SamlApp

Create a SamlApp Resource

new SamlApp(name: string, args: SamlAppArgs, opts?: CustomResourceOptions);

def SamlApp(resource_name, opts=None, accessibility_error_redirect_url=None, accessibility_login_redirect_url=None, accessibility_self_service=None, app_settings_json=None, assertion_signed=None, attribute_statements=None, audience=None, authn_context_class_ref=None, auto_submit_toolbar=None, default_relay_state=None, destination=None, digest_algorithm=None, features=None, groups=None, hide_ios=None, hide_web=None, honor_force_authn=None, idp_issuer=None, key_name=None, key_years_valid=None, label=None, preconfigured_app=None, recipient=None, request_compressed=None, response_signed=None, signature_algorithm=None, sp_issuer=None, sso_url=None, status=None, subject_name_id_format=None, subject_name_id_template=None, user_name_template=None, user_name_template_suffix=None, user_name_template_type=None, users=None, __props__=None);

func NewSamlApp(ctx *Context, name string, args SamlAppArgs, opts ...ResourceOption) (*SamlApp, error)

public SamlApp(string name, SamlAppArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args SamlAppArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SamlAppArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SamlAppArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

SamlApp Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The SamlApp resource accepts the following input properties:

Label string: Pretty name of app.
AccessibilityErrorRedirectUrl string: Custom error page URL
AccessibilityLoginRedirectUrl string: Custom login page URL
AccessibilitySelfService bool: Enable self service
AppSettingsJson string: Application settings in JSON format
AssertionSigned bool: Determines whether the SAML assertion is digitally signed
AttributeStatements List<SamlAppAttributeStatementArgs>
Audience string: Audience Restriction
AuthnContextClassRef string: Identifies the SAML authentication context class for the assertion’s authentication statement
AutoSubmitToolbar bool: Display auto submit toolbar
DefaultRelayState string: Identifies a specific application resource in an IDP initiated SSO scenario.
Destination string: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion
DigestAlgorithm string: Determines the digest algorithm used to digitally sign the SAML assertion and response
Features List<string>: features to enable
Groups List<string>: Groups associated with the application
HideIos bool: Do not display application icon on mobile app
HideWeb bool: Do not display application icon to users
HonorForceAuthn bool: Prompt user to re-authenticate if SP asks for it
IdpIssuer string: SAML issuer ID
KeyName string: Certificate name. This modulates the rotation of keys. New name == new key.
KeyYearsValid int: Number of years the certificate is valid.
PreconfiguredApp string: Name of preexisting SAML application. For instance ‘slack’
Recipient string: The location where the app may present the SAML assertion
RequestCompressed bool: Denotes whether the request is compressed or not.
ResponseSigned bool: Determines whether the SAML auth response message is digitally signed
SignatureAlgorithm string: Signature algorithm used ot digitally sign the assertion and response
SpIssuer string: SAML SP issuer ID
SsoUrl string: Single Sign On URL
Status string: Status of application.
SubjectNameIdFormat string: Identifies the SAML processing rules.
SubjectNameIdTemplate string: Template for app user’s username when a user is assigned to the app
UserNameTemplate string: Username template
UserNameTemplateSuffix string: Username template suffix
UserNameTemplateType string: Username template type
Users List<SamlAppUserArgs>: Users associated with the application

