Server

Creates an Authorization Server.

This resource allows you to create and configure an Authorization Server.

Example Usage

using Pulumi;
using Okta = Pulumi.Okta;

class MyStack : Stack
{
    public MyStack()
    {
        var example = new Okta.Auth.Server("example", new Okta.Auth.ServerArgs
        {
            Audiences = 
            {
                "api://example",
            },
            Description = "My Example Auth Server",
            IssuerMode = "CUSTOM_URL",
            Status = "ACTIVE",
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/auth"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := auth.NewServer(ctx, "example", &auth.ServerArgs{
			Audiences: pulumi.StringArray{
				pulumi.String("api://example"),
			},
			Description: pulumi.String("My Example Auth Server"),
			IssuerMode:  pulumi.String("CUSTOM_URL"),
			Status:      pulumi.String("ACTIVE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_okta as okta

example = okta.auth.Server("example",
    audiences=["api://example"],
    description="My Example Auth Server",
    issuer_mode="CUSTOM_URL",
    status="ACTIVE")
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.auth.Server("example", {
    audiences: ["api://example"],
    description: "My Example Auth Server",
    issuerMode: "CUSTOM_URL",
    status: "ACTIVE",
});

Create a Server Resource

new Server(name: string, args: ServerArgs, opts?: CustomResourceOptions);
@overload
def Server(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           audiences: Optional[Sequence[str]] = None,
           credentials_rotation_mode: Optional[str] = None,
           description: Optional[str] = None,
           issuer_mode: Optional[str] = None,
           name: Optional[str] = None,
           status: Optional[str] = None)
@overload
def Server(resource_name: str,
           args: ServerArgs,
           opts: Optional[ResourceOptions] = None)
func NewServer(ctx *Context, name string, args ServerArgs, opts ...ResourceOption) (*Server, error)
public Server(string name, ServerArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args ServerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ServerArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ServerArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ServerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

Server Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Server resource accepts the following input properties:

Audiences List<string>
The recipients that the tokens are intended for. This becomes the aud claim in an access token.
CredentialsRotationMode string
The key rotation mode for the authorization server. Can be "AUTO" or "MANUAL".
Description string
The description of the authorization server.
IssuerMode string
Allows you to use a custom issuer URL. It can be set to "CUSTOM_URL" or "ORG_URL"
Name string
The name of the authorization server.
Status string
The status of the auth server. It defaults to "ACTIVE"
Audiences []string
The recipients that the tokens are intended for. This becomes the aud claim in an access token.
CredentialsRotationMode string
The key rotation mode for the authorization server. Can be "AUTO" or "MANUAL".
Description string
The description of the authorization server.
IssuerMode string
Allows you to use a custom issuer URL. It can be set to "CUSTOM_URL" or "ORG_URL"
Name string
The name of the authorization server.
Status string
The status of the auth server. It defaults to "ACTIVE"
audiences string[]
The recipients that the tokens are intended for. This becomes the aud claim in an access token.
credentialsRotationMode string
The key rotation mode for the authorization server. Can be "AUTO" or "MANUAL".
description string
The description of the authorization server.
issuerMode string
Allows you to use a custom issuer URL. It can be set to "CUSTOM_URL" or "ORG_URL"
name string
The name of the authorization server.
status string
The status of the auth server. It defaults to "ACTIVE"
audiences Sequence[str]
The recipients that the tokens are intended for. This becomes the aud claim in an access token.
credentials_rotation_mode str
The key rotation mode for the authorization server. Can be "AUTO" or "MANUAL".
description str
The description of the authorization server.
issuer_mode str
Allows you to use a custom issuer URL. It can be set to "CUSTOM_URL" or "ORG_URL"
name str
The name of the authorization server.
status str
The status of the auth server. It defaults to "ACTIVE"

Outputs

All input properties are implicitly available as output properties. Additionally, the Server resource produces the following output properties:

CredentialsLastRotated string
The timestamp when the authorization server started to use the kid for signing tokens.
CredentialsNextRotation string
The timestamp when the authorization server changes the key for signing tokens. Only returned when credentials_rotation_mode is "AUTO".
Id string
The provider-assigned unique ID for this managed resource.
Issuer string
The complete URL for a Custom Authorization Server. This becomes the iss claim in an access token.
Kid string
The ID of the JSON Web Key used for signing tokens issued by the authorization server.
CredentialsLastRotated string
The timestamp when the authorization server started to use the kid for signing tokens.
CredentialsNextRotation string
The timestamp when the authorization server changes the key for signing tokens. Only returned when credentials_rotation_mode is "AUTO".
Id string
The provider-assigned unique ID for this managed resource.
Issuer string
The complete URL for a Custom Authorization Server. This becomes the iss claim in an access token.
Kid string
The ID of the JSON Web Key used for signing tokens issued by the authorization server.
credentialsLastRotated string
The timestamp when the authorization server started to use the kid for signing tokens.
credentialsNextRotation string
The timestamp when the authorization server changes the key for signing tokens. Only returned when credentials_rotation_mode is "AUTO".
id string
The provider-assigned unique ID for this managed resource.
issuer string
The complete URL for a Custom Authorization Server. This becomes the iss claim in an access token.
kid string
The ID of the JSON Web Key used for signing tokens issued by the authorization server.
credentials_last_rotated str
The timestamp when the authorization server started to use the kid for signing tokens.
credentials_next_rotation str
The timestamp when the authorization server changes the key for signing tokens. Only returned when credentials_rotation_mode is "AUTO".
id str
The provider-assigned unique ID for this managed resource.
issuer str
The complete URL for a Custom Authorization Server. This becomes the iss claim in an access token.
kid str
The ID of the JSON Web Key used for signing tokens issued by the authorization server.

