Class SamlArgs

Inheritance
System.Object
InputArgs
ResourceArgs
SamlArgs
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: Pulumi.Okta.Idp
Assembly: Pulumi.Okta.dll
Syntax
public sealed class SamlArgs : ResourceArgs

Constructors

View Source

SamlArgs()

Declaration
public SamlArgs()

Properties

View Source

AccountLinkAction

Specifies the account linking action for an IdP user.

Declaration
public Input<string> AccountLinkAction { get; set; }
Property Value
Type Description
Input<System.String>
View Source

AccountLinkGroupIncludes

Group memberships to determine link candidates.

Declaration
public InputList<string> AccountLinkGroupIncludes { get; set; }
Property Value
Type Description
InputList<System.String>
View Source

AcsBinding

The method of making an ACS request. It can be set to &quot;HTTP-POST&quot; or &quot;HTTP-REDIRECT&quot;.

Declaration
public Input<string> AcsBinding { get; set; }
Property Value
Type Description
Input<System.String>
View Source

AcsType

The type of ACS. It can be &quot;INSTANCE&quot; or &quot;ORG&quot;.

Declaration
public Input<string> AcsType { get; set; }
Property Value
Type Description
Input<System.String>
View Source

DeprovisionedAction

Action for a previously deprovisioned IdP user during authentication. Can be &quot;NONE&quot; or &quot;REACTIVATE&quot;.

Declaration
public Input<string> DeprovisionedAction { get; set; }
Property Value
Type Description
Input<System.String>
View Source

GroupsAction

Provisioning action for IdP user's group memberships. It can be &quot;NONE&quot;, &quot;SYNC&quot;, &quot;APPEND&quot;, or &quot;ASSIGN&quot;.

Declaration
public Input<string> GroupsAction { get; set; }
Property Value
Type Description
Input<System.String>
View Source

GroupsAssignments

List of Okta Group IDs to add an IdP user as a member with the &quot;ASSIGN&quot; groups_action.

Declaration
public InputList<string> GroupsAssignments { get; set; }
Property Value
Type Description
InputList<System.String>
View Source

GroupsAttribute

IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.

Declaration
public Input<string> GroupsAttribute { get; set; }
Property Value
Type Description
Input<System.String>
View Source

GroupsFilters

Whitelist of Okta Group identifiers that are allowed for the &quot;APPEND&quot; or &quot;SYNC&quot; groups_action.

Declaration
public InputList<string> GroupsFilters { get; set; }
Property Value
Type Description
InputList<System.String>
View Source

Issuer

URI that identifies the issuer.

Declaration
public Input<string> Issuer { get; set; }
Property Value
Type Description
Input<System.String>
View Source

IssuerMode

Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be &quot;ORG_URL&quot; or &quot;CUSTOM_URL&quot;.

Declaration
public Input<string> IssuerMode { get; set; }
Property Value
Type Description
Input<System.String>
View Source

Kid

The ID of the signing key.

Declaration
public Input<string> Kid { get; set; }
Property Value
Type Description
Input<System.String>
View Source

Name

The Application's display name.

Declaration
public Input<string> Name { get; set; }
Property Value
Type Description
Input<System.String>
View Source

NameFormat

The name identifier format to use. By default &quot;urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified&quot;.

Declaration
public Input<string> NameFormat { get; set; }
Property Value
Type Description
Input<System.String>
View Source

ProfileMaster

Determines if the IdP should act as a source of truth for user profile attributes.

Declaration
public Input<bool> ProfileMaster { get; set; }
Property Value
Type Description
Input<System.Boolean>
View Source

ProvisioningAction

Provisioning action for an IdP user during authentication.

Declaration
public Input<string> ProvisioningAction { get; set; }
Property Value
Type Description
Input<System.String>
View Source

RequestSignatureAlgorithm

The XML digital signature algorithm used when signing an AuthnRequest message.

Declaration
public Input<string> RequestSignatureAlgorithm { get; set; }
Property Value
Type Description
Input<System.String>
View Source

RequestSignatureScope

Specifies whether or not to digitally sign an AuthnRequest messages to the IdP. It can be &quot;REQUEST&quot; or &quot;NONE&quot;.

Declaration
public Input<string> RequestSignatureScope { get; set; }
Property Value
Type Description
Input<System.String>
View Source

ResponseSignatureAlgorithm

The minimum XML digital signature algorithm allowed when verifying a SAMLResponse message or Assertion element.

Declaration
public Input<string> ResponseSignatureAlgorithm { get; set; }
Property Value
Type Description
Input<System.String>
View Source

ResponseSignatureScope

Specifies whether to verify a SAMLResponse message or Assertion element XML digital signature. It can be &quot;RESPONSE&quot;, &quot;ASSERTION&quot;, or &quot;ANY&quot;.

Declaration
public Input<string> ResponseSignatureScope { get; set; }
Property Value
Type Description
Input<System.String>
View Source

SsoBinding

The method of making an SSO request. It can be set to &quot;HTTP-POST&quot; or &quot;HTTP-REDIRECT&quot;.

Declaration
public Input<string> SsoBinding { get; set; }
Property Value
Type Description
Input<System.String>
View Source

SsoDestination

URI reference indicating the address to which the AuthnRequest message is sent.

Declaration
public Input<string> SsoDestination { get; set; }
Property Value
Type Description
Input<System.String>
View Source

SsoUrl

URL of binding-specific endpoint to send an AuthnRequest message to IdP.

Declaration
public Input<string> SsoUrl { get; set; }
Property Value
Type Description
Input<System.String>
View Source

Status

Status of the IdP.

Declaration
public Input<string> Status { get; set; }
Property Value
Type Description
Input<System.String>
View Source

SubjectFilter

Optional regular expression pattern used to filter untrusted IdP usernames.

Declaration
public Input<string> SubjectFilter { get; set; }
Property Value
Type Description
Input<System.String>
View Source

SubjectFormats

The name formate. By default &quot;urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified&quot;.

Declaration
public InputList<string> SubjectFormats { get; set; }
Property Value
Type Description
InputList<System.String>
View Source

SubjectMatchAttribute

Okta user profile attribute for matching transformed IdP username. Only for matchType &quot;CUSTOM_ATTRIBUTE&quot;.

Declaration
public Input<string> SubjectMatchAttribute { get; set; }
Property Value
Type Description
Input<System.String>
View Source

SubjectMatchType

Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default it is set to &quot;USERNAME&quot;. It can be set to &quot;USERNAME&quot;, &quot;EMAIL&quot;, &quot;USERNAME_OR_EMAIL&quot; or &quot;CUSTOM_ATTRIBUTE&quot;.

Declaration
public Input<string> SubjectMatchType { get; set; }
Property Value
Type Description
Input<System.String>
View Source

SuspendedAction

Action for a previously suspended IdP user during authentication. Can be set to &quot;NONE&quot; or &quot;UNSUSPEND&quot;

Declaration
public Input<string> SuspendedAction { get; set; }
Property Value
Type Description
Input<System.String>
View Source

UsernameTemplate

Okta EL Expression to generate or transform a unique username for the IdP user.

Declaration
public Input<string> UsernameTemplate { get; set; }
Property Value
Type Description
Input<System.String>