Label string: Pretty name of app.
AccessibilityErrorRedirectUrl string: Custom error page URL
AccessibilityLoginRedirectUrl string: Custom login page URL
AccessibilitySelfService bool: Enable self service
AppSettingsJson string: Application settings in JSON format
AssertionSigned bool: Determines whether the SAML assertion is digitally signed
AttributeStatements []SamlAppAttributeStatement
Audience string: Audience Restriction
AuthnContextClassRef string: Identifies the SAML authentication context class for the assertion’s authentication statement
AutoSubmitToolbar bool: Display auto submit toolbar
DefaultRelayState string: Identifies a specific application resource in an IDP initiated SSO scenario.
Destination string: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion
DigestAlgorithm string: Determines the digest algorithm used to digitally sign the SAML assertion and response
Features []string: features to enable
Groups []string: Groups associated with the application
HideIos bool: Do not display application icon on mobile app
HideWeb bool: Do not display application icon to users
HonorForceAuthn bool: Prompt user to re-authenticate if SP asks for it
IdpIssuer string: SAML issuer ID
KeyName string: Certificate name. This modulates the rotation of keys. New name == new key.
KeyYearsValid int: Number of years the certificate is valid.
PreconfiguredApp string: Name of preexisting SAML application. For instance ‘slack’
Recipient string: The location where the app may present the SAML assertion
RequestCompressed bool: Denotes whether the request is compressed or not.
ResponseSigned bool: Determines whether the SAML auth response message is digitally signed
SignatureAlgorithm string: Signature algorithm used ot digitally sign the assertion and response
SpIssuer string: SAML SP issuer ID
SsoUrl string: Single Sign On URL
Status string: Status of application.
SubjectNameIdFormat string: Identifies the SAML processing rules.
SubjectNameIdTemplate string: Template for app user’s username when a user is assigned to the app
UserNameTemplate string: Username template
UserNameTemplateSuffix string: Username template suffix
UserNameTemplateType string: Username template type
Users []SamlAppUser: Users associated with the application

label string: Pretty name of app.
accessibilityErrorRedirectUrl string: Custom error page URL
accessibilityLoginRedirectUrl string: Custom login page URL
accessibilitySelfService boolean: Enable self service
appSettingsJson string: Application settings in JSON format
assertionSigned boolean: Determines whether the SAML assertion is digitally signed
attributeStatements SamlAppAttributeStatement[]
audience string: Audience Restriction
authnContextClassRef string: Identifies the SAML authentication context class for the assertion’s authentication statement
autoSubmitToolbar boolean: Display auto submit toolbar
defaultRelayState string: Identifies a specific application resource in an IDP initiated SSO scenario.
destination string: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion
digestAlgorithm string: Determines the digest algorithm used to digitally sign the SAML assertion and response
features string[]: features to enable
groups string[]: Groups associated with the application
hideIos boolean: Do not display application icon on mobile app
hideWeb boolean: Do not display application icon to users
honorForceAuthn boolean: Prompt user to re-authenticate if SP asks for it
idpIssuer string: SAML issuer ID
keyName string: Certificate name. This modulates the rotation of keys. New name == new key.
keyYearsValid number: Number of years the certificate is valid.
preconfiguredApp string: Name of preexisting SAML application. For instance ‘slack’
recipient string: The location where the app may present the SAML assertion
requestCompressed boolean: Denotes whether the request is compressed or not.
responseSigned boolean: Determines whether the SAML auth response message is digitally signed
signatureAlgorithm string: Signature algorithm used ot digitally sign the assertion and response
spIssuer string: SAML SP issuer ID
ssoUrl string: Single Sign On URL
status string: Status of application.
subjectNameIdFormat string: Identifies the SAML processing rules.
subjectNameIdTemplate string: Template for app user’s username when a user is assigned to the app
userNameTemplate string: Username template
userNameTemplateSuffix string: Username template suffix
userNameTemplateType string: Username template type
users SamlAppUser[]: Users associated with the application

label str: Pretty name of app.
accessibility_error_redirect_url str: Custom error page URL
accessibility_login_redirect_url str: Custom login page URL
accessibility_self_service bool: Enable self service
app_settings_json str: Application settings in JSON format
assertion_signed bool: Determines whether the SAML assertion is digitally signed
attribute_statements List[SamlAppAttributeStatement]
audience str: Audience Restriction
authn_context_class_ref str: Identifies the SAML authentication context class for the assertion’s authentication statement
auto_submit_toolbar bool: Display auto submit toolbar
default_relay_state str: Identifies a specific application resource in an IDP initiated SSO scenario.
destination str: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion
digest_algorithm str: Determines the digest algorithm used to digitally sign the SAML assertion and response
features List[str]: features to enable
groups List[str]: Groups associated with the application
hide_ios bool: Do not display application icon on mobile app
hide_web bool: Do not display application icon to users
honor_force_authn bool: Prompt user to re-authenticate if SP asks for it
idp_issuer str: SAML issuer ID
key_name str: Certificate name. This modulates the rotation of keys. New name == new key.
key_years_valid float: Number of years the certificate is valid.
preconfigured_app str: Name of preexisting SAML application. For instance ‘slack’
recipient str: The location where the app may present the SAML assertion
request_compressed bool: Denotes whether the request is compressed or not.
response_signed bool: Determines whether the SAML auth response message is digitally signed
signature_algorithm str: Signature algorithm used ot digitally sign the assertion and response
sp_issuer str: SAML SP issuer ID
sso_url str: Single Sign On URL
status str: Status of application.
subject_name_id_format str: Identifies the SAML processing rules.
subject_name_id_template str: Template for app user’s username when a user is assigned to the app
user_name_template str: Username template
user_name_template_suffix str: Username template suffix
user_name_template_type str: Username template type
users List[SamlAppUser]: Users associated with the application