Look up an Existing Server Resource

Get an existing Server resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ServerState, opts?: CustomResourceOptions): Server
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        audiences: Optional[Sequence[str]] = None,
        credentials_last_rotated: Optional[str] = None,
        credentials_next_rotation: Optional[str] = None,
        credentials_rotation_mode: Optional[str] = None,
        description: Optional[str] = None,
        issuer: Optional[str] = None,
        issuer_mode: Optional[str] = None,
        kid: Optional[str] = None,
        name: Optional[str] = None,
        status: Optional[str] = None) -> Server
func GetServer(ctx *Context, name string, id IDInput, state *ServerState, opts ...ResourceOption) (*Server, error)
public static Server Get(string name, Input<string> id, ServerState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Audiences List<string>
The recipients that the tokens are intended for. This becomes the aud claim in an access token.
CredentialsLastRotated string
The timestamp when the authorization server started to use the kid for signing tokens.
CredentialsNextRotation string
The timestamp when the authorization server changes the key for signing tokens. Only returned when credentials_rotation_mode is "AUTO".
CredentialsRotationMode string
The key rotation mode for the authorization server. Can be "AUTO" or "MANUAL".
Description string
The description of the authorization server.
Issuer string
The complete URL for a Custom Authorization Server. This becomes the iss claim in an access token.
IssuerMode string
Allows you to use a custom issuer URL. It can be set to "CUSTOM_URL" or "ORG_URL"
Kid string
The ID of the JSON Web Key used for signing tokens issued by the authorization server.
Name string
The name of the authorization server.
Status string
The status of the auth server. It defaults to "ACTIVE"
Audiences []string
The recipients that the tokens are intended for. This becomes the aud claim in an access token.
CredentialsLastRotated string
The timestamp when the authorization server started to use the kid for signing tokens.
CredentialsNextRotation string
The timestamp when the authorization server changes the key for signing tokens. Only returned when credentials_rotation_mode is "AUTO".
CredentialsRotationMode string
The key rotation mode for the authorization server. Can be "AUTO" or "MANUAL".
Description string
The description of the authorization server.
Issuer string
The complete URL for a Custom Authorization Server. This becomes the iss claim in an access token.
IssuerMode string
Allows you to use a custom issuer URL. It can be set to "CUSTOM_URL" or "ORG_URL"
Kid string
The ID of the JSON Web Key used for signing tokens issued by the authorization server.
Name string
The name of the authorization server.
Status string
The status of the auth server. It defaults to "ACTIVE"
audiences string[]
The recipients that the tokens are intended for. This becomes the aud claim in an access token.
credentialsLastRotated string
The timestamp when the authorization server started to use the kid for signing tokens.
credentialsNextRotation string
The timestamp when the authorization server changes the key for signing tokens. Only returned when credentials_rotation_mode is "AUTO".
credentialsRotationMode string
The key rotation mode for the authorization server. Can be "AUTO" or "MANUAL".
description string
The description of the authorization server.
issuer string
The complete URL for a Custom Authorization Server. This becomes the iss claim in an access token.
issuerMode string
Allows you to use a custom issuer URL. It can be set to "CUSTOM_URL" or "ORG_URL"
kid string
The ID of the JSON Web Key used for signing tokens issued by the authorization server.
name string
The name of the authorization server.
status string
The status of the auth server. It defaults to "ACTIVE"
audiences Sequence[str]
The recipients that the tokens are intended for. This becomes the aud claim in an access token.
credentials_last_rotated str
The timestamp when the authorization server started to use the kid for signing tokens.
credentials_next_rotation str
The timestamp when the authorization server changes the key for signing tokens. Only returned when credentials_rotation_mode is "AUTO".
credentials_rotation_mode str
The key rotation mode for the authorization server. Can be "AUTO" or "MANUAL".
description str
The description of the authorization server.
issuer str
The complete URL for a Custom Authorization Server. This becomes the iss claim in an access token.
issuer_mode str
Allows you to use a custom issuer URL. It can be set to "CUSTOM_URL" or "ORG_URL"
kid str
The ID of the JSON Web Key used for signing tokens issued by the authorization server.
name str
The name of the authorization server.
status str
The status of the auth server. It defaults to "ACTIVE"

Import

Authorization Server can be imported via the Okta ID.

 $ pulumi import okta:auth/server:Server example <auth server id>

Package Details

Repository
https://github.com/pulumi/pulumi-okta
License
Apache-2.0
Notes
This Pulumi package is based on the okta Terraform Provider.