1. Packages
  2. Okta
  3. API Docs
  4. idp
  5. Social
Okta v4.8.0 published on Saturday, Mar 2, 2024 by Pulumi

okta.idp.Social

Explore with Pulumi AI

okta logo
Okta v4.8.0 published on Saturday, Mar 2, 2024 by Pulumi

    Creates a Social Identity Provider.

    This resource allows you to create and configure a Social Identity Provider.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Okta = Pulumi.Okta;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Okta.Idp.Social("example", new()
        {
            ClientId = "abcd123",
            ClientSecret = "abcd123",
            ProtocolType = "OAUTH2",
            Scopes = new[]
            {
                "public_profile",
                "email",
            },
            Type = "FACEBOOK",
            UsernameTemplate = "idpuser.email",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-okta/sdk/v4/go/okta/idp"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := idp.NewSocial(ctx, "example", &idp.SocialArgs{
    			ClientId:     pulumi.String("abcd123"),
    			ClientSecret: pulumi.String("abcd123"),
    			ProtocolType: pulumi.String("OAUTH2"),
    			Scopes: pulumi.StringArray{
    				pulumi.String("public_profile"),
    				pulumi.String("email"),
    			},
    			Type:             pulumi.String("FACEBOOK"),
    			UsernameTemplate: pulumi.String("idpuser.email"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.okta.idp.Social;
    import com.pulumi.okta.idp.SocialArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Social("example", SocialArgs.builder()        
                .clientId("abcd123")
                .clientSecret("abcd123")
                .protocolType("OAUTH2")
                .scopes(            
                    "public_profile",
                    "email")
                .type("FACEBOOK")
                .usernameTemplate("idpuser.email")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_okta as okta
    
    example = okta.idp.Social("example",
        client_id="abcd123",
        client_secret="abcd123",
        protocol_type="OAUTH2",
        scopes=[
            "public_profile",
            "email",
        ],
        type="FACEBOOK",
        username_template="idpuser.email")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as okta from "@pulumi/okta";
    
    const example = new okta.idp.Social("example", {
        clientId: "abcd123",
        clientSecret: "abcd123",
        protocolType: "OAUTH2",
        scopes: [
            "public_profile",
            "email",
        ],
        type: "FACEBOOK",
        usernameTemplate: "idpuser.email",
    });
    
    resources:
      example:
        type: okta:idp:Social
        properties:
          clientId: abcd123
          clientSecret: abcd123
          protocolType: OAUTH2
          scopes:
            - public_profile
            - email
          type: FACEBOOK
          usernameTemplate: idpuser.email
    

    Create Social Resource

    new Social(name: string, args: SocialArgs, opts?: CustomResourceOptions);
    @overload
    def Social(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               account_link_action: Optional[str] = None,
               account_link_group_includes: Optional[Sequence[str]] = None,
               apple_kid: Optional[str] = None,
               apple_private_key: Optional[str] = None,
               apple_team_id: Optional[str] = None,
               client_id: Optional[str] = None,
               client_secret: Optional[str] = None,
               deprovisioned_action: Optional[str] = None,
               groups_action: Optional[str] = None,
               groups_assignments: Optional[Sequence[str]] = None,
               groups_attribute: Optional[str] = None,
               groups_filters: Optional[Sequence[str]] = None,
               issuer_mode: Optional[str] = None,
               max_clock_skew: Optional[int] = None,
               name: Optional[str] = None,
               profile_master: Optional[bool] = None,
               protocol_type: Optional[str] = None,
               provisioning_action: Optional[str] = None,
               scopes: Optional[Sequence[str]] = None,
               status: Optional[str] = None,
               subject_match_attribute: Optional[str] = None,
               subject_match_type: Optional[str] = None,
               suspended_action: Optional[str] = None,
               type: Optional[str] = None,
               username_template: Optional[str] = None)
    @overload
    def Social(resource_name: str,
               args: SocialArgs,
               opts: Optional[ResourceOptions] = None)
    func NewSocial(ctx *Context, name string, args SocialArgs, opts ...ResourceOption) (*Social, error)
    public Social(string name, SocialArgs args, CustomResourceOptions? opts = null)
    public Social(String name, SocialArgs args)
    public Social(String name, SocialArgs args, CustomResourceOptions options)
    
    type: okta:idp:Social
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args SocialArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SocialArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SocialArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SocialArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SocialArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Social Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Social resource accepts the following input properties:

    Scopes List<string>
    The scopes of the IdP.
    Type string
    The type of Social IdP. See API docs Identity Provider Type
    AccountLinkAction string
    Specifies the account linking action for an IdP user.
    AccountLinkGroupIncludes List<string>
    Group memberships to determine link candidates.
    AppleKid string
    The Key ID that you obtained from Apple when you created the private key for the client.
    ApplePrivateKey string
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    AppleTeamId string
    The Team ID associated with your Apple developer account.
    ClientId string
    Unique identifier issued by AS for the Okta IdP instance.
    ClientSecret string
    Client secret issued by AS for the Okta IdP instance.
    DeprovisionedAction string
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    GroupsAction string
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    GroupsAssignments List<string>
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    GroupsAttribute string
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    GroupsFilters List<string>
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    IssuerMode string
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    MaxClockSkew int
    Maximum allowable clock-skew when processing messages from the IdP.
    Name string
    The Application's display name.
    ProfileMaster bool
    Determines if the IdP should act as a source of truth for user profile attributes.
    ProtocolType string
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    ProvisioningAction string
    Provisioning action for an IdP user during authentication.
    Status string
    Status of the IdP.
    SubjectMatchAttribute string
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    SubjectMatchType string
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    SuspendedAction string
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    UsernameTemplate string
    Okta EL Expression to generate or transform a unique username for the IdP user.
    Scopes []string
    The scopes of the IdP.
    Type string
    The type of Social IdP. See API docs Identity Provider Type
    AccountLinkAction string
    Specifies the account linking action for an IdP user.
    AccountLinkGroupIncludes []string
    Group memberships to determine link candidates.
    AppleKid string
    The Key ID that you obtained from Apple when you created the private key for the client.
    ApplePrivateKey string
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    AppleTeamId string
    The Team ID associated with your Apple developer account.
    ClientId string
    Unique identifier issued by AS for the Okta IdP instance.
    ClientSecret string
    Client secret issued by AS for the Okta IdP instance.
    DeprovisionedAction string
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    GroupsAction string
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    GroupsAssignments []string
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    GroupsAttribute string
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    GroupsFilters []string
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    IssuerMode string
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    MaxClockSkew int
    Maximum allowable clock-skew when processing messages from the IdP.
    Name string
    The Application's display name.
    ProfileMaster bool
    Determines if the IdP should act as a source of truth for user profile attributes.
    ProtocolType string
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    ProvisioningAction string
    Provisioning action for an IdP user during authentication.
    Status string
    Status of the IdP.
    SubjectMatchAttribute string
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    SubjectMatchType string
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    SuspendedAction string
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    UsernameTemplate string
    Okta EL Expression to generate or transform a unique username for the IdP user.
    scopes List<String>
    The scopes of the IdP.
    type String
    The type of Social IdP. See API docs Identity Provider Type
    accountLinkAction String
    Specifies the account linking action for an IdP user.
    accountLinkGroupIncludes List<String>
    Group memberships to determine link candidates.
    appleKid String
    The Key ID that you obtained from Apple when you created the private key for the client.
    applePrivateKey String
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    appleTeamId String
    The Team ID associated with your Apple developer account.
    clientId String
    Unique identifier issued by AS for the Okta IdP instance.
    clientSecret String
    Client secret issued by AS for the Okta IdP instance.
    deprovisionedAction String
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    groupsAction String
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    groupsAssignments List<String>
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    groupsAttribute String
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    groupsFilters List<String>
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    issuerMode String
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    maxClockSkew Integer
    Maximum allowable clock-skew when processing messages from the IdP.
    name String
    The Application's display name.
    profileMaster Boolean
    Determines if the IdP should act as a source of truth for user profile attributes.
    protocolType String
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    provisioningAction String
    Provisioning action for an IdP user during authentication.
    status String
    Status of the IdP.
    subjectMatchAttribute String
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    subjectMatchType String
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    suspendedAction String
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    usernameTemplate String
    Okta EL Expression to generate or transform a unique username for the IdP user.
    scopes string[]
    The scopes of the IdP.
    type string
    The type of Social IdP. See API docs Identity Provider Type
    accountLinkAction string
    Specifies the account linking action for an IdP user.
    accountLinkGroupIncludes string[]
    Group memberships to determine link candidates.
    appleKid string
    The Key ID that you obtained from Apple when you created the private key for the client.
    applePrivateKey string
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    appleTeamId string
    The Team ID associated with your Apple developer account.
    clientId string
    Unique identifier issued by AS for the Okta IdP instance.
    clientSecret string
    Client secret issued by AS for the Okta IdP instance.
    deprovisionedAction string
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    groupsAction string
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    groupsAssignments string[]
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    groupsAttribute string
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    groupsFilters string[]
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    issuerMode string
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    maxClockSkew number
    Maximum allowable clock-skew when processing messages from the IdP.
    name string
    The Application's display name.
    profileMaster boolean
    Determines if the IdP should act as a source of truth for user profile attributes.
    protocolType string
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    provisioningAction string
    Provisioning action for an IdP user during authentication.
    status string
    Status of the IdP.
    subjectMatchAttribute string
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    subjectMatchType string
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    suspendedAction string
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    usernameTemplate string
    Okta EL Expression to generate or transform a unique username for the IdP user.
    scopes Sequence[str]
    The scopes of the IdP.
    type str
    The type of Social IdP. See API docs Identity Provider Type
    account_link_action str
    Specifies the account linking action for an IdP user.
    account_link_group_includes Sequence[str]
    Group memberships to determine link candidates.
    apple_kid str
    The Key ID that you obtained from Apple when you created the private key for the client.
    apple_private_key str
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    apple_team_id str
    The Team ID associated with your Apple developer account.
    client_id str
    Unique identifier issued by AS for the Okta IdP instance.
    client_secret str
    Client secret issued by AS for the Okta IdP instance.
    deprovisioned_action str
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    groups_action str
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    groups_assignments Sequence[str]
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    groups_attribute str
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    groups_filters Sequence[str]
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    issuer_mode str
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    max_clock_skew int
    Maximum allowable clock-skew when processing messages from the IdP.
    name str
    The Application's display name.
    profile_master bool
    Determines if the IdP should act as a source of truth for user profile attributes.
    protocol_type str
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    provisioning_action str
    Provisioning action for an IdP user during authentication.
    status str
    Status of the IdP.
    subject_match_attribute str
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    subject_match_type str
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    suspended_action str
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    username_template str
    Okta EL Expression to generate or transform a unique username for the IdP user.
    scopes List<String>
    The scopes of the IdP.
    type String
    The type of Social IdP. See API docs Identity Provider Type
    accountLinkAction String
    Specifies the account linking action for an IdP user.
    accountLinkGroupIncludes List<String>
    Group memberships to determine link candidates.
    appleKid String
    The Key ID that you obtained from Apple when you created the private key for the client.
    applePrivateKey String
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    appleTeamId String
    The Team ID associated with your Apple developer account.
    clientId String
    Unique identifier issued by AS for the Okta IdP instance.
    clientSecret String
    Client secret issued by AS for the Okta IdP instance.
    deprovisionedAction String
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    groupsAction String
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    groupsAssignments List<String>
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    groupsAttribute String
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    groupsFilters List<String>
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    issuerMode String
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    maxClockSkew Number
    Maximum allowable clock-skew when processing messages from the IdP.
    name String
    The Application's display name.
    profileMaster Boolean
    Determines if the IdP should act as a source of truth for user profile attributes.
    protocolType String
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    provisioningAction String
    Provisioning action for an IdP user during authentication.
    status String
    Status of the IdP.
    subjectMatchAttribute String
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    subjectMatchType String
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    suspendedAction String
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    usernameTemplate String
    Okta EL Expression to generate or transform a unique username for the IdP user.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Social resource produces the following output properties:

