Class Social
Creates an Social Identity Provider.
This resource allows you to create and configure an Social Identity Provider.
Example Usage
using Pulumi;
using Okta = Pulumi.Okta;
class MyStack : Stack
{
public MyStack()
{
var example = new Okta.Idp.Social("example", new Okta.Idp.SocialArgs
{
ClientId = "abcd123",
ClientSecret = "abcd123",
MatchAttribute = "customfieldId",
MatchType = "CUSTOM_ATTRIBUTE",
ProtocolType = "OAUTH2",
Scopes =
{
"public_profile",
"email",
},
Type = "FACEBOOK",
UsernameTemplate = "idpuser.email",
});
}
}
Inherited Members
Namespace: Pulumi.Okta.Idp
Assembly: Pulumi.Okta.dll
Syntax
public class Social : CustomResourceConstructors
View SourceSocial(String, SocialArgs, CustomResourceOptions)
Create a Social resource with the given unique name, arguments, and options.
Declaration
public Social(string name, SocialArgs args, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resource |
| SocialArgs | args | The arguments used to populate this resource's properties |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Properties
View SourceAccountLinkAction
Specifies the account linking action for an IdP user.
Declaration
public Output<string> AccountLinkAction { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
AccountLinkGroupIncludes
Group memberships to determine link candidates.
Declaration
public Output<ImmutableArray<string>> AccountLinkGroupIncludes { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<System.String>> |
AuthorizationBinding
The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
Declaration
public Output<string> AuthorizationBinding { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
AuthorizationUrl
IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
Declaration
public Output<string> AuthorizationUrl { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
ClientId
Unique identifier issued by AS for the Okta IdP instance.
Declaration
public Output<string> ClientId { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
ClientSecret
Client secret issued by AS for the Okta IdP instance.
Declaration
public Output<string> ClientSecret { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
DeprovisionedAction
Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
Declaration
public Output<string> DeprovisionedAction { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
GroupsAction
Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
Declaration
public Output<string> GroupsAction { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
GroupsAssignments
List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
Declaration
public Output<ImmutableArray<string>> GroupsAssignments { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<System.String>> |
GroupsAttribute
IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
Declaration
public Output<string> GroupsAttribute { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
GroupsFilters
Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
Declaration
public Output<ImmutableArray<string>> GroupsFilters { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<System.String>> |
IssuerMode
Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
Declaration
public Output<string> IssuerMode { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
MatchAttribute
Declaration
public Output<string> MatchAttribute { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
MatchType
Declaration
public Output<string> MatchType { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
MaxClockSkew
Maximum allowable clock-skew when processing messages from the IdP.
Declaration
public Output<int?> MaxClockSkew { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Int32>> |
Name
The Application's display name.
Declaration
public Output<string> Name { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
ProfileMaster
Determines if the IdP should act as a source of truth for user profile attributes.
Declaration
public Output<bool?> ProfileMaster { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Nullable<System.Boolean>> |
ProtocolType
The type of protocol to use. It can be "OIDC" or "OAUTH2".
Declaration
public Output<string> ProtocolType { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
ProvisioningAction
Provisioning action for an IdP user during authentication.
Declaration
public Output<string> ProvisioningAction { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
RequestSignatureAlgorithm
The XML digital signature algorithm used when signing an AuthnRequest message.
Declaration
public Output<string> RequestSignatureAlgorithm { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
RequestSignatureScope
Specifies whether or not to digitally sign an AuthnRequest messages to the IdP. It can be "REQUEST" or "NONE".
Declaration
public Output<string> RequestSignatureScope { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
ResponseSignatureAlgorithm
The minimum XML digital signature algorithm allowed when verifying a SAMLResponse message or Assertion element.
Declaration
public Output<string> ResponseSignatureAlgorithm { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
ResponseSignatureScope
Specifies whether to verify a SAMLResponse message or Assertion element XML digital signature. It can be "RESPONSE", "ASSERTION", or "ANY".
Declaration
public Output<string> ResponseSignatureScope { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Scopes
The scopes of the IdP.
Declaration
public Output<ImmutableArray<string>> Scopes { get; }Property Value
| Type | Description |
|---|---|
| Output<System.Collections.Immutable.ImmutableArray<System.String>> |
Status
Status of the IdP.
Declaration
public Output<string> Status { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
SubjectMatchAttribute
Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
Declaration
public Output<string> SubjectMatchAttribute { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
SubjectMatchType
Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
Declaration
public Output<string> SubjectMatchType { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
SuspendedAction
Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
Declaration
public Output<string> SuspendedAction { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
TokenBinding
The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
Declaration
public Output<string> TokenBinding { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
TokenUrl
IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
Declaration
public Output<string> TokenUrl { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Type
The type of Social IdP. It can be "FACEBOOK", "LINKEDIN", "MICROSOFT", or "GOOGLE".
Declaration
public Output<string> Type { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
UsernameTemplate
Okta EL Expression to generate or transform a unique username for the IdP user.
Declaration
public Output<string> UsernameTemplate { get; }Property Value
| Type | Description |
|---|---|
| Output<System.String> |
Methods
View SourceGet(String, Input<String>, SocialState, CustomResourceOptions)
Get an existing Social resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
Declaration
public static Social Get(string name, Input<string> id, SocialState state = null, CustomResourceOptions options = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.String | name | The unique name of the resulting resource. |
| Input<System.String> | id | The unique provider ID of the resource to lookup. |
| SocialState | state | Any extra arguments used during the lookup. |
| CustomResourceOptions | options | A bag of options that control this resource's behavior |
Returns
| Type | Description |
|---|---|
| Social |