Class AudienceProtocolMapper
# keycloak.openid.AudienceProtocolMapper
Allows for creating and managing audience protocol mappers within Keycloak. This mapper was added in Keycloak v4.6.0.Final.
Audience protocol mappers allow you add audiences to the aud claim
within issued tokens. The audience can be a custom string, or it can be
mapped to the ID of a pre-existing client.
Example Usage (Client)
using Pulumi;
using Keycloak = Pulumi.Keycloak;
class MyStack : Stack
{
public MyStack()
{
var realm = new Keycloak.Realm("realm", new Keycloak.RealmArgs
{
Enabled = true,
Realm = "my-realm",
});
var openidClient = new Keycloak.OpenId.Client("openidClient", new Keycloak.OpenId.ClientArgs
{
AccessType = "CONFIDENTIAL",
ClientId = "test-client",
Enabled = true,
RealmId = realm.Id,
ValidRedirectUris =
{
"http://localhost:8080/openid-callback",
},
});
var audienceMapper = new Keycloak.OpenId.AudienceProtocolMapper("audienceMapper", new Keycloak.OpenId.AudienceProtocolMapperArgs
{
ClientId = openidClient.Id,
IncludedCustomAudience = "foo",
RealmId = realm.Id,
});
}
}
Example Usage (Client Scope)
using Pulumi;
using Keycloak = Pulumi.Keycloak;
class MyStack : Stack
{
public MyStack()
{
var realm = new Keycloak.Realm("realm", new Keycloak.RealmArgs
{
Enabled = true,
Realm = "my-realm",
});
var clientScope = new Keycloak.OpenId.ClientScope("clientScope", new Keycloak.OpenId.ClientScopeArgs
{
RealmId = realm.Id,
});
var audienceMapper = new Keycloak.OpenId.AudienceProtocolMapper("audienceMapper", new Keycloak.OpenId.AudienceProtocolMapperArgs
{
ClientScopeId = clientScope.Id,
IncludedCustomAudience = "foo",
RealmId = realm.Id,
});
}
}
Argument Reference
The following arguments are supported:
realm_id- (Required) The realm this protocol mapper exists within.client_id- (Required ifclient_scope_idis not specified) The client this protocol mapper is attached to.client_scope_id- (Required ifclient_idis not specified) The client scope this protocol mapper is attached to.name- (Required) The display name of this protocol mapper in the GUI.included_client_audience- (Required ifincluded_custom_audienceis not specified) A client ID to include within the token'saudclaim.included_custom_audience- (Required ifincluded_client_audienceis not specified) A custom audience to include within the token'saudclaim.add_to_id_token- (Optional) Indicates if the audience should be included in theaudclaim for the id token. Defaults totrue.add_to_access_token- (Optional) Indicates if the audience should be included in theaudclaim for the id token. Defaults totrue.
Inherited Members
Namespace: Pulumi.Keycloak.OpenId
Assembly: Pulumi.Keycloak.dll
Syntax
public class AudienceProtocolMapper : CustomResourceConstructors
View SourceAudienceProtocolMapper(String, AudienceProtocolMapperArgs, CustomResourceOptions)
Create a AudienceProtocolMapper resource with the given unique name, arguments, and options.
Declaration
public AudienceProtocolMapper(string name, AudienceProtocolMapperArgs args, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| AudienceProtocolMapperArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceAddToAccessToken
Indicates if this claim should be added to the access token.
Declaration
public Output<bool?> AddToAccessToken { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Boolean>> |
AddToIdToken
Indicates if this claim should be added to the id token.
Declaration
public Output<bool?> AddToIdToken { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Boolean>> |
ClientId
The mapper's associated client. Cannot be used at the same time as client_scope_id.
Declaration
public Output<string> ClientId { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
ClientScopeId
The mapper's associated client scope. Cannot be used at the same time as client_id.
Declaration
public Output<string> ClientScopeId { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
IncludedClientAudience
A client ID to include within the token's aud claim. Cannot be used with included_custom_audience
Declaration
public Output<string> IncludedClientAudience { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
IncludedCustomAudience
A custom audience to include within the token's aud claim. Cannot be used with included_custom_audience
Declaration
public Output<string> IncludedCustomAudience { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Name
A human-friendly name that will appear in the Keycloak console.
Declaration
public Output<string> Name { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
RealmId
The realm id where the associated client or client scope exists.
Declaration
public Output<string> RealmId { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Methods
View SourceGet(String, Input<String>, AudienceProtocolMapperState, CustomResourceOptions)
Get an existing AudienceProtocolMapper resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static AudienceProtocolMapper Get(string name, Input<string> id, AudienceProtocolMapperState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| AudienceProtocolMapperState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| AudienceProtocolMapper |