1. Docs
  2. Reference
  3. API
  4. @pulumi/okta
  5. app

Module app

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-okta repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-okta repo.

Resources

Functions

Others

Resources

Resource AutoLogin

class AutoLogin extends CustomResource

Creates an Auto Login Okta Application.

This resource allows you to create and configure an Auto Login Okta Application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.AutoLogin("example", {
    credentialsScheme: "EDIT_USERNAME_AND_PASSWORD",
    label: "Example App",
    revealPassword: true,
    signOnRedirectUrl: "https://example.com",
    signOnUrl: "https://example.com/login.html",
});

constructor

new AutoLogin(name: string, args: AutoLoginArgs, opts?: pulumi.CustomResourceOptions)

Create a AutoLogin resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AutoLoginState, opts?: pulumi.CustomResourceOptions): AutoLogin

Get an existing AutoLogin resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is AutoLogin

Returns true if the given object is an instance of AutoLogin. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accessibilityErrorRedirectUrl

public accessibilityErrorRedirectUrl: pulumi.Output<string | undefined>;

Custom error page URL

property accessibilitySelfService

public accessibilitySelfService: pulumi.Output<boolean | undefined>;

Enable self service

property autoSubmitToolbar

public autoSubmitToolbar: pulumi.Output<boolean | undefined>;

Display auto submit toolbar

property credentialsScheme

public credentialsScheme: pulumi.Output<string | undefined>;

Application credentials scheme

property groups

public groups: pulumi.Output<string[] | undefined>;

Groups associated with the application

property hideIos

public hideIos: pulumi.Output<boolean | undefined>;

Do not display application icon on mobile app

property hideWeb

public hideWeb: pulumi.Output<boolean | undefined>;

Do not display application icon to users

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property label

public label: pulumi.Output<string>;

The Application’s display name.

property name

public name: pulumi.Output<string>;

Name assigned to the application by Okta.

property preconfiguredApp

public preconfiguredApp: pulumi.Output<string | undefined>;

Tells Okta to use an existing application in their application catalog, as opposed to a custom application.

property revealPassword

public revealPassword: pulumi.Output<boolean | undefined>;

Allow user to reveal password

property sharedPassword

public sharedPassword: pulumi.Output<string | undefined>;

Shared password, required for certain schemes.

property sharedUsername

public sharedUsername: pulumi.Output<string | undefined>;

Shared username, required for certain schemes.

property signOnMode

public signOnMode: pulumi.Output<string>;

Sign on mode of application.

property signOnRedirectUrl

public signOnRedirectUrl: pulumi.Output<string | undefined>;

Post login redirect URL

property signOnUrl

public signOnUrl: pulumi.Output<string | undefined>;

Login URL

property status

public status: pulumi.Output<string | undefined>;

The status of the application, by default it is "ACTIVE".

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userNameTemplate

public userNameTemplate: pulumi.Output<string>;

Username template

property userNameTemplateType

public userNameTemplateType: pulumi.Output<string>;

Username template type

property users

public users: pulumi.Output<AutoLoginUser[] | undefined>;

Users associated with the application

Resource BasicAuth

class BasicAuth extends CustomResource

Creates a Bsaic Auth Application.

This resource allows you to create and configure a Basic Auth Application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.BasicAuth("example", {
    authUrl: "https://example.com/auth.html",
    label: "Example",
    url: "https://example.com/login.html",
});

constructor

new BasicAuth(name: string, args: BasicAuthArgs, opts?: pulumi.CustomResourceOptions)

Create a BasicAuth resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BasicAuthState, opts?: pulumi.CustomResourceOptions): BasicAuth

Get an existing BasicAuth resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is BasicAuth

Returns true if the given object is an instance of BasicAuth. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property authUrl

public authUrl: pulumi.Output<string | undefined>;

The URL of the authenticating site for this app.

property autoSubmitToolbar

public autoSubmitToolbar: pulumi.Output<boolean | undefined>;

Display auto submit toolbar

property groups

public groups: pulumi.Output<string[] | undefined>;

Groups associated with the application

property hideIos

public hideIos: pulumi.Output<boolean | undefined>;

Do not display application icon on mobile app

property hideWeb

public hideWeb: pulumi.Output<boolean | undefined>;

Do not display application icon to users

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property label

public label: pulumi.Output<string>;

The Application’s display name.

property name

public name: pulumi.Output<string>;

name of app.

property signOnMode

public signOnMode: pulumi.Output<string>;

Sign on mode of application.

property status

public status: pulumi.Output<string | undefined>;

Status of application.

property url

public url: pulumi.Output<string | undefined>;

The URL of the sign-in page for this app.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property users

public users: pulumi.Output<BasicAuthUser[] | undefined>;

Users associated with the application

Resource Bookmark

class Bookmark extends CustomResource

Creates a Bookmark Application.

This resource allows you to create and configure a Bookmark Application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.Bookmark("example", {
    label: "Example",
    url: "https://example.com",
});

constructor

new Bookmark(name: string, args: BookmarkArgs, opts?: pulumi.CustomResourceOptions)

Create a Bookmark resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BookmarkState, opts?: pulumi.CustomResourceOptions): Bookmark

Get an existing Bookmark resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Bookmark

Returns true if the given object is an instance of Bookmark. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoSubmitToolbar

public autoSubmitToolbar: pulumi.Output<boolean | undefined>;

Display auto submit toolbar

property groups

public groups: pulumi.Output<string[] | undefined>;

Groups associated with the application

property hideIos

public hideIos: pulumi.Output<boolean | undefined>;

Do not display application icon on mobile app

property hideWeb

public hideWeb: pulumi.Output<boolean | undefined>;

Do not display application icon to users

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property label

public label: pulumi.Output<string>;

The Application’s display name.

property name

public name: pulumi.Output<string>;

name of app.

property requestIntegration

public requestIntegration: pulumi.Output<boolean | undefined>;

Would you like Okta to add an integration for this app?

property signOnMode

public signOnMode: pulumi.Output<string>;

Sign on mode of application.

property status

public status: pulumi.Output<string | undefined>;

Status of application.

property url

public url: pulumi.Output<string>;

The URL of the bookmark.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property users

public users: pulumi.Output<BookmarkUser[] | undefined>;

Users associated with the application

Resource GroupAssignment

class GroupAssignment extends CustomResource

Assigns a group to an application.

This resource allows you to create an App Group assignment.

When using this resource, make sure to add the following lifefycle argument to the application resource you are assigning to:

import * as pulumi from "@pulumi/pulumi";

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.GroupAssignment("example", {
    appId: "<app id>",
    groupId: "<group id>",
    profile: `{
  "<app_profile_field>": "<value>"
}
`,
});

constructor

new GroupAssignment(name: string, args: GroupAssignmentArgs, opts?: pulumi.CustomResourceOptions)

Create a GroupAssignment resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GroupAssignmentState, opts?: pulumi.CustomResourceOptions): GroupAssignment

Get an existing GroupAssignment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is GroupAssignment

Returns true if the given object is an instance of GroupAssignment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property appId

public appId: pulumi.Output<string>;

The ID of the application to assign a group to.

property groupId

public groupId: pulumi.Output<string>;

The ID of the group to assign the app to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property priority

public priority: pulumi.Output<number | undefined>;

property profile

public profile: pulumi.Output<string | undefined>;

JSON document containing application profile

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource OAuth

class OAuth extends CustomResource

Creates an OIDC Application.

This resource allows you to create and configure an OIDC Application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.OAuth("example", {
    grantTypes: ["authorizationCode"],
    label: "example",
    redirectUris: ["https://example.com/"],
    responseTypes: ["code"],
    type: "web",
});

constructor

new OAuth(name: string, args: OAuthArgs, opts?: pulumi.CustomResourceOptions)

Create a OAuth resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: OAuthState, opts?: pulumi.CustomResourceOptions): OAuth

Get an existing OAuth resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is OAuth

Returns true if the given object is an instance of OAuth. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoKeyRotation

public autoKeyRotation: pulumi.Output<boolean | undefined>;

Requested key rotation mode.

property autoSubmitToolbar

public autoSubmitToolbar: pulumi.Output<boolean | undefined>;

Display auto submit toolbar.

property clientBasicSecret

public clientBasicSecret: pulumi.Output<string | undefined>;

OAuth client secret key, this can be set when tokenEndpointAuthMethod is client_secret_basic.

property clientId

public clientId: pulumi.Output<string>;

The client ID of the application.

property clientSecret

public clientSecret: pulumi.Output<string>;

The client secret of the application.

property clientUri

public clientUri: pulumi.Output<string | undefined>;

URI to a web page providing information about the client.

property consentMethod

public consentMethod: pulumi.Output<string | undefined>;

Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED.

property customClientId

public customClientId: pulumi.Output<string | undefined>;

This property allows you to set the application’s client id.

property grantTypes

public grantTypes: pulumi.Output<string[] | undefined>;

List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.

property groups

public groups: pulumi.Output<string[] | undefined>;

The groups assigned to the application. It is recommended not to use this and instead use okta.app.GroupAssignment.

property hideIos

public hideIos: pulumi.Output<boolean | undefined>;

Do not display application icon on mobile app.

property hideWeb

public hideWeb: pulumi.Output<boolean | undefined>;

Do not display application icon to users.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property issuerMode

public issuerMode: pulumi.Output<string | undefined>;

Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.

property label

public label: pulumi.Output<string>;

The Application’s display name.

property loginUri

public loginUri: pulumi.Output<string | undefined>;

URI that initiates login.

property logoUri

public logoUri: pulumi.Output<string | undefined>;

URI that references a logo for the client.

