Class IdentityProviderArgs
Inherited Members
Namespace: Pulumi.Keycloak.Saml
Assembly: Pulumi.Keycloak.dll
Syntax
public sealed class IdentityProviderArgs : ResourceArgsConstructors
View SourceIdentityProviderArgs()
Declaration
public IdentityProviderArgs()Properties
View SourceAddReadTokenRoleOnCreate
Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.
Declaration
public Input<bool> AddReadTokenRoleOnCreate { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
Alias
The alias uniquely identifies an identity provider and it is also used to build the redirect uri.
Declaration
public Input<string> Alias { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
AuthenticateByDefault
Enable/disable authenticate users by default.
Declaration
public Input<bool> AuthenticateByDefault { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
BackchannelSupported
Does the external IDP support backchannel logout?
Declaration
public Input<bool> BackchannelSupported { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
DisplayName
Friendly name for Identity Providers.
Declaration
public Input<string> DisplayName { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
Enabled
Enable/disable this identity provider.
Declaration
public Input<bool> Enabled { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
FirstBrokerLoginFlowAlias
Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that there is not yet existing Keycloak account linked with the authenticated identity provider account.
Declaration
public Input<string> FirstBrokerLoginFlowAlias { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
ForceAuthn
Require Force Authn.
Declaration
public Input<bool> ForceAuthn { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
HideOnLoginPage
Hide On Login Page.
Declaration
public Input<bool> HideOnLoginPage { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
LinkOnly
If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't want to allow login from the provider, but want to integrate with a provider
Declaration
public Input<bool> LinkOnly { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
NameIdPolicyFormat
Name ID Policy Format.
Declaration
public Input<string> NameIdPolicyFormat { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
PostBindingAuthnRequest
Post Binding Authn Request.
Declaration
public Input<bool> PostBindingAuthnRequest { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
PostBindingLogout
Post Binding Logout.
Declaration
public Input<bool> PostBindingLogout { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
PostBindingResponse
Post Binding Response.
Declaration
public Input<bool> PostBindingResponse { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
PostBrokerLoginFlowAlias
Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.
Declaration
public Input<string> PostBrokerLoginFlowAlias { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
Realm
Realm Name
Declaration
public Input<string> Realm { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
SignatureAlgorithm
Signing Algorithm.
Declaration
public Input<string> SignatureAlgorithm { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
SigningCertificate
Signing Certificate.
Declaration
public Input<string> SigningCertificate { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
SingleLogoutServiceUrl
Logout URL.
Declaration
public Input<string> SingleLogoutServiceUrl { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
SingleSignOnServiceUrl
SSO Logout URL.
Declaration
public Input<string> SingleSignOnServiceUrl { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |
StoreToken
Enable/disable if tokens must be stored after authenticating users.
Declaration
public Input<bool> StoreToken { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
TrustEmail
If enabled then email provided by this provider is not verified even if verification is enabled for the realm.
Declaration
public Input<bool> TrustEmail { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
ValidateSignature
Enable/disable signature validation of SAML responses.
Declaration
public Input<bool> ValidateSignature { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
WantAssertionsEncrypted
Want Assertions Encrypted.
Declaration
public Input<bool> WantAssertionsEncrypted { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
WantAssertionsSigned
Want Assertions Signed.
Declaration
public Input<bool> WantAssertionsSigned { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.Boolean> |
XmlSignKeyInfoKeyNameTransformer
Sign Key Transformer.
Declaration
public Input<string> XmlSignKeyInfoKeyNameTransformer { get; set; }Property Value
| Type | Description |
|---|---|
| Input<System.String> |