    AuthorizationBinding string
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    AuthorizationUrl string
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    Id string
    The provider-assigned unique ID for this managed resource.
    TokenBinding string
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    TokenUrl string
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    AuthorizationBinding string
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    AuthorizationUrl string
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    Id string
    The provider-assigned unique ID for this managed resource.
    TokenBinding string
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    TokenUrl string
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    authorizationBinding String
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    authorizationUrl String
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    id String
    The provider-assigned unique ID for this managed resource.
    tokenBinding String
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    tokenUrl String
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    authorizationBinding string
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    authorizationUrl string
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    id string
    The provider-assigned unique ID for this managed resource.
    tokenBinding string
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    tokenUrl string
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    authorization_binding str
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    authorization_url str
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    id str
    The provider-assigned unique ID for this managed resource.
    token_binding str
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    token_url str
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    authorizationBinding String
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    authorizationUrl String
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    id String
    The provider-assigned unique ID for this managed resource.
    tokenBinding String
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    tokenUrl String
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.

    Look up Existing Social Resource

    Get an existing Social resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SocialState, opts?: CustomResourceOptions): Social
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            account_link_action: Optional[str] = None,
            account_link_group_includes: Optional[Sequence[str]] = None,
            apple_kid: Optional[str] = None,
            apple_private_key: Optional[str] = None,
            apple_team_id: Optional[str] = None,
            authorization_binding: Optional[str] = None,
            authorization_url: Optional[str] = None,
            client_id: Optional[str] = None,
            client_secret: Optional[str] = None,
            deprovisioned_action: Optional[str] = None,
            groups_action: Optional[str] = None,
            groups_assignments: Optional[Sequence[str]] = None,
            groups_attribute: Optional[str] = None,
            groups_filters: Optional[Sequence[str]] = None,
            issuer_mode: Optional[str] = None,
            max_clock_skew: Optional[int] = None,
            name: Optional[str] = None,
            profile_master: Optional[bool] = None,
            protocol_type: Optional[str] = None,
            provisioning_action: Optional[str] = None,
            scopes: Optional[Sequence[str]] = None,
            status: Optional[str] = None,
            subject_match_attribute: Optional[str] = None,
            subject_match_type: Optional[str] = None,
            suspended_action: Optional[str] = None,
            token_binding: Optional[str] = None,
            token_url: Optional[str] = None,
            type: Optional[str] = None,
            username_template: Optional[str] = None) -> Social
    func GetSocial(ctx *Context, name string, id IDInput, state *SocialState, opts ...ResourceOption) (*Social, error)
    public static Social Get(string name, Input<string> id, SocialState? state, CustomResourceOptions? opts = null)
    public static Social get(String name, Output<String> id, SocialState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccountLinkAction string
    Specifies the account linking action for an IdP user.
    AccountLinkGroupIncludes List<string>
    Group memberships to determine link candidates.
    AppleKid string
    The Key ID that you obtained from Apple when you created the private key for the client.
    ApplePrivateKey string
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    AppleTeamId string
    The Team ID associated with your Apple developer account.
    AuthorizationBinding string
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    AuthorizationUrl string
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    ClientId string
    Unique identifier issued by AS for the Okta IdP instance.
    ClientSecret string
    Client secret issued by AS for the Okta IdP instance.
    DeprovisionedAction string
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    GroupsAction string
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    GroupsAssignments List<string>
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    GroupsAttribute string
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    GroupsFilters List<string>
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    IssuerMode string
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    MaxClockSkew int
    Maximum allowable clock-skew when processing messages from the IdP.
    Name string
    The Application's display name.
    ProfileMaster bool
    Determines if the IdP should act as a source of truth for user profile attributes.
    ProtocolType string
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    ProvisioningAction string
    Provisioning action for an IdP user during authentication.
    Scopes List<string>
    The scopes of the IdP.
    Status string
    Status of the IdP.
    SubjectMatchAttribute string
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    SubjectMatchType string
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    SuspendedAction string
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    TokenBinding string
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    TokenUrl string
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    Type string