property name

public name: pulumi.Output<string>;

Name assigned to the application by Okta.

property omitSecret

public omitSecret: pulumi.Output<boolean | undefined>;

This tells the provider not to persist the application’s secret to state. If this is ever changes from true => false your app will be recreated.

property policyUri

public policyUri: pulumi.Output<string | undefined>;

URI to web page providing client policy document.

property postLogoutRedirectUris

public postLogoutRedirectUris: pulumi.Output<string[] | undefined>;

List of URIs for redirection after logout.

property profile

public profile: pulumi.Output<string | undefined>;

Custom JSON that represents an OAuth application’s profile.

property redirectUris

public redirectUris: pulumi.Output<string[] | undefined>;

List of URIs for use in the redirect-based flow. This is required for all application types except service.

property responseTypes

public responseTypes: pulumi.Output<string[] | undefined>;

List of OAuth 2.0 response type strings.

property signOnMode

public signOnMode: pulumi.Output<string>;

Sign on mode of application.

property status

public status: pulumi.Output<string | undefined>;

The status of the application, by default it is "ACTIVE".

property tokenEndpointAuthMethod

public tokenEndpointAuthMethod: pulumi.Output<string | undefined>;

Requested authentication method for the token endpoint. It can be set to "none", "clientSecretPost", "clientSecretBasic", "clientSecretJwt".

property tosUri

public tosUri: pulumi.Output<string | undefined>;

URI to web page providing client tos (terms of service).

property type

public type: pulumi.Output<string>;

The type of OAuth application.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property users

public users: pulumi.Output<OAuthUser[] | undefined>;

The users assigned to the application. It is recommended not to use this and instead use okta.app.User.

Resource OAuthRedirectUri

class OAuthRedirectUri extends CustomResource

constructor

new OAuthRedirectUri(name: string, args: OAuthRedirectUriArgs, opts?: pulumi.CustomResourceOptions)

Create a OAuthRedirectUri resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: OAuthRedirectUriState, opts?: pulumi.CustomResourceOptions): OAuthRedirectUri

Get an existing OAuthRedirectUri resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is OAuthRedirectUri

Returns true if the given object is an instance of OAuthRedirectUri. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property appId

public appId: pulumi.Output<string>;

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property uri

public uri: pulumi.Output<string>;

Redirect URI to append to Okta OIDC application.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Saml

class Saml extends CustomResource

Creates an SAML Application.

This resource allows you to create and configure an SAML Application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.Saml("example", {
    attributeStatements: [{
        filterType: "REGEX",
        filterValue: ".*",
        name: "groups",
        type: "GROUP",
    }],
    audience: "http://example.com/audience",
    authnContextClassRef: "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
    destination: "http://example.com",
    digestAlgorithm: "SHA256",
    honorForceAuthn: false,
    label: "example",
    recipient: "http://example.com",
    responseSigned: true,
    signatureAlgorithm: "RSA_SHA256",
    ssoUrl: "http://example.com",
    subjectNameIdFormat: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
    subjectNameIdTemplate: "${user.userName}",
});

constructor

new Saml(name: string, args: SamlArgs, opts?: pulumi.CustomResourceOptions)

Create a Saml resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SamlState, opts?: pulumi.CustomResourceOptions): Saml

Get an existing Saml resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Saml

Returns true if the given object is an instance of Saml. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accessibilityErrorRedirectUrl

public accessibilityErrorRedirectUrl: pulumi.Output<string | undefined>;

Custom error page URL.

property accessibilityLoginRedirectUrl

public accessibilityLoginRedirectUrl: pulumi.Output<string | undefined>;

Custom login page URL.

property accessibilitySelfService

public accessibilitySelfService: pulumi.Output<boolean | undefined>;

Enable self service.

property appSettingsJson

public appSettingsJson: pulumi.Output<string | undefined>;

Application settings in JSON format.

property assertionSigned

public assertionSigned: pulumi.Output<boolean | undefined>;

Determines whether the SAML assertion is digitally signed.

property attributeStatements

public attributeStatements: pulumi.Output<SamlAttributeStatement[] | undefined>;

List of SAML Attribute statements.

property audience

public audience: pulumi.Output<string | undefined>;

Audience restriction.

property authnContextClassRef

public authnContextClassRef: pulumi.Output<string | undefined>;

Identifies the SAML authentication context class for the assertion’s authentication statement.

property autoSubmitToolbar

public autoSubmitToolbar: pulumi.Output<boolean | undefined>;

Display auto submit toolbar.

property certificate

public certificate: pulumi.Output<string>;

The raw signing certificate.

property defaultRelayState

public defaultRelayState: pulumi.Output<string | undefined>;

Identifies a specific application resource in an IDP initiated SSO scenario.

property destination

public destination: pulumi.Output<string | undefined>;

Identifies the location where the SAML response is intended to be sent inside of the SAML assertion.

property digestAlgorithm

public digestAlgorithm: pulumi.Output<string | undefined>;

Determines the digest algorithm used to digitally sign the SAML assertion and response.

property entityKey

public entityKey: pulumi.Output<string>;

Entity ID, the ID portion of the entityUrl.

property entityUrl

public entityUrl: pulumi.Output<string>;

Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8.

property features

public features: pulumi.Output<string[] | undefined>;

features enabled.

property groups

public groups: pulumi.Output<string[] | undefined>;

Groups associated with the application

property hideIos

public hideIos: pulumi.Output<boolean | undefined>;

Do not display application icon on mobile app.

property hideWeb

public hideWeb: pulumi.Output<boolean | undefined>;

Do not display application icon to users

property honorForceAuthn

public honorForceAuthn: pulumi.Output<boolean | undefined>;

Prompt user to re-authenticate if SP asks for it.

property httpPostBinding

public httpPostBinding: pulumi.Output<string>;

urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.

property httpRedirectBinding

public httpRedirectBinding: pulumi.Output<string>;

urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property idpIssuer

public idpIssuer: pulumi.Output<string | undefined>;

SAML issuer ID.

property keyId

public keyId: pulumi.Output<string>;

Certificate key ID.

property keyName

public keyName: pulumi.Output<string | undefined>;

Certificate name. This modulates the rotation of keys. New name == new key.

property keyYearsValid

public keyYearsValid: pulumi.Output<number | undefined>;

Number of years the certificate is valid.

property label

public label: pulumi.Output<string>;

label of application.

property metadata

public metadata: pulumi.Output<string>;

The raw SAML metadata in XML.

property name

public name: pulumi.Output<string>;

The name of the attribute statement.

property preconfiguredApp

public preconfiguredApp: pulumi.Output<string | undefined>;

name of application from the Okta Integration Network, if not included a custom app will be created.

property recipient

public recipient: pulumi.Output<string | undefined>;

The location where the app may present the SAML assertion.

property requestCompressed

public requestCompressed: pulumi.Output<boolean | undefined>;

Denotes whether the request is compressed or not.

property responseSigned

public responseSigned: pulumi.Output<boolean | undefined>;

Determines whether the SAML auth response message is digitally signed.

property signOnMode

public signOnMode: pulumi.Output<string>;

Sign on mode of application.

property signatureAlgorithm

public signatureAlgorithm: pulumi.Output<string | undefined>;

Signature algorithm used ot digitally sign the assertion and response.

property spIssuer

public spIssuer: pulumi.Output<string | undefined>;

SAML service provider issuer.

property ssoUrl

public ssoUrl: pulumi.Output<string | undefined>;

Single Sign on Url.

property status

public status: pulumi.Output<string | undefined>;

status of application.

property subjectNameIdFormat

public subjectNameIdFormat: pulumi.Output<string | undefined>;

Identifies the SAML processing rules.

property subjectNameIdTemplate

public subjectNameIdTemplate: pulumi.Output<string | undefined>;

Template for app user’s username when a user is assigned to the app.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userNameTemplate

public userNameTemplate: pulumi.Output<string | undefined>;

Username template.

property userNameTemplateSuffix

public userNameTemplateSuffix: pulumi.Output<string | undefined>;

Username template suffix.

property userNameTemplateType

public userNameTemplateType: pulumi.Output<string | undefined>;

Username template type.

property users

public users: pulumi.Output<SamlUser[] | undefined>;

Users associated with the application

Resource SecurePasswordStore

class SecurePasswordStore extends CustomResource

Creates a Secure Password Store Application.

This resource allows you to create and configure a Secure Password Store Application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.SecurePasswordStore("example", {
    credentialsScheme: "ADMIN_SETS_CREDENTIALS",
    label: "example",
    passwordField: "pass",
    url: "http://test.com",
    usernameField: "user",
});

constructor

new SecurePasswordStore(name: string, args: SecurePasswordStoreArgs, opts?: pulumi.CustomResourceOptions)

Create a SecurePasswordStore resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecurePasswordStoreState, opts?: pulumi.CustomResourceOptions): SecurePasswordStore

Get an existing SecurePasswordStore resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is SecurePasswordStore

Returns true if the given object is an instance of SecurePasswordStore. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accessibilityErrorRedirectUrl

public accessibilityErrorRedirectUrl: pulumi.Output<string | undefined>;

Custom error page URL.

property accessibilitySelfService

public accessibilitySelfService: pulumi.Output<boolean | undefined>;

Enable self service. By default it is false.

property autoSubmitToolbar

public autoSubmitToolbar: pulumi.Output<boolean | undefined>;

Display auto submit toolbar.

property credentialsScheme

public credentialsScheme: pulumi.Output<string | undefined>;

Application credentials scheme. Can be set to "EDIT_USERNAME_AND_PASSWORD", "ADMIN_SETS_CREDENTIALS", "EDIT_PASSWORD_ONLY", "EXTERNAL_PASSWORD_SYNC", or "SHARED_USERNAME_AND_PASSWORD".

property groups

public groups: pulumi.Output<string[] | undefined>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

public hideIos: pulumi.Output<boolean | undefined>;

Do not display application icon on mobile app.

property hideWeb

public hideWeb: pulumi.Output<boolean | undefined>;

Do not display application icon to users.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property label

public label: pulumi.Output<string>;

The display name of the Application.

property name

public name: pulumi.Output<string>;

Name assigned to the application by Okta.

property optionalField1

public optionalField1: pulumi.Output<string | undefined>;

Name of optional param in the login form.

property optionalField1Value

public optionalField1Value: pulumi.Output<string | undefined>;

Name of optional value in the login form.

property optionalField2

public optionalField2: pulumi.Output<string | undefined>;

Name of optional param in the login form.

property optionalField2Value

public optionalField2Value: pulumi.Output<string | undefined>;

Name of optional value in the login form.

property optionalField3

public optionalField3: pulumi.Output<string | undefined>;

Name of optional param in the login form.

property optionalField3Value

public optionalField3Value: pulumi.Output<string | undefined>;

Name of optional value in the login form.

property passwordField

public passwordField: pulumi.Output<string>;

Login password field.

property revealPassword

public revealPassword: pulumi.Output<boolean | undefined>;

Allow user to reveal password.

property sharedPassword

public sharedPassword: pulumi.Output<string | undefined>;

Shared password, required for certain schemes.

property sharedUsername

public sharedUsername: pulumi.Output<string | undefined>;

Shared username, required for certain schemes.

property signOnMode

public signOnMode: pulumi.Output<string>;

Sign on mode of application.

property status

public status: pulumi.Output<string | undefined>;

Status of application. By default it is "ACTIVE".

property url

public url: pulumi.Output<string>;

Login URL.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userNameTemplate

public userNameTemplate: pulumi.Output<string>;

The default username assigned to each user.

property userNameTemplateType

public userNameTemplateType: pulumi.Output<string>;

The Username template type.

property usernameField

public usernameField: pulumi.Output<string>;

Login username field.

property users

public users: pulumi.Output<SecurePasswordStoreUser[] | undefined>;

The users assigned to the application. See okta.app.User for a more flexible approach.

Resource Swa

class Swa extends CustomResource

Creates an SWA Application.

This resource allows you to create and configure an SWA Application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.Swa("example", {
    buttonField: "btn-login",
    label: "example",
    passwordField: "txtbox-password",
    url: "https://example.com/login.html",
    usernameField: "txtbox-username",
});

constructor

new Swa(name: string, args: SwaArgs, opts?: pulumi.CustomResourceOptions)

Create a Swa resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SwaState, opts?: pulumi.CustomResourceOptions): Swa

Get an existing Swa resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Swa

Returns true if the given object is an instance of Swa. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accessibilityErrorRedirectUrl

public accessibilityErrorRedirectUrl: pulumi.Output<string | undefined>;

Custom error page URL.

property accessibilitySelfService

public accessibilitySelfService: pulumi.Output<boolean | undefined>;

Enable self service. By default it is false.

property autoSubmitToolbar

public autoSubmitToolbar: pulumi.Output<boolean | undefined>;

Display auto submit toolbar.

property buttonField

public buttonField: pulumi.Output<string | undefined>;

Login button field.

property groups

public groups: pulumi.Output<string[] | undefined>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

public hideIos: pulumi.Output<boolean | undefined>;

Do not display application icon on mobile app.

property hideWeb

public hideWeb: pulumi.Output<boolean | undefined>;

Do not display application icon to users.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property label

public label: pulumi.Output<string>;

The display name of the Application.

property name

public name: pulumi.Output<string>;

Name assigned to the application by Okta.

property passwordField

public passwordField: pulumi.Output<string | undefined>;

Login password field.

property preconfiguredApp

public preconfiguredApp: pulumi.Output<string | undefined>;

name of application from the Okta Integration Network, if not included a custom app will be created.

property signOnMode

public signOnMode: pulumi.Output<string>;

Sign on mode of application.

property status

public status: pulumi.Output<string | undefined>;

Status of application. By default it is "ACTIVE".

property url

public url: pulumi.Output<string | undefined>;

Login URL.

property urlRegex

public urlRegex: pulumi.Output<string | undefined>;

A regex that further restricts URL to the specified regex.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userNameTemplate

public userNameTemplate: pulumi.Output<string>;

The default username assigned to each user.

property userNameTemplateType

public userNameTemplateType: pulumi.Output<string>;

The Username template type.

property usernameField

public usernameField: pulumi.Output<string | undefined>;

Login username field.

property users

public users: pulumi.Output<SwaUser[] | undefined>;

The users assigned to the application. See okta.app.User for a more flexible approach.

Resource ThreeField

class ThreeField extends CustomResource

Creates an Three Field Application.

This resource allows you to create and configure an Three Field Application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.ThreeField("example", {
    credentialsScheme: "EDIT_USERNAME_AND_PASSWORD",
    label: "Example App",
    revealPassword: true,
    signOnRedirectUrl: "https://example.com",
    signOnUrl: "https://example.com/login.html",
});

constructor

new ThreeField(name: string, args: ThreeFieldArgs, opts?: pulumi.CustomResourceOptions)

Create a ThreeField resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ThreeFieldState, opts?: pulumi.CustomResourceOptions): ThreeField

Get an existing ThreeField resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ThreeField

Returns true if the given object is an instance of ThreeField. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accessibilityErrorRedirectUrl

public accessibilityErrorRedirectUrl: pulumi.Output<string | undefined>;

Custom error page URL.

property accessibilitySelfService

public accessibilitySelfService: pulumi.Output<boolean | undefined>;

Enable self service. By default it is false.

property autoSubmitToolbar

public autoSubmitToolbar: pulumi.Output<boolean | undefined>;

Display auto submit toolbar.

property buttonSelector

public buttonSelector: pulumi.Output<string>;

Login button field CSS selector.

property extraFieldSelector

public extraFieldSelector: pulumi.Output<string>;

Extra field CSS selector.

property extraFieldValue

public extraFieldValue: pulumi.Output<string>;

Value for extra form field.

property groups

public groups: pulumi.Output<string[] | undefined>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

public hideIos: pulumi.Output<boolean | undefined>;

Do not display application icon on mobile app.

property hideWeb

public hideWeb: pulumi.Output<boolean | undefined>;

Do not display application icon to users.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property label

public label: pulumi.Output<string>;

The display name of the Application.

property name

public name: pulumi.Output<string>;

Name assigned to the application by Okta.

property passwordSelector

public passwordSelector: pulumi.Output<string>;

Login password field CSS selector.

property signOnMode

public signOnMode: pulumi.Output<string>;

Sign on mode of application.

property status

public status: pulumi.Output<string | undefined>;

Status of application. By default it is "ACTIVE".

property url

public url: pulumi.Output<string>;

Login URL.

property urlRegex

public urlRegex: pulumi.Output<string | undefined>;

A regex that further restricts URL to the specified regex.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userNameTemplate

public userNameTemplate: pulumi.Output<string>;

The default username assigned to each user.

property userNameTemplateType

public userNameTemplateType: pulumi.Output<string>;

The Username template type.

property usernameSelector

public usernameSelector: pulumi.Output<string>;

Login username field CSS selector.

property users

public users: pulumi.Output<ThreeFieldUser[] | undefined>;

The users assigned to the application. See okta.app.User for a more flexible approach.

Resource User

class User extends CustomResource

Creates an Application User.

This resource allows you to create and configure an Application User.

When using this resource, make sure to add the following lifefycle argument to the application resource you are assigning to:

import * as pulumi from "@pulumi/pulumi";

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.User("example", {
    appId: "<app_id>",
    userId: "<user id>",
    username: "example",
});

constructor

new User(name: string, args: UserArgs, opts?: pulumi.CustomResourceOptions)

Create a User resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserState, opts?: pulumi.CustomResourceOptions): User

Get an existing User resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is User

Returns true if the given object is an instance of User. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property appId

public appId: pulumi.Output<string>;

App to associate user with.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property password

public password: pulumi.Output<string | undefined>;

The password to use.

property profile

public profile: pulumi.Output<string | undefined>;

The JSON profile of the App User.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userId

public userId: pulumi.Output<string>;

User to associate the application with.

property username

public username: pulumi.Output<string>;

The username to use for the app user.

Resource UserBaseSchema

class UserBaseSchema extends CustomResource

Manages an Application User Base Schema property.

This resource allows you to configure a base app user schema property.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.UserBaseSchema("example", {
    appId: "<app id>",
    index: "customPropertyName",
    master: "OKTA",
    title: "customPropertyName",
    type: "string",
});

constructor

new UserBaseSchema(name: string, args: UserBaseSchemaArgs, opts?: pulumi.CustomResourceOptions)

Create a UserBaseSchema resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserBaseSchemaState, opts?: pulumi.CustomResourceOptions): UserBaseSchema

Get an existing UserBaseSchema resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is UserBaseSchema

Returns true if the given object is an instance of UserBaseSchema. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property appId

public appId: pulumi.Output<string>;

The Application’s ID the user schema property should be assigned to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property index

public index: pulumi.Output<string>;

The property name.

property master

public master: pulumi.Output<string | undefined>;

Master priority for the user schema property. It can be set to "PROFILE_MASTER" or "OKTA".

property permissions

public permissions: pulumi.Output<string | undefined>;

Access control permissions for the property. It can be set to "READ_WRITE", "READ_ONLY", "HIDE".

property required

public required: pulumi.Output<boolean | undefined>;

Whether the property is required for this application’s users.

property title

public title: pulumi.Output<string>;

The property display name.

property type

public type: pulumi.Output<string>;

The type of the schema property. It can be "string", "boolean", "number", "integer", "array", or "object".

