IdentityProviderTokenExchangeScopePermission

Import

This resource can be imported using the format {{realm_id}}/{{provider_alias}}, where provider_alias is the alias that you assign to the identity provider upon creation. Examplebash

 $ pulumi import keycloak:index/identityProviderTokenExchangeScopePermission:IdentityProviderTokenExchangeScopePermission oidc_idp_permission my-realm/myIdp

Create a IdentityProviderTokenExchangeScopePermission Resource

new IdentityProviderTokenExchangeScopePermission(name: string, args: IdentityProviderTokenExchangeScopePermissionArgs, opts?: CustomResourceOptions);

def IdentityProviderTokenExchangeScopePermission(resource_name: str, opts: Optional[ResourceOptions] = None, clients: Optional[Sequence[str]] = None, policy_type: Optional[str] = None, provider_alias: Optional[str] = None, realm_id: Optional[str] = None)

func NewIdentityProviderTokenExchangeScopePermission(ctx *Context, name string, args IdentityProviderTokenExchangeScopePermissionArgs, opts ...ResourceOption) (*IdentityProviderTokenExchangeScopePermission, error)

public IdentityProviderTokenExchangeScopePermission(string name, IdentityProviderTokenExchangeScopePermissionArgs args, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args IdentityProviderTokenExchangeScopePermissionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args IdentityProviderTokenExchangeScopePermissionArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args IdentityProviderTokenExchangeScopePermissionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

IdentityProviderTokenExchangeScopePermission Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The IdentityProviderTokenExchangeScopePermission resource accepts the following input properties:

Clients List<string>: A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
ProviderAlias string: Alias of the identity provider.
RealmId string: The realm that the identity provider exists in.
PolicyType string: Defaults to “client” This is also the only value policy type supported by this provider.

Clients []string: A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
ProviderAlias string: Alias of the identity provider.
RealmId string: The realm that the identity provider exists in.
PolicyType string: Defaults to “client” This is also the only value policy type supported by this provider.

clients string[]: A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
providerAlias string: Alias of the identity provider.
realmId string: The realm that the identity provider exists in.
policyType string: Defaults to “client” This is also the only value policy type supported by this provider.

clients Sequence[str]: A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
provider_alias str: Alias of the identity provider.
realm_id str: The realm that the identity provider exists in.
policy_type str: Defaults to “client” This is also the only value policy type supported by this provider.

Outputs

All input properties are implicitly available as output properties. Additionally, the IdentityProviderTokenExchangeScopePermission resource produces the following output properties:

AuthorizationIdpResourceId string: (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
AuthorizationResourceServerId string: (Computed) Resource server ID representing the realm management client on which this permission is managed.
AuthorizationTokenExchangeScopePermissionId string: (Computed) Permission ID representing the Permission with scope ‘Token Exchange’ and the resource ‘authorization_idp_resource_id’, this automatically created by keycloak, the policy ID will be set on this permission.
Id string: The provider-assigned unique ID for this managed resource.
PolicyId string: (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.

AuthorizationIdpResourceId string: (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
AuthorizationResourceServerId string: (Computed) Resource server ID representing the realm management client on which this permission is managed.
AuthorizationTokenExchangeScopePermissionId string: (Computed) Permission ID representing the Permission with scope ‘Token Exchange’ and the resource ‘authorization_idp_resource_id’, this automatically created by keycloak, the policy ID will be set on this permission.
Id string: The provider-assigned unique ID for this managed resource.
PolicyId string: (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.

authorizationIdpResourceId string: (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
authorizationResourceServerId string: (Computed) Resource server ID representing the realm management client on which this permission is managed.
authorizationTokenExchangeScopePermissionId string: (Computed) Permission ID representing the Permission with scope ‘Token Exchange’ and the resource ‘authorization_idp_resource_id’, this automatically created by keycloak, the policy ID will be set on this permission.
id string: The provider-assigned unique ID for this managed resource.
policyId string: (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.

authorization_idp_resource_id str: (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
authorization_resource_server_id str: (Computed) Resource server ID representing the realm management client on which this permission is managed.
authorization_token_exchange_scope_permission_id str: (Computed) Permission ID representing the Permission with scope ‘Token Exchange’ and the resource ‘authorization_idp_resource_id’, this automatically created by keycloak, the policy ID will be set on this permission.
id str: The provider-assigned unique ID for this managed resource.
policy_id str: (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.

