserPropertyProtocolMapperArrayOutput
func (UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutputWithContext ¶
func (o UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutputWithContext(ctx context.Context) UserPropertyProtocolMapperArrayOutput
type UserPropertyProtocolMapperInput ¶
type UserPropertyProtocolMapperInput interface { pulumi.Input ToUserPropertyProtocolMapperOutput() UserPropertyProtocolMapperOutput ToUserPropertyProtocolMapperOutputWithContext(ctx context.Context) UserPropertyProtocolMapperOutput }
type UserPropertyProtocolMapperMap ¶
type UserPropertyProtocolMapperMap map[string]UserPropertyProtocolMapperInput
func (UserPropertyProtocolMapperMap) ElementType ¶
func (UserPropertyProtocolMapperMap) ElementType() reflect.Type
func (UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutput ¶
func (i UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutput() UserPropertyProtocolMapperMapOutput
func (UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutputWithContext ¶
func (i UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutputWithContext(ctx context.Context) UserPropertyProtocolMapperMapOutput
type UserPropertyProtocolMapperMapInput ¶
type UserPropertyProtocolMapperMapInput interface { pulumi.Input ToUserPropertyProtocolMapperMapOutput() UserPropertyProtocolMapperMapOutput ToUserPropertyProtocolMapperMapOutputWithContext(context.Context) UserPropertyProtocolMapperMapOutput }
UserPropertyProtocolMapperMapInput is an input type that accepts UserPropertyProtocolMapperMap and UserPropertyProtocolMapperMapOutput values. You can construct a concrete instance of `UserPropertyProtocolMapperMapInput` via:
UserPropertyProtocolMapperMap{ "key": UserPropertyProtocolMapperArgs{...} }
type UserPropertyProtocolMapperMapOutput ¶
type UserPropertyProtocolMapperMapOutput struct{ *pulumi.OutputState }
func (UserPropertyProtocolMapperMapOutput) ElementType ¶
func (UserPropertyProtocolMapperMapOutput) ElementType() reflect.Type
func (UserPropertyProtocolMapperMapOutput) MapIndex ¶
func (o UserPropertyProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) UserPropertyProtocolMapperOutput
func (UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutput ¶
func (o UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutput() UserPropertyProtocolMapperMapOutput
func (UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutputWithContext ¶
func (o UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutputWithContext(ctx context.Context) UserPropertyProtocolMapperMapOutput
type UserPropertyProtocolMapperOutput ¶
type UserPropertyProtocolMapperOutput struct{ *pulumi.OutputState }
func (UserPropertyProtocolMapperOutput) ClientId ¶
func (o UserPropertyProtocolMapperOutput) ClientId() pulumi.StringPtrOutput
The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified.
func (UserPropertyProtocolMapperOutput) ClientScopeId ¶
func (o UserPropertyProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput
The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified.
func (UserPropertyProtocolMapperOutput) ElementType ¶
func (UserPropertyProtocolMapperOutput) ElementType() reflect.Type
func (UserPropertyProtocolMapperOutput) FriendlyName ¶
func (o UserPropertyProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput
An optional human-friendly name for this attribute.
func (UserPropertyProtocolMapperOutput) Name ¶
func (o UserPropertyProtocolMapperOutput) Name() pulumi.StringOutput
The display name of this protocol mapper in the GUI.
func (UserPropertyProtocolMapperOutput) RealmId ¶
func (o UserPropertyProtocolMapperOutput) RealmId() pulumi.StringOutput
The realm this protocol mapper exists within.
func (UserPropertyProtocolMapperOutput) SamlAttributeName ¶
func (o UserPropertyProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput
The name of the SAML attribute.
func (UserPropertyProtocolMapperOutput) SamlAttributeNameFormat ¶
func (o UserPropertyProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput
The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.
func (UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutput ¶
func (o UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutput() UserPropertyProtocolMapperOutput
func (UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutputWithContext ¶
func (o UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutputWithContext(ctx context.Context) UserPropertyProtocolMapperOutput
func (UserPropertyProtocolMapperOutput) UserProperty ¶
func (o UserPropertyProtocolMapperOutput) UserProperty() pulumi.StringOutput
The property of the Keycloak user model to map.
type UserPropertyProtocolMapperState ¶
type UserPropertyProtocolMapperState struct { // The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified. ClientId pulumi.StringPtrInput // The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified. ClientScopeId pulumi.StringPtrInput // An optional human-friendly name for this attribute. FriendlyName pulumi.StringPtrInput // The display name of this protocol mapper in the GUI. Name pulumi.StringPtrInput // The realm this protocol mapper exists within. RealmId pulumi.StringPtrInput // The name of the SAML attribute. SamlAttributeName pulumi.StringPtrInput // The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`. SamlAttributeNameFormat pulumi.StringPtrInput // The property of the Keycloak user model to map. UserProperty pulumi.StringPtrInput }
func (UserPropertyProtocolMapperState) ElementType ¶
func (UserPropertyProtocolMapperState) ElementType() reflect.Type