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource UserSchema

class UserSchema extends CustomResource

Creates an Application User Schema property.

This resource allows you to create and configure a custom user schema property and associate it with an application.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.app.UserSchema("example", {
    appId: "<app id>",
    description: "My custom property name",
    index: "customPropertyName",
    master: "OKTA",
    scope: "SELF",
    title: "customPropertyName",
    type: "string",
});

constructor

new UserSchema(name: string, args: UserSchemaArgs, opts?: pulumi.CustomResourceOptions)

Create a UserSchema resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserSchemaState, opts?: pulumi.CustomResourceOptions): UserSchema

Get an existing UserSchema resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is UserSchema

Returns true if the given object is an instance of UserSchema. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property appId

public appId: pulumi.Output<string>;

The Application’s ID the user custom schema property should be assigned to.

property arrayEnums

public arrayEnums: pulumi.Output<string[] | undefined>;

Array of values that an array property’s items can be set to.

property arrayOneOfs

public arrayOneOfs: pulumi.Output<UserSchemaArrayOneOf[] | undefined>;

Display name and value an enum array can be set to.

property arrayType

public arrayType: pulumi.Output<string | undefined>;

The type of the array elements if type is set to "array".

property description

public description: pulumi.Output<string | undefined>;

The description of the user schema property.

property enums

public enums: pulumi.Output<string[] | undefined>;

Array of values a primitive property can be set to. See arrayEnum for arrays.

property externalName

public externalName: pulumi.Output<string | undefined>;

External name of the user schema property.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property index

public index: pulumi.Output<string>;

The property name.

property master

public master: pulumi.Output<string | undefined>;

Master priority for the user schema property. It can be set to "PROFILE_MASTER" or "OKTA".

property maxLength

public maxLength: pulumi.Output<number | undefined>;

The maximum length of the user property value. Only applies to type "string".

property minLength

public minLength: pulumi.Output<number | undefined>;

The minimum length of the user property value. Only applies to type "string".

property oneOfs

public oneOfs: pulumi.Output<UserSchemaOneOf[] | undefined>;

Array of maps containing a mapping for display name to enum value.

property permissions

public permissions: pulumi.Output<string | undefined>;

Access control permissions for the property. It can be set to "READ_WRITE", "READ_ONLY", "HIDE".

property required

public required: pulumi.Output<boolean | undefined>;

Whether the property is required for this application’s users.

property scope

public scope: pulumi.Output<string | undefined>;

determines whether an app user attribute can be set at the Individual or Group Level.

property title

public title: pulumi.Output<string>;

display name for the enum value.

property type

public type: pulumi.Output<string>;

The type of the schema property. It can be "string", "boolean", "number", "integer", "array", or "object".

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Functions

Function getApp

getApp(args?: GetAppArgs, opts?: pulumi.InvokeOptions): Promise<GetAppResult>

Use this data source to retrieve the collaborators for a given repository.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = pulumi.output(okta.app.getApp({
    label: "Example App",
}, { async: true }));

Function getMetadataSaml

getMetadataSaml(args: GetMetadataSamlArgs, opts?: pulumi.InvokeOptions): Promise<GetMetadataSamlResult>

Use this data source to retrieve the collaborators for a given repository.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = pulumi.output(okta.app.getMetadataSaml({
    appId: "<app id>",
    keyId: "<cert key id>",
}, { async: true }));

Function getSaml

getSaml(args?: GetSamlArgs, opts?: pulumi.InvokeOptions): Promise<GetSamlResult>

Use this data source to retrieve the collaborators for a given repository.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = pulumi.output(okta.app.getSaml({
    label: "Example App",
}, { async: true }));

Others

interface AutoLoginArgs

interface AutoLoginArgs

The set of arguments for constructing a AutoLogin resource.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar

property credentialsScheme

credentialsScheme?: pulumi.Input<string>;

Application credentials scheme

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users

property label

label: pulumi.Input<string>;

The Application’s display name.

property preconfiguredApp

preconfiguredApp?: pulumi.Input<string>;

Tells Okta to use an existing application in their application catalog, as opposed to a custom application.

property revealPassword

revealPassword?: pulumi.Input<boolean>;

Allow user to reveal password

property sharedPassword

sharedPassword?: pulumi.Input<string>;

Shared password, required for certain schemes.

property sharedUsername

sharedUsername?: pulumi.Input<string>;

Shared username, required for certain schemes.

property signOnRedirectUrl

signOnRedirectUrl?: pulumi.Input<string>;

Post login redirect URL

property signOnUrl

signOnUrl?: pulumi.Input<string>;

Login URL

property status

status?: pulumi.Input<string>;

The status of the application, by default it is "ACTIVE".

property users

users?: pulumi.Input<pulumi.Input<AutoLoginUser>[]>;

Users associated with the application

interface AutoLoginState

interface AutoLoginState

Input properties used for looking up and filtering AutoLogin resources.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar

property credentialsScheme

credentialsScheme?: pulumi.Input<string>;

Application credentials scheme

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users

property label

label?: pulumi.Input<string>;

The Application’s display name.

property name

name?: pulumi.Input<string>;

Name assigned to the application by Okta.

property preconfiguredApp

preconfiguredApp?: pulumi.Input<string>;

Tells Okta to use an existing application in their application catalog, as opposed to a custom application.

property revealPassword

revealPassword?: pulumi.Input<boolean>;

Allow user to reveal password

property sharedPassword

sharedPassword?: pulumi.Input<string>;

Shared password, required for certain schemes.

property sharedUsername

sharedUsername?: pulumi.Input<string>;

Shared username, required for certain schemes.

property signOnMode

signOnMode?: pulumi.Input<string>;

Sign on mode of application.

property signOnRedirectUrl

signOnRedirectUrl?: pulumi.Input<string>;

Post login redirect URL

property signOnUrl

signOnUrl?: pulumi.Input<string>;

Login URL

property status

status?: pulumi.Input<string>;

The status of the application, by default it is "ACTIVE".

property userNameTemplate

userNameTemplate?: pulumi.Input<string>;

Username template

property userNameTemplateType

userNameTemplateType?: pulumi.Input<string>;

Username template type

property users

users?: pulumi.Input<pulumi.Input<AutoLoginUser>[]>;

Users associated with the application

interface BasicAuthArgs

interface BasicAuthArgs

The set of arguments for constructing a BasicAuth resource.

property authUrl

authUrl?: pulumi.Input<string>;

The URL of the authenticating site for this app.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users

property label

label: pulumi.Input<string>;

The Application’s display name.

property status

status?: pulumi.Input<string>;

Status of application.

property url

url?: pulumi.Input<string>;

The URL of the sign-in page for this app.

property users

users?: pulumi.Input<pulumi.Input<BasicAuthUser>[]>;

Users associated with the application

interface BasicAuthState

interface BasicAuthState

Input properties used for looking up and filtering BasicAuth resources.

property authUrl

authUrl?: pulumi.Input<string>;

The URL of the authenticating site for this app.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users

property label

label?: pulumi.Input<string>;

The Application’s display name.

property name

name?: pulumi.Input<string>;

name of app.

property signOnMode

signOnMode?: pulumi.Input<string>;

Sign on mode of application.

property status

status?: pulumi.Input<string>;

Status of application.

property url

url?: pulumi.Input<string>;

The URL of the sign-in page for this app.

property users

users?: pulumi.Input<pulumi.Input<BasicAuthUser>[]>;

Users associated with the application

interface BookmarkArgs

interface BookmarkArgs

The set of arguments for constructing a Bookmark resource.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users

property label

label: pulumi.Input<string>;

The Application’s display name.

property requestIntegration

requestIntegration?: pulumi.Input<boolean>;

Would you like Okta to add an integration for this app?

property status

status?: pulumi.Input<string>;

Status of application.

property url

url: pulumi.Input<string>;

The URL of the bookmark.

property users

users?: pulumi.Input<pulumi.Input<BookmarkUser>[]>;

Users associated with the application

interface BookmarkState

interface BookmarkState

Input properties used for looking up and filtering Bookmark resources.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users

property label

label?: pulumi.Input<string>;

The Application’s display name.

property name

name?: pulumi.Input<string>;

name of app.

property requestIntegration

requestIntegration?: pulumi.Input<boolean>;

Would you like Okta to add an integration for this app?

property signOnMode

signOnMode?: pulumi.Input<string>;

Sign on mode of application.

property status

status?: pulumi.Input<string>;

Status of application.

property url

url?: pulumi.Input<string>;

The URL of the bookmark.

property users

users?: pulumi.Input<pulumi.Input<BookmarkUser>[]>;

Users associated with the application

interface GetAppArgs

interface GetAppArgs

A collection of arguments for invoking getApp.

property activeOnly

activeOnly?: undefined | false | true;

tells the provider to query for only ACTIVE applications.

property id

id?: undefined | string;

id of application to retrieve, conflicts with label and labelPrefix.

property label

label?: undefined | string;

The label of the app to retrieve, conflicts with labelPrefix and id.

property labelPrefix

labelPrefix?: undefined | string;

Label prefix of the app to retrieve, conflicts with label and id. This will tell the provider to do a starts with query as opposed to an equals query.

interface GetAppResult

interface GetAppResult

A collection of values returned by getApp.

property activeOnly

activeOnly?: undefined | false | true;

property description

description: string;

description of application.