Look up an Existing IdentityProviderTokenExchangeScopePermission Resource

Get an existing IdentityProviderTokenExchangeScopePermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IdentityProviderTokenExchangeScopePermissionState, opts?: CustomResourceOptions): IdentityProviderTokenExchangeScopePermission

@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, authorization_idp_resource_id: Optional[str] = None, authorization_resource_server_id: Optional[str] = None, authorization_token_exchange_scope_permission_id: Optional[str] = None, clients: Optional[Sequence[str]] = None, policy_id: Optional[str] = None, policy_type: Optional[str] = None, provider_alias: Optional[str] = None, realm_id: Optional[str] = None) -> IdentityProviderTokenExchangeScopePermission

func GetIdentityProviderTokenExchangeScopePermission(ctx *Context, name string, id IDInput, state *IdentityProviderTokenExchangeScopePermissionState, opts ...ResourceOption) (*IdentityProviderTokenExchangeScopePermission, error)

public static IdentityProviderTokenExchangeScopePermission Get(string name, Input<string> id, IdentityProviderTokenExchangeScopePermissionState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AuthorizationIdpResourceId string: (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
AuthorizationResourceServerId string: (Computed) Resource server ID representing the realm management client on which this permission is managed.
AuthorizationTokenExchangeScopePermissionId string: (Computed) Permission ID representing the Permission with scope ‘Token Exchange’ and the resource ‘authorization_idp_resource_id’, this automatically created by keycloak, the policy ID will be set on this permission.
Clients List<string>: A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
PolicyId string: (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
PolicyType string: Defaults to “client” This is also the only value policy type supported by this provider.
ProviderAlias string: Alias of the identity provider.
RealmId string: The realm that the identity provider exists in.

AuthorizationIdpResourceId string: (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
AuthorizationResourceServerId string: (Computed) Resource server ID representing the realm management client on which this permission is managed.
AuthorizationTokenExchangeScopePermissionId string: (Computed) Permission ID representing the Permission with scope ‘Token Exchange’ and the resource ‘authorization_idp_resource_id’, this automatically created by keycloak, the policy ID will be set on this permission.
Clients []string: A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
PolicyId string: (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
PolicyType string: Defaults to “client” This is also the only value policy type supported by this provider.
ProviderAlias string: Alias of the identity provider.
RealmId string: The realm that the identity provider exists in.

authorizationIdpResourceId string: (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
authorizationResourceServerId string: (Computed) Resource server ID representing the realm management client on which this permission is managed.
authorizationTokenExchangeScopePermissionId string: (Computed) Permission ID representing the Permission with scope ‘Token Exchange’ and the resource ‘authorization_idp_resource_id’, this automatically created by keycloak, the policy ID will be set on this permission.
clients string[]: A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
policyId string: (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
policyType string: Defaults to “client” This is also the only value policy type supported by this provider.
providerAlias string: Alias of the identity provider.
realmId string: The realm that the identity provider exists in.

authorization_idp_resource_id str: (Computed) Resource ID representing the identity provider, this automatically created by keycloak.
authorization_resource_server_id str: (Computed) Resource server ID representing the realm management client on which this permission is managed.
authorization_token_exchange_scope_permission_id str: (Computed) Permission ID representing the Permission with scope ‘Token Exchange’ and the resource ‘authorization_idp_resource_id’, this automatically created by keycloak, the policy ID will be set on this permission.
clients Sequence[str]: A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
policy_id str: (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
policy_type str: Defaults to “client” This is also the only value policy type supported by this provider.
provider_alias str: Alias of the identity provider.
realm_id str: The realm that the identity provider exists in.

Package Details

Repository: https://github.com/pulumi/pulumi-keycloak
License: Apache-2.0
Notes: This Pulumi package is based on the keycloak Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud