Class HardcodedRoleProtocolMapper

# keycloak.openid.HardcodedRoleProtocolMapper

Allows for creating and managing hardcoded role protocol mappers within Keycloak.

Hardcoded role protocol mappers allow you to specify a single role to always map to an access token for a client. Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.

Example Usage (Client)

using Pulumi;
using Keycloak = Pulumi.Keycloak;

class MyStack : Stack
{
public MyStack()
{
    var realm = new Keycloak.Realm("realm", new Keycloak.RealmArgs
    {
        Enabled = true,
        Realm = "my-realm",
    });
    var role = new Keycloak.Role("role", new Keycloak.RoleArgs
    {
        RealmId = realm.Id,
    });
    var openidClient = new Keycloak.OpenId.Client("openidClient", new Keycloak.OpenId.ClientArgs
    {
        AccessType = "CONFIDENTIAL",
        ClientId = "test-client",
        Enabled = true,
        RealmId = realm.Id,
        ValidRedirectUris = 
        {
            "http://localhost:8080/openid-callback",
        },
    });
    var hardcodedRoleMapper = new Keycloak.OpenId.HardcodedRoleProtocolMapper("hardcodedRoleMapper", new Keycloak.OpenId.HardcodedRoleProtocolMapperArgs
    {
        ClientId = openidClient.Id,
        RealmId = realm.Id,
        RoleId = role.Id,
    });
}

}

Example Usage (Client Scope)

using Pulumi;
using Keycloak = Pulumi.Keycloak;

class MyStack : Stack
{
public MyStack()
{
    var realm = new Keycloak.Realm("realm", new Keycloak.RealmArgs
    {
        Enabled = true,
        Realm = "my-realm",
    });
    var role = new Keycloak.Role("role", new Keycloak.RoleArgs
    {
        RealmId = realm.Id,
    });
    var clientScope = new Keycloak.OpenId.ClientScope("clientScope", new Keycloak.OpenId.ClientScopeArgs
    {
        RealmId = realm.Id,
    });
    var hardcodedRoleMapper = new Keycloak.OpenId.HardcodedRoleProtocolMapper("hardcodedRoleMapper", new Keycloak.OpenId.HardcodedRoleProtocolMapperArgs
    {
        ClientScopeId = clientScope.Id,
        RealmId = realm.Id,
        RoleId = role.Id,
    });
}

}

Argument Reference

The following arguments are supported:

  • realm_id - (Required) The realm this protocol mapper exists within.
  • client_id - (Required if client_scope_id is not specified) The client this protocol mapper is attached to.
  • client_scope_id - (Required if client_id is not specified) The client scope this protocol mapper is attached to.
  • name - (Required) The display name of this protocol mapper in the GUI.
  • role_id - (Required) The ID of the role to map to an access token.
Inheritance
System.Object
Resource
CustomResource
HardcodedRoleProtocolMapper
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Keycloak.OpenId
Assembly: Pulumi.Keycloak.dll
Syntax
public class HardcodedRoleProtocolMapper : CustomResource

Constructors

View Source

HardcodedRoleProtocolMapper(String, HardcodedRoleProtocolMapperArgs, CustomResourceOptions)

Create a HardcodedRoleProtocolMapper resource with the given unique name, arguments, and options.

Declaration
public HardcodedRoleProtocolMapper(string name, HardcodedRoleProtocolMapperArgs args, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resource
HardcodedRoleProtocolMapperArgs args

The arguments used to populate this resource's properties
CustomResourceOptions options

A bag of options that control this resource's behavior

Properties

View Source

ClientId

The mapper's associated client. Cannot be used at the same time as client_scope_id.

Declaration
public Output<string> ClientId { get; }
Property Value
Type Description
Output<System.String>
View Source

ClientScopeId

The mapper's associated client scope. Cannot be used at the same time as client_id.

Declaration
public Output<string> ClientScopeId { get; }
Property Value
Type Description
Output<System.String>
View Source

Name

A human-friendly name that will appear in the Keycloak console.

Declaration
public Output<string> Name { get; }
Property Value
Type Description
Output<System.String>
View Source

RealmId

The realm id where the associated client or client scope exists.

Declaration
public Output<string> RealmId { get; }
Property Value
Type Description
Output<System.String>
View Source

RoleId

Declaration
public Output<string> RoleId { get; }
Property Value
Type Description
Output<System.String>

Methods

View Source

Get(String, Input<String>, HardcodedRoleProtocolMapperState, CustomResourceOptions)

Get an existing HardcodedRoleProtocolMapper resource's state with the given name, ID, and optional extra properties used to qualify the lookup.

Declaration
public static HardcodedRoleProtocolMapper Get(string name, Input<string> id, HardcodedRoleProtocolMapperState state = null, CustomResourceOptions options = null)
Parameters
Type Name Description
System.String name

The unique name of the resulting resource.
Input<System.String> id

The unique provider ID of the resource to lookup.
HardcodedRoleProtocolMapperState state

Any extra arguments used during the lookup.
CustomResourceOptions options

A bag of options that control this resource's behavior
Returns
Type Description
HardcodedRoleProtocolMapper