Outputs

All input properties are implicitly available as output properties. Additionally, the SamlApp resource produces the following output properties:

Certificate string: cert from SAML XML metadata payload
EntityKey string: Entity ID, the ID portion of the entity_url
EntityUrl string: Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8
HttpPostBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.
HttpRedirectBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.
Id string: The provider-assigned unique ID for this managed resource.
KeyId string: Certificate ID
Metadata string: SAML xml metadata payload
Name string: name of app.
SignOnMode string: Sign on mode of application.

Certificate string: cert from SAML XML metadata payload
EntityKey string: Entity ID, the ID portion of the entity_url
EntityUrl string: Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8
HttpPostBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.
HttpRedirectBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.
Id string: The provider-assigned unique ID for this managed resource.
KeyId string: Certificate ID
Metadata string: SAML xml metadata payload
Name string: name of app.
SignOnMode string: Sign on mode of application.

certificate string: cert from SAML XML metadata payload
entityKey string: Entity ID, the ID portion of the entity_url
entityUrl string: Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8
httpPostBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.
httpRedirectBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.
id string: The provider-assigned unique ID for this managed resource.
keyId string: Certificate ID
metadata string: SAML xml metadata payload
name string: name of app.
signOnMode string: Sign on mode of application.

certificate str: cert from SAML XML metadata payload
entity_key str: Entity ID, the ID portion of the entity_url
entity_url str: Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8
http_post_binding str: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.
http_redirect_binding str: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.
id str: The provider-assigned unique ID for this managed resource.
key_id str: Certificate ID
metadata str: SAML xml metadata payload
name str: name of app.
sign_on_mode str: Sign on mode of application.

Look up an Existing SamlApp Resource

Get an existing SamlApp resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SamlAppState, opts?: CustomResourceOptions): SamlApp

static get(resource_name, id, opts=None, accessibility_error_redirect_url=None, accessibility_login_redirect_url=None, accessibility_self_service=None, app_settings_json=None, assertion_signed=None, attribute_statements=None, audience=None, authn_context_class_ref=None, auto_submit_toolbar=None, certificate=None, default_relay_state=None, destination=None, digest_algorithm=None, entity_key=None, entity_url=None, features=None, groups=None, hide_ios=None, hide_web=None, honor_force_authn=None, http_post_binding=None, http_redirect_binding=None, idp_issuer=None, key_id=None, key_name=None, key_years_valid=None, label=None, metadata=None, name=None, preconfigured_app=None, recipient=None, request_compressed=None, response_signed=None, sign_on_mode=None, signature_algorithm=None, sp_issuer=None, sso_url=None, status=None, subject_name_id_format=None, subject_name_id_template=None, user_name_template=None, user_name_template_suffix=None, user_name_template_type=None, users=None, __props__=None);

func GetSamlApp(ctx *Context, name string, id IDInput, state *SamlAppState, opts ...ResourceOption) (*SamlApp, error)