    The type of Social IdP. See API docs Identity Provider Type
    UsernameTemplate string
    Okta EL Expression to generate or transform a unique username for the IdP user.
    AccountLinkAction string
    Specifies the account linking action for an IdP user.
    AccountLinkGroupIncludes []string
    Group memberships to determine link candidates.
    AppleKid string
    The Key ID that you obtained from Apple when you created the private key for the client.
    ApplePrivateKey string
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    AppleTeamId string
    The Team ID associated with your Apple developer account.
    AuthorizationBinding string
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    AuthorizationUrl string
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    ClientId string
    Unique identifier issued by AS for the Okta IdP instance.
    ClientSecret string
    Client secret issued by AS for the Okta IdP instance.
    DeprovisionedAction string
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    GroupsAction string
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    GroupsAssignments []string
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    GroupsAttribute string
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    GroupsFilters []string
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    IssuerMode string
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    MaxClockSkew int
    Maximum allowable clock-skew when processing messages from the IdP.
    Name string
    The Application's display name.
    ProfileMaster bool
    Determines if the IdP should act as a source of truth for user profile attributes.
    ProtocolType string
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    ProvisioningAction string
    Provisioning action for an IdP user during authentication.
    Scopes []string
    The scopes of the IdP.
    Status string
    Status of the IdP.
    SubjectMatchAttribute string
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    SubjectMatchType string
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    SuspendedAction string
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    TokenBinding string
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    TokenUrl string
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    Type string
    The type of Social IdP. See API docs Identity Provider Type
    UsernameTemplate string
    Okta EL Expression to generate or transform a unique username for the IdP user.
    accountLinkAction String
    Specifies the account linking action for an IdP user.
    accountLinkGroupIncludes List<String>
    Group memberships to determine link candidates.
    appleKid String
    The Key ID that you obtained from Apple when you created the private key for the client.
    applePrivateKey String
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    appleTeamId String
    The Team ID associated with your Apple developer account.
    authorizationBinding String
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    authorizationUrl String
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    clientId String
    Unique identifier issued by AS for the Okta IdP instance.
    clientSecret String
    Client secret issued by AS for the Okta IdP instance.
    deprovisionedAction String
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    groupsAction String
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    groupsAssignments List<String>
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    groupsAttribute String
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    groupsFilters List<String>
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    issuerMode String
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    maxClockSkew Integer
    Maximum allowable clock-skew when processing messages from the IdP.
    name String
    The Application's display name.
    profileMaster Boolean
    Determines if the IdP should act as a source of truth for user profile attributes.
    protocolType String
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    provisioningAction String
    Provisioning action for an IdP user during authentication.
    scopes List<String>
    The scopes of the IdP.
    status String
    Status of the IdP.
    subjectMatchAttribute String
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    subjectMatchType String
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    suspendedAction String
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    tokenBinding String
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    tokenUrl String
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    type String
    The type of Social IdP. See API docs Identity Provider Type
    usernameTemplate String
    Okta EL Expression to generate or transform a unique username for the IdP user.
    accountLinkAction string
    Specifies the account linking action for an IdP user.
    accountLinkGroupIncludes string[]
    Group memberships to determine link candidates.
    appleKid string
    The Key ID that you obtained from Apple when you created the private key for the client.
    applePrivateKey string
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    appleTeamId string
    The Team ID associated with your Apple developer account.
    authorizationBinding string
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    authorizationUrl string
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    clientId string
    Unique identifier issued by AS for the Okta IdP instance.
    clientSecret string
    Client secret issued by AS for the Okta IdP instance.
    deprovisionedAction string
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    groupsAction string
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    groupsAssignments string[]
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    groupsAttribute string
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    groupsFilters string[]
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    issuerMode string
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    maxClockSkew number
    Maximum allowable clock-skew when processing messages from the IdP.
    name string
    The Application's display name.
    profileMaster boolean
    Determines if the IdP should act as a source of truth for user profile attributes.
    protocolType string
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    provisioningAction string
    Provisioning action for an IdP user during authentication.