property id

id?: undefined | string;

id of application.

property label

label?: undefined | string;

label of application.

property labelPrefix

labelPrefix?: undefined | string;

property name

name: string;

name of application.

property status

status: string;

status of application.

interface GetMetadataSamlArgs

interface GetMetadataSamlArgs

A collection of arguments for invoking getMetadataSaml.

property appId

appId: string;

The application ID.

property keyId

keyId: string;

Certificate Key ID.

interface GetMetadataSamlResult

interface GetMetadataSamlResult

A collection of values returned by getMetadataSaml.

property appId

appId: string;

property certificate

certificate: string;

public certificate from application metadata.

property entityId

entityId: string;

Entity URL for instance https://www.okta.com/saml2/service-provider/sposcfdmlybtwkdcgtuf.

property httpPostBinding

httpPostBinding: string;

urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.

property httpRedirectBinding

httpRedirectBinding: string;

urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property keyId

keyId: string;

property metadata

metadata: string;

raw metadata of application.

property wantAuthnRequestsSigned

wantAuthnRequestsSigned: boolean;

Whether authn requests are signed.

interface GetSamlArgs

interface GetSamlArgs

A collection of arguments for invoking getSaml.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: undefined | string;

Custom error page URL.

property accessibilityLoginRedirectUrl

accessibilityLoginRedirectUrl?: undefined | string;

Custom login page URL.

property accessibilitySelfService

accessibilitySelfService?: undefined | false | true;

Enable self service.

property activeOnly

activeOnly?: undefined | false | true;

tells the provider to query for only ACTIVE applications.

property appSettingsJson

appSettingsJson?: undefined | string;

Application settings in JSON format.

property assertionSigned

assertionSigned?: undefined | false | true;

Determines whether the SAML assertion is digitally signed.

property attributeStatements

attributeStatements?: GetSamlAttributeStatement[];

SAML Attribute statements.

property audience

audience?: undefined | string;

Audience restriction.

property authnContextClassRef

authnContextClassRef?: undefined | string;

Identifies the SAML authentication context class for the assertion’s authentication statement.

property autoSubmitToolbar

autoSubmitToolbar?: undefined | false | true;

Display auto submit toolbar.

property defaultRelayState

defaultRelayState?: undefined | string;

Identifies a specific application resource in an IDP initiated SSO scenario.

property destination

destination?: undefined | string;

Identifies the location where the SAML response is intended to be sent inside of the SAML assertion.

property digestAlgorithm

digestAlgorithm?: undefined | string;

Determines the digest algorithm used to digitally sign the SAML assertion and response.

property features

features?: string[];

features enabled.

property hideIos

hideIos?: undefined | false | true;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: undefined | false | true;

Do not display application icon to users

property honorForceAuthn

honorForceAuthn?: undefined | false | true;

Prompt user to re-authenticate if SP asks for it.

property id

id?: undefined | string;

id of application to retrieve, conflicts with label and labelPrefix.

property idpIssuer

idpIssuer?: undefined | string;

SAML issuer ID.

property label

label?: undefined | string;

The label of the app to retrieve, conflicts with labelPrefix and id.

property labelPrefix

labelPrefix?: undefined | string;

Label prefix of the app to retrieve, conflicts with label and id. This will tell the provider to do a starts with query as opposed to an equals query.

property recipient

recipient?: undefined | string;

The location where the app may present the SAML assertion.

property requestCompressed

requestCompressed?: undefined | false | true;

Denotes whether the request is compressed or not.

property responseSigned

responseSigned?: undefined | false | true;

Determines whether the SAML auth response message is digitally signed.

property signatureAlgorithm

signatureAlgorithm?: undefined | string;

Signature algorithm used ot digitally sign the assertion and response.

property spIssuer

spIssuer?: undefined | string;

SAML service provider issuer.

property ssoUrl

ssoUrl?: undefined | string;

Single Sign on Url.

property subjectNameIdFormat

subjectNameIdFormat?: undefined | string;

Identifies the SAML processing rules.

property subjectNameIdTemplate

subjectNameIdTemplate?: undefined | string;

Template for app user’s username when a user is assigned to the app.

property userNameTemplate

userNameTemplate?: undefined | string;

Username template.

property userNameTemplateSuffix

userNameTemplateSuffix?: undefined | string;

Username template suffix.

property userNameTemplateType

userNameTemplateType?: undefined | string;

Username template type.

interface GetSamlResult

interface GetSamlResult

A collection of values returned by getSaml.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: undefined | string;

Custom error page URL.

property accessibilityLoginRedirectUrl

accessibilityLoginRedirectUrl?: undefined | string;

Custom login page URL.

property accessibilitySelfService

accessibilitySelfService?: undefined | false | true;

Enable self service.

property activeOnly

activeOnly?: undefined | false | true;

property appSettingsJson

appSettingsJson?: undefined | string;

Application settings in JSON format.

property assertionSigned

assertionSigned?: undefined | false | true;

Determines whether the SAML assertion is digitally signed.

property attributeStatements

attributeStatements?: GetSamlAttributeStatement[];

SAML Attribute statements.

property audience

audience?: undefined | string;

Audience restriction.

property authnContextClassRef

authnContextClassRef?: undefined | string;

Identifies the SAML authentication context class for the assertion’s authentication statement.

property autoSubmitToolbar

autoSubmitToolbar?: undefined | false | true;

Display auto submit toolbar.

property defaultRelayState

defaultRelayState?: undefined | string;

Identifies a specific application resource in an IDP initiated SSO scenario.

property description

description: string;

description of application.

property destination

destination?: undefined | string;

Identifies the location where the SAML response is intended to be sent inside of the SAML assertion.

property digestAlgorithm

digestAlgorithm?: undefined | string;

Determines the digest algorithm used to digitally sign the SAML assertion and response.

property features

features?: string[];

features enabled.

property hideIos

hideIos?: undefined | false | true;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: undefined | false | true;

Do not display application icon to users

property honorForceAuthn

honorForceAuthn?: undefined | false | true;

Prompt user to re-authenticate if SP asks for it.

property id

id?: undefined | string;

id of application.

property idpIssuer

idpIssuer?: undefined | string;

SAML issuer ID.

property keyId

keyId: string;

Certificate key ID.

property label

label?: undefined | string;

label of application.

property labelPrefix

labelPrefix?: undefined | string;

property name

name: string;

name of application.

property recipient

recipient?: undefined | string;

The location where the app may present the SAML assertion.

property requestCompressed

requestCompressed?: undefined | false | true;

Denotes whether the request is compressed or not.

property responseSigned

responseSigned?: undefined | false | true;

Determines whether the SAML auth response message is digitally signed.

property signatureAlgorithm

signatureAlgorithm?: undefined | string;

Signature algorithm used ot digitally sign the assertion and response.

property spIssuer

spIssuer?: undefined | string;

SAML service provider issuer.

property ssoUrl

ssoUrl?: undefined | string;

Single Sign on Url.

property status

status: string;

status of application.

property subjectNameIdFormat

subjectNameIdFormat?: undefined | string;

Identifies the SAML processing rules.

property subjectNameIdTemplate

subjectNameIdTemplate?: undefined | string;

Template for app user’s username when a user is assigned to the app.

property userNameTemplate

userNameTemplate?: undefined | string;

Username template.

property userNameTemplateSuffix

userNameTemplateSuffix?: undefined | string;

Username template suffix.

property userNameTemplateType

userNameTemplateType?: undefined | string;

Username template type.

interface GroupAssignmentArgs

interface GroupAssignmentArgs

The set of arguments for constructing a GroupAssignment resource.

property appId

appId: pulumi.Input<string>;

The ID of the application to assign a group to.

property groupId

groupId: pulumi.Input<string>;

The ID of the group to assign the app to.

property priority

priority?: pulumi.Input<number>;

property profile

profile?: pulumi.Input<string>;

JSON document containing application profile

interface GroupAssignmentState

interface GroupAssignmentState

Input properties used for looking up and filtering GroupAssignment resources.

property appId

appId?: pulumi.Input<string>;

The ID of the application to assign a group to.

property groupId

groupId?: pulumi.Input<string>;

The ID of the group to assign the app to.

property priority

priority?: pulumi.Input<number>;

property profile

profile?: pulumi.Input<string>;

JSON document containing application profile

interface OAuthArgs

interface OAuthArgs

The set of arguments for constructing a OAuth resource.

property autoKeyRotation

autoKeyRotation?: pulumi.Input<boolean>;

Requested key rotation mode.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property clientBasicSecret

clientBasicSecret?: pulumi.Input<string>;

OAuth client secret key, this can be set when tokenEndpointAuthMethod is client_secret_basic.

property clientUri

clientUri?: pulumi.Input<string>;

URI to a web page providing information about the client.

property consentMethod

consentMethod?: pulumi.Input<string>;

Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED.

property customClientId

customClientId?: pulumi.Input<string>;

This property allows you to set the application’s client id.

property grantTypes

grantTypes?: pulumi.Input<pulumi.Input<string>[]>;

List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

The groups assigned to the application. It is recommended not to use this and instead use okta.app.GroupAssignment.