public static SamlApp Get(string name, Input<string> id, SamlAppState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessibilityErrorRedirectUrl string: Custom error page URL
AccessibilityLoginRedirectUrl string: Custom login page URL
AccessibilitySelfService bool: Enable self service
AppSettingsJson string: Application settings in JSON format
AssertionSigned bool: Determines whether the SAML assertion is digitally signed
AttributeStatements List<SamlAppAttributeStatementArgs>
Audience string: Audience Restriction
AuthnContextClassRef string: Identifies the SAML authentication context class for the assertion’s authentication statement
AutoSubmitToolbar bool: Display auto submit toolbar
Certificate string: cert from SAML XML metadata payload
DefaultRelayState string: Identifies a specific application resource in an IDP initiated SSO scenario.
Destination string: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion
DigestAlgorithm string: Determines the digest algorithm used to digitally sign the SAML assertion and response
EntityKey string: Entity ID, the ID portion of the entity_url
EntityUrl string: Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8
Features List<string>: features to enable
Groups List<string>: Groups associated with the application
HideIos bool: Do not display application icon on mobile app
HideWeb bool: Do not display application icon to users
HonorForceAuthn bool: Prompt user to re-authenticate if SP asks for it
HttpPostBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.
HttpRedirectBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.
IdpIssuer string: SAML issuer ID
KeyId string: Certificate ID
KeyName string: Certificate name. This modulates the rotation of keys. New name == new key.
KeyYearsValid int: Number of years the certificate is valid.
Label string: Pretty name of app.
Metadata string: SAML xml metadata payload
Name string: name of app.
PreconfiguredApp string: Name of preexisting SAML application. For instance ‘slack’
Recipient string: The location where the app may present the SAML assertion
RequestCompressed bool: Denotes whether the request is compressed or not.
ResponseSigned bool: Determines whether the SAML auth response message is digitally signed
SignOnMode string: Sign on mode of application.
SignatureAlgorithm string: Signature algorithm used ot digitally sign the assertion and response
SpIssuer string: SAML SP issuer ID
SsoUrl string: Single Sign On URL
Status string: Status of application.
SubjectNameIdFormat string: Identifies the SAML processing rules.
SubjectNameIdTemplate string: Template for app user’s username when a user is assigned to the app
UserNameTemplate string: Username template
UserNameTemplateSuffix string: Username template suffix
UserNameTemplateType string: Username template type
Users List<SamlAppUserArgs>: Users associated with the application

AccessibilityErrorRedirectUrl string: Custom error page URL
AccessibilityLoginRedirectUrl string: Custom login page URL
AccessibilitySelfService bool: Enable self service
AppSettingsJson string: Application settings in JSON format
AssertionSigned bool: Determines whether the SAML assertion is digitally signed
AttributeStatements []SamlAppAttributeStatement
Audience string: Audience Restriction
AuthnContextClassRef string: Identifies the SAML authentication context class for the assertion’s authentication statement
AutoSubmitToolbar bool: Display auto submit toolbar
Certificate string: cert from SAML XML metadata payload
DefaultRelayState string: Identifies a specific application resource in an IDP initiated SSO scenario.
Destination string: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion
DigestAlgorithm string: Determines the digest algorithm used to digitally sign the SAML assertion and response
EntityKey string: Entity ID, the ID portion of the entity_url
EntityUrl string: Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8
Features []string: features to enable
Groups []string: Groups associated with the application
HideIos bool: Do not display application icon on mobile app
HideWeb bool: Do not display application icon to users
HonorForceAuthn bool: Prompt user to re-authenticate if SP asks for it
HttpPostBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.
HttpRedirectBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.
IdpIssuer string: SAML issuer ID
KeyId string: Certificate ID
KeyName string: Certificate name. This modulates the rotation of keys. New name == new key.
KeyYearsValid int: Number of years the certificate is valid.
Label string: Pretty name of app.
Metadata string: SAML xml metadata payload
Name string: name of app.
PreconfiguredApp string: Name of preexisting SAML application. For instance ‘slack’
Recipient string: The location where the app may present the SAML assertion
RequestCompressed bool: Denotes whether the request is compressed or not.
ResponseSigned bool: Determines whether the SAML auth response message is digitally signed
SignOnMode string: Sign on mode of application.
SignatureAlgorithm string: Signature algorithm used ot digitally sign the assertion and response
SpIssuer string: SAML SP issuer ID
SsoUrl string: Single Sign On URL
Status string: Status of application.
SubjectNameIdFormat string: Identifies the SAML processing rules.
SubjectNameIdTemplate string: Template for app user’s username when a user is assigned to the app
UserNameTemplate string: Username template
UserNameTemplateSuffix string: Username template suffix
UserNameTemplateType string: Username template type
Users []SamlAppUser: Users associated with the application

