Class OidcArgs
Inheritance
System.Object
OidcArgs
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Assembly: Pulumi.Okta.dll
Syntax
public sealed class OidcArgs : ResourceArgs
Constructors
View Source
OidcArgs()
Declaration
Properties
View Source
AccountLinkAction
Specifies the account linking action for an IdP user.
Declaration
public Input<string> AccountLinkAction { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
AccountLinkGroupIncludes
Group memberships to determine link candidates.
Declaration
public InputList<string> AccountLinkGroupIncludes { get; set; }
Property Value
View Source
AcsBinding
The method of making an ACS request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
Declaration
public Input<string> AcsBinding { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
AcsType
The type of ACS. Default is "INSTANCE".
Declaration
public Input<string> AcsType { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
AuthorizationBinding
The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
Declaration
public Input<string> AuthorizationBinding { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
AuthorizationUrl
IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
Declaration
public Input<string> AuthorizationUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ClientId
Unique identifier issued by AS for the Okta IdP instance.
Declaration
public Input<string> ClientId { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ClientSecret
Client secret issued by AS for the Okta IdP instance.
Declaration
public Input<string> ClientSecret { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
DeprovisionedAction
Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
Declaration
public Input<string> DeprovisionedAction { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
GroupsAction
Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
Declaration
public Input<string> GroupsAction { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
GroupsAssignments
List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
Declaration
public InputList<string> GroupsAssignments { get; set; }
Property Value
View Source
GroupsAttribute
IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
Declaration
public Input<string> GroupsAttribute { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
GroupsFilters
Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
Declaration
public InputList<string> GroupsFilters { get; set; }
Property Value
View Source
IssuerMode
Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
Declaration
public Input<string> IssuerMode { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
IssuerUrl
URI that identifies the issuer.
Declaration
public Input<string> IssuerUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
JwksBinding
The method of making a request for the OIDC JWKS. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
Declaration
public Input<string> JwksBinding { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
JwksUrl
Endpoint where the signer of the keys publishes its keys in a JWK Set.
Declaration
public Input<string> JwksUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
MaxClockSkew
Maximum allowable clock-skew when processing messages from the IdP.
Declaration
public Input<int> MaxClockSkew { get; set; }
Property Value
| Type |
Description |
| Input<System.Int32> |
|
View Source
Name
The Application's display name.
Declaration
public Input<string> Name { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ProfileMaster
Determines if the IdP should act as a source of truth for user profile attributes.
Declaration
public Input<bool> ProfileMaster { get; set; }
Property Value
| Type |
Description |
| Input<System.Boolean> |
|
View Source
ProtocolType
The type of protocol to use. It can be "OIDC" or "OAUTH2".
Declaration
public Input<string> ProtocolType { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ProvisioningAction
Provisioning action for an IdP user during authentication.
Declaration
public Input<string> ProvisioningAction { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
RequestSignatureAlgorithm
algorithm to use to sign requests
Declaration
public Input<string> RequestSignatureAlgorithm { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
RequestSignatureScope
algorithm to use to sign response
Declaration
public Input<string> RequestSignatureScope { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ResponseSignatureAlgorithm
algorithm to use to sign requests
Declaration
public Input<string> ResponseSignatureAlgorithm { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
ResponseSignatureScope
algorithm to use to sign response
Declaration
public Input<string> ResponseSignatureScope { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
Scopes
Declaration
public InputList<string> Scopes { get; set; }
Property Value
View Source
Status
Declaration
public Input<string> Status { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
SubjectMatchAttribute
Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
Declaration
public Input<string> SubjectMatchAttribute { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
SubjectMatchType
Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
Declaration
public Input<string> SubjectMatchType { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
SuspendedAction
Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
Declaration
public Input<string> SuspendedAction { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
TokenBinding
The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
Declaration
public Input<string> TokenBinding { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
TokenUrl
IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
Declaration
public Input<string> TokenUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
UserInfoBinding
Declaration
public Input<string> UserInfoBinding { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
UserInfoUrl
Protected resource endpoint that returns claims about the authenticated user.
Declaration
public Input<string> UserInfoUrl { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|
View Source
UsernameTemplate
Okta EL Expression to generate or transform a unique username for the IdP user.
Declaration
public Input<string> UsernameTemplate { get; set; }
Property Value
| Type |
Description |
| Input<System.String> |
|