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users.

property issuerMode

issuerMode?: pulumi.Input<string>;

Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.

property label

label: pulumi.Input<string>;

The Application’s display name.

property loginUri

loginUri?: pulumi.Input<string>;

URI that initiates login.

property logoUri

logoUri?: pulumi.Input<string>;

URI that references a logo for the client.

property omitSecret

omitSecret?: pulumi.Input<boolean>;

This tells the provider not to persist the application’s secret to state. If this is ever changes from true => false your app will be recreated.

property policyUri

policyUri?: pulumi.Input<string>;

URI to web page providing client policy document.

property postLogoutRedirectUris

postLogoutRedirectUris?: pulumi.Input<pulumi.Input<string>[]>;

List of URIs for redirection after logout.

property profile

profile?: pulumi.Input<string>;

Custom JSON that represents an OAuth application’s profile.

property redirectUris

redirectUris?: pulumi.Input<pulumi.Input<string>[]>;

List of URIs for use in the redirect-based flow. This is required for all application types except service.

property responseTypes

responseTypes?: pulumi.Input<pulumi.Input<string>[]>;

List of OAuth 2.0 response type strings.

property status

status?: pulumi.Input<string>;

The status of the application, by default it is "ACTIVE".

property tokenEndpointAuthMethod

tokenEndpointAuthMethod?: pulumi.Input<string>;

Requested authentication method for the token endpoint. It can be set to "none", "clientSecretPost", "clientSecretBasic", "clientSecretJwt".

property tosUri

tosUri?: pulumi.Input<string>;

URI to web page providing client tos (terms of service).

property type

type: pulumi.Input<string>;

The type of OAuth application.

property users

users?: pulumi.Input<pulumi.Input<OAuthUser>[]>;

The users assigned to the application. It is recommended not to use this and instead use okta.app.User.

interface OAuthRedirectUriArgs

interface OAuthRedirectUriArgs

The set of arguments for constructing a OAuthRedirectUri resource.

property appId

appId: pulumi.Input<string>;

property uri

uri: pulumi.Input<string>;

Redirect URI to append to Okta OIDC application.

interface OAuthRedirectUriState

interface OAuthRedirectUriState

Input properties used for looking up and filtering OAuthRedirectUri resources.

property appId

appId?: pulumi.Input<string>;

property uri

uri?: pulumi.Input<string>;

Redirect URI to append to Okta OIDC application.

interface OAuthState

interface OAuthState

Input properties used for looking up and filtering OAuth resources.

property autoKeyRotation

autoKeyRotation?: pulumi.Input<boolean>;

Requested key rotation mode.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property clientBasicSecret

clientBasicSecret?: pulumi.Input<string>;

OAuth client secret key, this can be set when tokenEndpointAuthMethod is client_secret_basic.

property clientId

clientId?: pulumi.Input<string>;

The client ID of the application.

property clientSecret

clientSecret?: pulumi.Input<string>;

The client secret of the application.

property clientUri

clientUri?: pulumi.Input<string>;

URI to a web page providing information about the client.

property consentMethod

consentMethod?: pulumi.Input<string>;

Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED.

property customClientId

customClientId?: pulumi.Input<string>;

This property allows you to set the application’s client id.

property grantTypes

grantTypes?: pulumi.Input<pulumi.Input<string>[]>;

List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

The groups assigned to the application. It is recommended not to use this and instead use okta.app.GroupAssignment.

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users.

property issuerMode

issuerMode?: pulumi.Input<string>;

Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.

property label

label?: pulumi.Input<string>;

The Application’s display name.

property loginUri

loginUri?: pulumi.Input<string>;

URI that initiates login.

property logoUri

logoUri?: pulumi.Input<string>;

URI that references a logo for the client.

property name

name?: pulumi.Input<string>;

Name assigned to the application by Okta.

property omitSecret

omitSecret?: pulumi.Input<boolean>;

This tells the provider not to persist the application’s secret to state. If this is ever changes from true => false your app will be recreated.

property policyUri

policyUri?: pulumi.Input<string>;

URI to web page providing client policy document.

property postLogoutRedirectUris

postLogoutRedirectUris?: pulumi.Input<pulumi.Input<string>[]>;

List of URIs for redirection after logout.

property profile

profile?: pulumi.Input<string>;

Custom JSON that represents an OAuth application’s profile.

property redirectUris

redirectUris?: pulumi.Input<pulumi.Input<string>[]>;

List of URIs for use in the redirect-based flow. This is required for all application types except service.

property responseTypes

responseTypes?: pulumi.Input<pulumi.Input<string>[]>;

List of OAuth 2.0 response type strings.

property signOnMode

signOnMode?: pulumi.Input<string>;

Sign on mode of application.

property status

status?: pulumi.Input<string>;

The status of the application, by default it is "ACTIVE".

property tokenEndpointAuthMethod

tokenEndpointAuthMethod?: pulumi.Input<string>;

Requested authentication method for the token endpoint. It can be set to "none", "clientSecretPost", "clientSecretBasic", "clientSecretJwt".

property tosUri

tosUri?: pulumi.Input<string>;

URI to web page providing client tos (terms of service).

property type

type?: pulumi.Input<string>;

The type of OAuth application.

property users

users?: pulumi.Input<pulumi.Input<OAuthUser>[]>;

The users assigned to the application. It is recommended not to use this and instead use okta.app.User.

interface SamlArgs

interface SamlArgs

The set of arguments for constructing a Saml resource.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL.

property accessibilityLoginRedirectUrl

accessibilityLoginRedirectUrl?: pulumi.Input<string>;

Custom login page URL.

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service.

property appSettingsJson

appSettingsJson?: pulumi.Input<string>;

Application settings in JSON format.

property assertionSigned

assertionSigned?: pulumi.Input<boolean>;

Determines whether the SAML assertion is digitally signed.

property attributeStatements

attributeStatements?: pulumi.Input<pulumi.Input<SamlAttributeStatement>[]>;

List of SAML Attribute statements.

property audience

audience?: pulumi.Input<string>;

Audience restriction.

property authnContextClassRef

authnContextClassRef?: pulumi.Input<string>;

Identifies the SAML authentication context class for the assertion’s authentication statement.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property defaultRelayState

defaultRelayState?: pulumi.Input<string>;

Identifies a specific application resource in an IDP initiated SSO scenario.

property destination

destination?: pulumi.Input<string>;

Identifies the location where the SAML response is intended to be sent inside of the SAML assertion.

property digestAlgorithm

digestAlgorithm?: pulumi.Input<string>;

Determines the digest algorithm used to digitally sign the SAML assertion and response.

property features

features?: pulumi.Input<pulumi.Input<string>[]>;

features enabled.

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users

property honorForceAuthn

honorForceAuthn?: pulumi.Input<boolean>;

Prompt user to re-authenticate if SP asks for it.

property idpIssuer

idpIssuer?: pulumi.Input<string>;

SAML issuer ID.

property keyName

keyName?: pulumi.Input<string>;

Certificate name. This modulates the rotation of keys. New name == new key.

property keyYearsValid

keyYearsValid?: pulumi.Input<number>;

Number of years the certificate is valid.

property label

label: pulumi.Input<string>;

label of application.

property preconfiguredApp

preconfiguredApp?: pulumi.Input<string>;

name of application from the Okta Integration Network, if not included a custom app will be created.

property recipient

recipient?: pulumi.Input<string>;

The location where the app may present the SAML assertion.

property requestCompressed

requestCompressed?: pulumi.Input<boolean>;

Denotes whether the request is compressed or not.

property responseSigned

responseSigned?: pulumi.Input<boolean>;

Determines whether the SAML auth response message is digitally signed.

property signatureAlgorithm

signatureAlgorithm?: pulumi.Input<string>;

Signature algorithm used ot digitally sign the assertion and response.

property spIssuer

spIssuer?: pulumi.Input<string>;

SAML service provider issuer.

property ssoUrl

ssoUrl?: pulumi.Input<string>;

Single Sign on Url.

property status

status?: pulumi.Input<string>;

status of application.

property subjectNameIdFormat

subjectNameIdFormat?: pulumi.Input<string>;

Identifies the SAML processing rules.

property subjectNameIdTemplate

subjectNameIdTemplate?: pulumi.Input<string>;

Template for app user’s username when a user is assigned to the app.

property userNameTemplate

userNameTemplate?: pulumi.Input<string>;

Username template.

property userNameTemplateSuffix

userNameTemplateSuffix?: pulumi.Input<string>;

Username template suffix.

property userNameTemplateType

userNameTemplateType?: pulumi.Input<string>;

Username template type.

property users

users?: pulumi.Input<pulumi.Input<SamlUser>[]>;

Users associated with the application

interface SamlState

interface SamlState

Input properties used for looking up and filtering Saml resources.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL.

property accessibilityLoginRedirectUrl

accessibilityLoginRedirectUrl?: pulumi.Input<string>;

Custom login page URL.

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service.

property appSettingsJson

appSettingsJson?: pulumi.Input<string>;

Application settings in JSON format.

property assertionSigned

assertionSigned?: pulumi.Input<boolean>;

Determines whether the SAML assertion is digitally signed.

property attributeStatements

attributeStatements?: pulumi.Input<pulumi.Input<SamlAttributeStatement>[]>;

List of SAML Attribute statements.

property audience

audience?: pulumi.Input<string>;

Audience restriction.

property authnContextClassRef

authnContextClassRef?: pulumi.Input<string>;

Identifies the SAML authentication context class for the assertion’s authentication statement.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property certificate

certificate?: pulumi.Input<string>;

The raw signing certificate.

property defaultRelayState

defaultRelayState?: pulumi.Input<string>;

Identifies a specific application resource in an IDP initiated SSO scenario.

property destination

destination?: pulumi.Input<string>;

Identifies the location where the SAML response is intended to be sent inside of the SAML assertion.

property digestAlgorithm

digestAlgorithm?: pulumi.Input<string>;

Determines the digest algorithm used to digitally sign the SAML assertion and response.

property entityKey

entityKey?: pulumi.Input<string>;

Entity ID, the ID portion of the entityUrl.

property entityUrl

entityUrl?: pulumi.Input<string>;

Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8.

property features

features?: pulumi.Input<pulumi.Input<string>[]>;

features enabled.