accessibilityErrorRedirectUrl string: Custom error page URL
accessibilityLoginRedirectUrl string: Custom login page URL
accessibilitySelfService boolean: Enable self service
appSettingsJson string: Application settings in JSON format
assertionSigned boolean: Determines whether the SAML assertion is digitally signed
attributeStatements SamlAppAttributeStatement[]
audience string: Audience Restriction
authnContextClassRef string: Identifies the SAML authentication context class for the assertion’s authentication statement
autoSubmitToolbar boolean: Display auto submit toolbar
certificate string: cert from SAML XML metadata payload
defaultRelayState string: Identifies a specific application resource in an IDP initiated SSO scenario.
destination string: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion
digestAlgorithm string: Determines the digest algorithm used to digitally sign the SAML assertion and response
entityKey string: Entity ID, the ID portion of the entity_url
entityUrl string: Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8
features string[]: features to enable
groups string[]: Groups associated with the application
hideIos boolean: Do not display application icon on mobile app
hideWeb boolean: Do not display application icon to users
honorForceAuthn boolean: Prompt user to re-authenticate if SP asks for it
httpPostBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.
httpRedirectBinding string: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.
idpIssuer string: SAML issuer ID
keyId string: Certificate ID
keyName string: Certificate name. This modulates the rotation of keys. New name == new key.
keyYearsValid number: Number of years the certificate is valid.
label string: Pretty name of app.
metadata string: SAML xml metadata payload
name string: name of app.
preconfiguredApp string: Name of preexisting SAML application. For instance ‘slack’
recipient string: The location where the app may present the SAML assertion
requestCompressed boolean: Denotes whether the request is compressed or not.
responseSigned boolean: Determines whether the SAML auth response message is digitally signed
signOnMode string: Sign on mode of application.
signatureAlgorithm string: Signature algorithm used ot digitally sign the assertion and response
spIssuer string: SAML SP issuer ID
ssoUrl string: Single Sign On URL
status string: Status of application.
subjectNameIdFormat string: Identifies the SAML processing rules.
subjectNameIdTemplate string: Template for app user’s username when a user is assigned to the app
userNameTemplate string: Username template
userNameTemplateSuffix string: Username template suffix
userNameTemplateType string: Username template type
users SamlAppUser[]: Users associated with the application

accessibility_error_redirect_url str: Custom error page URL
accessibility_login_redirect_url str: Custom login page URL
accessibility_self_service bool: Enable self service
app_settings_json str: Application settings in JSON format
assertion_signed bool: Determines whether the SAML assertion is digitally signed
attribute_statements List[SamlAppAttributeStatement]
audience str: Audience Restriction
authn_context_class_ref str: Identifies the SAML authentication context class for the assertion’s authentication statement
auto_submit_toolbar bool: Display auto submit toolbar
certificate str: cert from SAML XML metadata payload
default_relay_state str: Identifies a specific application resource in an IDP initiated SSO scenario.
destination str: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion
digest_algorithm str: Determines the digest algorithm used to digitally sign the SAML assertion and response
entity_key str: Entity ID, the ID portion of the entity_url
entity_url str: Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8
features List[str]: features to enable
groups List[str]: Groups associated with the application
hide_ios bool: Do not display application icon on mobile app
hide_web bool: Do not display application icon to users
honor_force_authn bool: Prompt user to re-authenticate if SP asks for it
http_post_binding str: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.
http_redirect_binding str: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.
idp_issuer str: SAML issuer ID
key_id str: Certificate ID
key_name str: Certificate name. This modulates the rotation of keys. New name == new key.
key_years_valid float: Number of years the certificate is valid.
label str: Pretty name of app.
metadata str: SAML xml metadata payload
name str: name of app.
preconfigured_app str: Name of preexisting SAML application. For instance ‘slack’
recipient str: The location where the app may present the SAML assertion
request_compressed bool: Denotes whether the request is compressed or not.
response_signed bool: Determines whether the SAML auth response message is digitally signed
sign_on_mode str: Sign on mode of application.
signature_algorithm str: Signature algorithm used ot digitally sign the assertion and response
sp_issuer str: SAML SP issuer ID
sso_url str: Single Sign On URL
status str: Status of application.
subject_name_id_format str: Identifies the SAML processing rules.
subject_name_id_template str: Template for app user’s username when a user is assigned to the app
user_name_template str: Username template
user_name_template_suffix str: Username template suffix
user_name_template_type str: Username template type
users List[SamlAppUser]: Users associated with the application