Class IdentityProviderState
Inheritance
System.Object
IdentityProviderState
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Assembly: Pulumi.Keycloak.dll
Syntax
public sealed class IdentityProviderState : ResourceArgs
Constructors
View Source
IdentityProviderState()
Declaration
public IdentityProviderState()
Properties
View Source
AcceptsPromptNoneForwardFromClient
This is just used together with Identity Provider Authenticator or when kc_idp_hint points to this identity provider. In
case that client sends a request with prompt=none and user is not yet authenticated, the error will not be directly
returned to client, but the request with prompt=none will be forwarded to this identity provider.
Declaration
public Input<bool> AcceptsPromptNoneForwardFromClient { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
AddReadTokenRoleOnCreate
Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.
Declaration
public Input<bool> AddReadTokenRoleOnCreate { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
Alias
The alias uniquely identifies an identity provider and it is also used to build the redirect uri.
Declaration
public Input<string> Alias { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
AuthenticateByDefault
Enable/disable authenticate users by default.
Declaration
public Input<bool> AuthenticateByDefault { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
AuthorizationUrl
Declaration
public Input<string> AuthorizationUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
BackchannelSupported
Does the external IDP support backchannel logout?
Declaration
public Input<bool> BackchannelSupported { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
ClientId
Declaration
public Input<string> ClientId { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ClientSecret
Declaration
public Input<string> ClientSecret { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
DefaultScopes
The scopes to be sent when asking for authorization. It can be a space-separated list of scopes. Defaults to 'openid'.
Declaration
public Input<string> DefaultScopes { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
DisplayName
Friendly name for Identity Providers.
Declaration
public Input<string> DisplayName { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
Enabled
Enable/disable this identity provider.
Declaration
public Input<bool> Enabled { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
Declaration
public InputMap<object> ExtraConfig { get; set; }
Property Value
| Type |
Description |
| InputMap<System.Object> |
|
View Source
FirstBrokerLoginFlowAlias
Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means
that there is not yet existing Keycloak account linked with the authenticated identity provider account.
Declaration
public Input<string> FirstBrokerLoginFlowAlias { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
HideOnLoginPage
Declaration
public Input<bool> HideOnLoginPage { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
InternalId
Internal Identity Provider Id
Declaration
public Input<string> InternalId { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
JwksUrl
Declaration
public Input<string> JwksUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
LinkOnly
If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't
want to allow login from the provider, but want to integrate with a provider
Declaration
public Input<bool> LinkOnly { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
LoginHint
Declaration
public Input<string> LoginHint { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
LogoutUrl
Declaration
public Input<string> LogoutUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
PostBrokerLoginFlowAlias
Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want
additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if
you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that
authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.
Declaration
public Input<string> PostBrokerLoginFlowAlias { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ProviderId
provider id, is always oidc, unless you have a custom implementation
Declaration
public Input<string> ProviderId { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
Realm
Declaration
public Input<string> Realm { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
StoreToken
Enable/disable if tokens must be stored after authenticating users.
Declaration
public Input<bool> StoreToken { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
TokenUrl
Declaration
public Input<string> TokenUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
TrustEmail
If enabled then email provided by this provider is not verified even if verification is enabled for the realm.
Declaration
public Input<bool> TrustEmail { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
UiLocales
Pass current locale to identity provider
Declaration
public Input<bool> UiLocales { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
UserInfoUrl
Declaration
public Input<string> UserInfoUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ValidateSignature
Enable/disable signature validation of external IDP signatures.
Declaration
public Input<bool> ValidateSignature { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|