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users

property honorForceAuthn

honorForceAuthn?: pulumi.Input<boolean>;

Prompt user to re-authenticate if SP asks for it.

property httpPostBinding

httpPostBinding?: pulumi.Input<string>;

urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.

property httpRedirectBinding

httpRedirectBinding?: pulumi.Input<string>;

urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.

property idpIssuer

idpIssuer?: pulumi.Input<string>;

SAML issuer ID.

property keyId

keyId?: pulumi.Input<string>;

Certificate key ID.

property keyName

keyName?: pulumi.Input<string>;

Certificate name. This modulates the rotation of keys. New name == new key.

property keyYearsValid

keyYearsValid?: pulumi.Input<number>;

Number of years the certificate is valid.

property label

label?: pulumi.Input<string>;

label of application.

property metadata

metadata?: pulumi.Input<string>;

The raw SAML metadata in XML.

property name

name?: pulumi.Input<string>;

The name of the attribute statement.

property preconfiguredApp

preconfiguredApp?: pulumi.Input<string>;

name of application from the Okta Integration Network, if not included a custom app will be created.

property recipient

recipient?: pulumi.Input<string>;

The location where the app may present the SAML assertion.

property requestCompressed

requestCompressed?: pulumi.Input<boolean>;

Denotes whether the request is compressed or not.

property responseSigned

responseSigned?: pulumi.Input<boolean>;

Determines whether the SAML auth response message is digitally signed.

property signOnMode

signOnMode?: pulumi.Input<string>;

Sign on mode of application.

property signatureAlgorithm

signatureAlgorithm?: pulumi.Input<string>;

Signature algorithm used ot digitally sign the assertion and response.

property spIssuer

spIssuer?: pulumi.Input<string>;

SAML service provider issuer.

property ssoUrl

ssoUrl?: pulumi.Input<string>;

Single Sign on Url.

property status

status?: pulumi.Input<string>;

status of application.

property subjectNameIdFormat

subjectNameIdFormat?: pulumi.Input<string>;

Identifies the SAML processing rules.

property subjectNameIdTemplate

subjectNameIdTemplate?: pulumi.Input<string>;

Template for app user’s username when a user is assigned to the app.

property userNameTemplate

userNameTemplate?: pulumi.Input<string>;

Username template.

property userNameTemplateSuffix

userNameTemplateSuffix?: pulumi.Input<string>;

Username template suffix.

property userNameTemplateType

userNameTemplateType?: pulumi.Input<string>;

Username template type.

property users

users?: pulumi.Input<pulumi.Input<SamlUser>[]>;

Users associated with the application

interface SecurePasswordStoreArgs

interface SecurePasswordStoreArgs

The set of arguments for constructing a SecurePasswordStore resource.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL.

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service. By default it is false.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property credentialsScheme

credentialsScheme?: pulumi.Input<string>;

Application credentials scheme. Can be set to "EDIT_USERNAME_AND_PASSWORD", "ADMIN_SETS_CREDENTIALS", "EDIT_PASSWORD_ONLY", "EXTERNAL_PASSWORD_SYNC", or "SHARED_USERNAME_AND_PASSWORD".

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users.

property label

label: pulumi.Input<string>;

The display name of the Application.

property optionalField1

optionalField1?: pulumi.Input<string>;

Name of optional param in the login form.

property optionalField1Value

optionalField1Value?: pulumi.Input<string>;

Name of optional value in the login form.

property optionalField2

optionalField2?: pulumi.Input<string>;

Name of optional param in the login form.

property optionalField2Value

optionalField2Value?: pulumi.Input<string>;

Name of optional value in the login form.

property optionalField3

optionalField3?: pulumi.Input<string>;

Name of optional param in the login form.

property optionalField3Value

optionalField3Value?: pulumi.Input<string>;

Name of optional value in the login form.

property passwordField

passwordField: pulumi.Input<string>;

Login password field.

property revealPassword

revealPassword?: pulumi.Input<boolean>;

Allow user to reveal password.

property sharedPassword

sharedPassword?: pulumi.Input<string>;

Shared password, required for certain schemes.

property sharedUsername

sharedUsername?: pulumi.Input<string>;

Shared username, required for certain schemes.

property status

status?: pulumi.Input<string>;

Status of application. By default it is "ACTIVE".

property url

url: pulumi.Input<string>;

Login URL.

property usernameField

usernameField: pulumi.Input<string>;

Login username field.

property users

users?: pulumi.Input<pulumi.Input<SecurePasswordStoreUser>[]>;

The users assigned to the application. See okta.app.User for a more flexible approach.

interface SecurePasswordStoreState

interface SecurePasswordStoreState

Input properties used for looking up and filtering SecurePasswordStore resources.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL.

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service. By default it is false.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property credentialsScheme

credentialsScheme?: pulumi.Input<string>;

Application credentials scheme. Can be set to "EDIT_USERNAME_AND_PASSWORD", "ADMIN_SETS_CREDENTIALS", "EDIT_PASSWORD_ONLY", "EXTERNAL_PASSWORD_SYNC", or "SHARED_USERNAME_AND_PASSWORD".

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users.

property label

label?: pulumi.Input<string>;

The display name of the Application.

property name

name?: pulumi.Input<string>;

Name assigned to the application by Okta.

property optionalField1

optionalField1?: pulumi.Input<string>;

Name of optional param in the login form.

property optionalField1Value

optionalField1Value?: pulumi.Input<string>;

Name of optional value in the login form.

property optionalField2

optionalField2?: pulumi.Input<string>;

Name of optional param in the login form.

property optionalField2Value

optionalField2Value?: pulumi.Input<string>;

Name of optional value in the login form.

property optionalField3

optionalField3?: pulumi.Input<string>;

Name of optional param in the login form.

property optionalField3Value

optionalField3Value?: pulumi.Input<string>;

Name of optional value in the login form.

property passwordField

passwordField?: pulumi.Input<string>;

Login password field.

property revealPassword

revealPassword?: pulumi.Input<boolean>;

Allow user to reveal password.

property sharedPassword

sharedPassword?: pulumi.Input<string>;

Shared password, required for certain schemes.

property sharedUsername

sharedUsername?: pulumi.Input<string>;

Shared username, required for certain schemes.

property signOnMode

signOnMode?: pulumi.Input<string>;

Sign on mode of application.

property status

status?: pulumi.Input<string>;

Status of application. By default it is "ACTIVE".

property url

url?: pulumi.Input<string>;

Login URL.

property userNameTemplate

userNameTemplate?: pulumi.Input<string>;

The default username assigned to each user.

property userNameTemplateType

userNameTemplateType?: pulumi.Input<string>;

The Username template type.

property usernameField

usernameField?: pulumi.Input<string>;

Login username field.

property users

users?: pulumi.Input<pulumi.Input<SecurePasswordStoreUser>[]>;

The users assigned to the application. See okta.app.User for a more flexible approach.

interface SwaArgs

interface SwaArgs

The set of arguments for constructing a Swa resource.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL.

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service. By default it is false.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property buttonField

buttonField?: pulumi.Input<string>;

Login button field.

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users.

property label

label: pulumi.Input<string>;

The display name of the Application.

property passwordField

passwordField?: pulumi.Input<string>;

Login password field.

property preconfiguredApp

preconfiguredApp?: pulumi.Input<string>;

name of application from the Okta Integration Network, if not included a custom app will be created.

property status

status?: pulumi.Input<string>;

Status of application. By default it is "ACTIVE".

property url

url?: pulumi.Input<string>;

Login URL.

property urlRegex

urlRegex?: pulumi.Input<string>;

A regex that further restricts URL to the specified regex.

property usernameField

usernameField?: pulumi.Input<string>;

Login username field.

property users

users?: pulumi.Input<pulumi.Input<SwaUser>[]>;

The users assigned to the application. See okta.app.User for a more flexible approach.

interface SwaState

interface SwaState

Input properties used for looking up and filtering Swa resources.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL.

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service. By default it is false.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property buttonField

buttonField?: pulumi.Input<string>;

Login button field.

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users.

property label

label?: pulumi.Input<string>;

The display name of the Application.

property name

name?: pulumi.Input<string>;

Name assigned to the application by Okta.

property passwordField

passwordField?: pulumi.Input<string>;

Login password field.

property preconfiguredApp

preconfiguredApp?: pulumi.Input<string>;

name of application from the Okta Integration Network, if not included a custom app will be created.

property signOnMode

signOnMode?: pulumi.Input<string>;

Sign on mode of application.

property status

status?: pulumi.Input<string>;

Status of application. By default it is "ACTIVE".

property url

url?: pulumi.Input<string>;

Login URL.

property urlRegex

urlRegex?: pulumi.Input<string>;

A regex that further restricts URL to the specified regex.

property userNameTemplate

userNameTemplate?: pulumi.Input<string>;

The default username assigned to each user.

property userNameTemplateType

userNameTemplateType?: pulumi.Input<string>;

The Username template type.

property usernameField

usernameField?: pulumi.Input<string>;

Login username field.

property users

users?: pulumi.Input<pulumi.Input<SwaUser>[]>;

The users assigned to the application. See okta.app.User for a more flexible approach.

interface ThreeFieldArgs

interface ThreeFieldArgs

The set of arguments for constructing a ThreeField resource.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL.