    scopes string[]
    The scopes of the IdP.
    status string
    Status of the IdP.
    subjectMatchAttribute string
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    subjectMatchType string
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    suspendedAction string
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    tokenBinding string
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    tokenUrl string
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    type string
    The type of Social IdP. See API docs Identity Provider Type
    usernameTemplate string
    Okta EL Expression to generate or transform a unique username for the IdP user.
    account_link_action str
    Specifies the account linking action for an IdP user.
    account_link_group_includes Sequence[str]
    Group memberships to determine link candidates.
    apple_kid str
    The Key ID that you obtained from Apple when you created the private key for the client.
    apple_private_key str
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    apple_team_id str
    The Team ID associated with your Apple developer account.
    authorization_binding str
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    authorization_url str
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    client_id str
    Unique identifier issued by AS for the Okta IdP instance.
    client_secret str
    Client secret issued by AS for the Okta IdP instance.
    deprovisioned_action str
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    groups_action str
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    groups_assignments Sequence[str]
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    groups_attribute str
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    groups_filters Sequence[str]
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    issuer_mode str
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    max_clock_skew int
    Maximum allowable clock-skew when processing messages from the IdP.
    name str
    The Application's display name.
    profile_master bool
    Determines if the IdP should act as a source of truth for user profile attributes.
    protocol_type str
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    provisioning_action str
    Provisioning action for an IdP user during authentication.
    scopes Sequence[str]
    The scopes of the IdP.
    status str
    Status of the IdP.
    subject_match_attribute str
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    subject_match_type str
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    suspended_action str
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    token_binding str
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    token_url str
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    type str
    The type of Social IdP. See API docs Identity Provider Type
    username_template str
    Okta EL Expression to generate or transform a unique username for the IdP user.
    accountLinkAction String
    Specifies the account linking action for an IdP user.
    accountLinkGroupIncludes List<String>
    Group memberships to determine link candidates.
    appleKid String
    The Key ID that you obtained from Apple when you created the private key for the client.
    applePrivateKey String
    The Key ID that you obtained from Apple when you created the private key for the client. PrivateKey is required when resource is first created. For all consecutive updates, it can be empty/omitted and keeps the existing value if it is empty/omitted. PrivateKey isn't returned when importing this resource.
    appleTeamId String
    The Team ID associated with your Apple developer account.
    authorizationBinding String
    The method of making an authorization request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    authorizationUrl String
    IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
    clientId String
    Unique identifier issued by AS for the Okta IdP instance.
    clientSecret String
    Client secret issued by AS for the Okta IdP instance.
    deprovisionedAction String
    Action for a previously deprovisioned IdP user during authentication. Can be "NONE" or "REACTIVATE".
    groupsAction String
    Provisioning action for IdP user's group memberships. It can be "NONE", "SYNC", "APPEND", or "ASSIGN".
    groupsAssignments List<String>
    List of Okta Group IDs to add an IdP user as a member with the "ASSIGN" groups_action.
    groupsAttribute String
    IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
    groupsFilters List<String>
    Whitelist of Okta Group identifiers that are allowed for the "APPEND" or "SYNC" groups_action.
    issuerMode String
    Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL. It can be "ORG_URL" or "CUSTOM_URL".
    maxClockSkew Number
    Maximum allowable clock-skew when processing messages from the IdP.
    name String
    The Application's display name.
    profileMaster Boolean
    Determines if the IdP should act as a source of truth for user profile attributes.
    protocolType String
    The type of protocol to use. It can be "OIDC" or "OAUTH2".
    provisioningAction String
    Provisioning action for an IdP user during authentication.
    scopes List<String>
    The scopes of the IdP.
    status String
    Status of the IdP.
    subjectMatchAttribute String
    Okta user profile attribute for matching transformed IdP username. Only for matchType "CUSTOM_ATTRIBUTE".
    subjectMatchType String
    Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. By default, it is set to "USERNAME". It can be set to "USERNAME", "EMAIL", "USERNAME_OR_EMAIL" or "CUSTOM_ATTRIBUTE".
    suspendedAction String
    Action for a previously suspended IdP user during authentication. Can be set to "NONE" or "UNSUSPEND"
    tokenBinding String
    The method of making a token request. It can be set to "HTTP-POST" or "HTTP-REDIRECT".
    tokenUrl String
    IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
    type String
    The type of Social IdP. See API docs Identity Provider Type
    usernameTemplate String
    Okta EL Expression to generate or transform a unique username for the IdP user.

    Import

    A Social IdP can be imported via the Okta ID.

    $ pulumi import okta:idp/social:Social example &#60;idp id&#62;
    

    Package Details

    Repository
    Okta pulumi/pulumi-okta
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the okta Terraform Provider.
    okta logo
    Okta v4.8.0 published on Saturday, Mar 2, 2024 by Pulumi