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service. By default it is false.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property buttonSelector

buttonSelector: pulumi.Input<string>;

Login button field CSS selector.

property extraFieldSelector

extraFieldSelector: pulumi.Input<string>;

Extra field CSS selector.

property extraFieldValue

extraFieldValue: pulumi.Input<string>;

Value for extra form field.

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users.

property label

label: pulumi.Input<string>;

The display name of the Application.

property passwordSelector

passwordSelector: pulumi.Input<string>;

Login password field CSS selector.

property status

status?: pulumi.Input<string>;

Status of application. By default it is "ACTIVE".

property url

url: pulumi.Input<string>;

Login URL.

property urlRegex

urlRegex?: pulumi.Input<string>;

A regex that further restricts URL to the specified regex.

property usernameSelector

usernameSelector: pulumi.Input<string>;

Login username field CSS selector.

property users

users?: pulumi.Input<pulumi.Input<ThreeFieldUser>[]>;

The users assigned to the application. See okta.app.User for a more flexible approach.

interface ThreeFieldState

interface ThreeFieldState

Input properties used for looking up and filtering ThreeField resources.

property accessibilityErrorRedirectUrl

accessibilityErrorRedirectUrl?: pulumi.Input<string>;

Custom error page URL.

property accessibilitySelfService

accessibilitySelfService?: pulumi.Input<boolean>;

Enable self service. By default it is false.

property autoSubmitToolbar

autoSubmitToolbar?: pulumi.Input<boolean>;

Display auto submit toolbar.

property buttonSelector

buttonSelector?: pulumi.Input<string>;

Login button field CSS selector.

property extraFieldSelector

extraFieldSelector?: pulumi.Input<string>;

Extra field CSS selector.

property extraFieldValue

extraFieldValue?: pulumi.Input<string>;

Value for extra form field.

property groups

groups?: pulumi.Input<pulumi.Input<string>[]>;

Groups associated with the application. See okta.app.GroupAssignment for a more flexible approach.

property hideIos

hideIos?: pulumi.Input<boolean>;

Do not display application icon on mobile app.

property hideWeb

hideWeb?: pulumi.Input<boolean>;

Do not display application icon to users.

property label

label?: pulumi.Input<string>;

The display name of the Application.

property name

name?: pulumi.Input<string>;

Name assigned to the application by Okta.

property passwordSelector

passwordSelector?: pulumi.Input<string>;

Login password field CSS selector.

property signOnMode

signOnMode?: pulumi.Input<string>;

Sign on mode of application.

property status

status?: pulumi.Input<string>;

Status of application. By default it is "ACTIVE".

property url

url?: pulumi.Input<string>;

Login URL.

property urlRegex

urlRegex?: pulumi.Input<string>;

A regex that further restricts URL to the specified regex.

property userNameTemplate

userNameTemplate?: pulumi.Input<string>;

The default username assigned to each user.

property userNameTemplateType

userNameTemplateType?: pulumi.Input<string>;

The Username template type.

property usernameSelector

usernameSelector?: pulumi.Input<string>;

Login username field CSS selector.

property users

users?: pulumi.Input<pulumi.Input<ThreeFieldUser>[]>;

The users assigned to the application. See okta.app.User for a more flexible approach.

interface UserArgs

interface UserArgs

The set of arguments for constructing a User resource.

property appId

appId: pulumi.Input<string>;

App to associate user with.

property password

password?: pulumi.Input<string>;

The password to use.

property profile

profile?: pulumi.Input<string>;

The JSON profile of the App User.

property userId

userId: pulumi.Input<string>;

User to associate the application with.

property username

username: pulumi.Input<string>;

The username to use for the app user.

interface UserBaseSchemaArgs

interface UserBaseSchemaArgs

The set of arguments for constructing a UserBaseSchema resource.

property appId

appId: pulumi.Input<string>;

The Application’s ID the user schema property should be assigned to.

property index

index: pulumi.Input<string>;

The property name.

property master

master?: pulumi.Input<string>;

Master priority for the user schema property. It can be set to "PROFILE_MASTER" or "OKTA".

property permissions

permissions?: pulumi.Input<string>;

Access control permissions for the property. It can be set to "READ_WRITE", "READ_ONLY", "HIDE".

property required

required?: pulumi.Input<boolean>;

Whether the property is required for this application’s users.

property title

title: pulumi.Input<string>;

The property display name.

property type

type: pulumi.Input<string>;

The type of the schema property. It can be "string", "boolean", "number", "integer", "array", or "object".

interface UserBaseSchemaState

interface UserBaseSchemaState

Input properties used for looking up and filtering UserBaseSchema resources.

property appId

appId?: pulumi.Input<string>;

The Application’s ID the user schema property should be assigned to.

property index

index?: pulumi.Input<string>;

The property name.

property master

master?: pulumi.Input<string>;

Master priority for the user schema property. It can be set to "PROFILE_MASTER" or "OKTA".

property permissions

permissions?: pulumi.Input<string>;

Access control permissions for the property. It can be set to "READ_WRITE", "READ_ONLY", "HIDE".

property required

required?: pulumi.Input<boolean>;

Whether the property is required for this application’s users.

property title

title?: pulumi.Input<string>;

The property display name.

property type

type?: pulumi.Input<string>;

The type of the schema property. It can be "string", "boolean", "number", "integer", "array", or "object".

interface UserSchemaArgs

interface UserSchemaArgs

The set of arguments for constructing a UserSchema resource.

property appId

appId: pulumi.Input<string>;

The Application’s ID the user custom schema property should be assigned to.

property arrayEnums

arrayEnums?: pulumi.Input<pulumi.Input<string>[]>;

Array of values that an array property’s items can be set to.

property arrayOneOfs

arrayOneOfs?: pulumi.Input<pulumi.Input<UserSchemaArrayOneOf>[]>;

Display name and value an enum array can be set to.

property arrayType

arrayType?: pulumi.Input<string>;

The type of the array elements if type is set to "array".

property description

description?: pulumi.Input<string>;

The description of the user schema property.

property enums

enums?: pulumi.Input<pulumi.Input<string>[]>;

Array of values a primitive property can be set to. See arrayEnum for arrays.

property externalName

externalName?: pulumi.Input<string>;

External name of the user schema property.

property index

index: pulumi.Input<string>;

The property name.

property master

master?: pulumi.Input<string>;

Master priority for the user schema property. It can be set to "PROFILE_MASTER" or "OKTA".

property maxLength

maxLength?: pulumi.Input<number>;

The maximum length of the user property value. Only applies to type "string".

property minLength

minLength?: pulumi.Input<number>;

The minimum length of the user property value. Only applies to type "string".

property oneOfs

oneOfs?: pulumi.Input<pulumi.Input<UserSchemaOneOf>[]>;

Array of maps containing a mapping for display name to enum value.

property permissions

permissions?: pulumi.Input<string>;

Access control permissions for the property. It can be set to "READ_WRITE", "READ_ONLY", "HIDE".

property required

required?: pulumi.Input<boolean>;

Whether the property is required for this application’s users.

property scope

scope?: pulumi.Input<string>;

determines whether an app user attribute can be set at the Individual or Group Level.

property title

title: pulumi.Input<string>;

display name for the enum value.

property type

type: pulumi.Input<string>;

The type of the schema property. It can be "string", "boolean", "number", "integer", "array", or "object".

interface UserSchemaState

interface UserSchemaState

Input properties used for looking up and filtering UserSchema resources.

property appId

appId?: pulumi.Input<string>;

The Application’s ID the user custom schema property should be assigned to.

property arrayEnums

arrayEnums?: pulumi.Input<pulumi.Input<string>[]>;

Array of values that an array property’s items can be set to.

property arrayOneOfs

arrayOneOfs?: pulumi.Input<pulumi.Input<UserSchemaArrayOneOf>[]>;

Display name and value an enum array can be set to.

property arrayType

arrayType?: pulumi.Input<string>;

The type of the array elements if type is set to "array".

property description

description?: pulumi.Input<string>;

The description of the user schema property.

property enums

enums?: pulumi.Input<pulumi.Input<string>[]>;

Array of values a primitive property can be set to. See arrayEnum for arrays.

property externalName

externalName?: pulumi.Input<string>;

External name of the user schema property.

property index

index?: pulumi.Input<string>;

The property name.

property master

master?: pulumi.Input<string>;

Master priority for the user schema property. It can be set to "PROFILE_MASTER" or "OKTA".

property maxLength

maxLength?: pulumi.Input<number>;

The maximum length of the user property value. Only applies to type "string".

property minLength

minLength?: pulumi.Input<number>;

The minimum length of the user property value. Only applies to type "string".

property oneOfs

oneOfs?: pulumi.Input<pulumi.Input<UserSchemaOneOf>[]>;

Array of maps containing a mapping for display name to enum value.

property permissions

permissions?: pulumi.Input<string>;

Access control permissions for the property. It can be set to "READ_WRITE", "READ_ONLY", "HIDE".

property required

required?: pulumi.Input<boolean>;

Whether the property is required for this application’s users.

property scope

scope?: pulumi.Input<string>;

determines whether an app user attribute can be set at the Individual or Group Level.

property title

title?: pulumi.Input<string>;

display name for the enum value.

property type

type?: pulumi.Input<string>;

The type of the schema property. It can be "string", "boolean", "number", "integer", "array", or "object".

interface UserState

interface UserState

Input properties used for looking up and filtering User resources.

property appId

appId?: pulumi.Input<string>;

App to associate user with.

property password

password?: pulumi.Input<string>;

The password to use.

property profile

profile?: pulumi.Input<string>;

The JSON profile of the App User.

property userId

userId?: pulumi.Input<string>;

User to associate the application with.

property username

username?: pulumi.Input<string>;

The username to use for the app user.