1. Packages
  2. onelogin
  3. API Docs
  4. App
onelogin v0.6.2 published on Monday, Mar 11, 2024 by Pulumi

onelogin.App

Explore with Pulumi AI

onelogin logo
onelogin v0.6.2 published on Monday, Mar 11, 2024 by Pulumi

    Create App Resource

    new App(name: string, args: AppArgs, opts?: CustomResourceOptions);
    @overload
    def App(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            allow_assumed_signin: Optional[bool] = None,
            auth_method: Optional[int] = None,
            auth_method_description: Optional[str] = None,
            brand_id: Optional[int] = None,
            configuration: Optional[AppConfigurationArgs] = None,
            connector_id: Optional[int] = None,
            created_at: Optional[str] = None,
            description: Optional[str] = None,
            enforcement_point: Optional[AppEnforcementPointArgs] = None,
            icon_url: Optional[str] = None,
            login_config: Optional[int] = None,
            name: Optional[str] = None,
            notes: Optional[str] = None,
            parameters: Optional[AppParametersArgs] = None,
            policy_id: Optional[int] = None,
            provisioning: Optional[AppProvisioningArgs] = None,
            role_ids: Optional[Sequence[int]] = None,
            sso: Optional[AppSsoArgs] = None,
            tab_id: Optional[int] = None,
            updated_at: Optional[str] = None,
            visible: Optional[bool] = None)
    @overload
    def App(resource_name: str,
            args: AppArgs,
            opts: Optional[ResourceOptions] = None)
    func NewApp(ctx *Context, name string, args AppArgs, opts ...ResourceOption) (*App, error)
    public App(string name, AppArgs args, CustomResourceOptions? opts = null)
    public App(String name, AppArgs args)
    public App(String name, AppArgs args, CustomResourceOptions options)
    
    type: onelogin:App
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AppArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AppArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AppArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AppArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AppArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    App Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The App resource accepts the following input properties:

    ConnectorId int
    ID of the connector to base the app from.
    AllowAssumedSignin bool
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    AuthMethod int
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    AuthMethodDescription string
    BrandId int
    Configuration AppConfiguration
    Only apply configurations that are applicable to the type of app
    CreatedAt string
    the date the app was created
    Description string
    Freeform description of the app.
    EnforcementPoint AppEnforcementPoint
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    IconUrl string
    A link to the apps icon url
    LoginConfig int
    Name string
    The name of the app.
    Notes string
    Freeform notes about the app.
    Parameters AppParameters
    PolicyId int
    The security policy assigned to the app.
    Provisioning AppProvisioning
    Indicates if provisioning is enabled for this app.
    RoleIds List<int>
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    Sso AppSso
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    TabId int
    ID of the OneLogin portal tab that the app is assigned to.
    UpdatedAt string
    the date the app was last updated
    Visible bool
    Indicates if the app is visible in the OneLogin portal.
    ConnectorId int
    ID of the connector to base the app from.
    AllowAssumedSignin bool
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    AuthMethod int
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    AuthMethodDescription string
    BrandId int
    Configuration AppConfigurationArgs
    Only apply configurations that are applicable to the type of app
    CreatedAt string
    the date the app was created
    Description string
    Freeform description of the app.
    EnforcementPoint AppEnforcementPointArgs
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    IconUrl string
    A link to the apps icon url
    LoginConfig int
    Name string
    The name of the app.
    Notes string
    Freeform notes about the app.
    Parameters AppParametersArgs
    PolicyId int
    The security policy assigned to the app.
    Provisioning AppProvisioningArgs
    Indicates if provisioning is enabled for this app.
    RoleIds []int
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    Sso AppSsoArgs
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    TabId int
    ID of the OneLogin portal tab that the app is assigned to.
    UpdatedAt string
    the date the app was last updated
    Visible bool
    Indicates if the app is visible in the OneLogin portal.
    connectorId Integer
    ID of the connector to base the app from.
    allowAssumedSignin Boolean
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    authMethod Integer
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    authMethodDescription String
    brandId Integer
    configuration AppConfiguration
    Only apply configurations that are applicable to the type of app
    createdAt String
    the date the app was created
    description String
    Freeform description of the app.
    enforcementPoint AppEnforcementPoint
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    iconUrl String
    A link to the apps icon url
    loginConfig Integer
    name String
    The name of the app.
    notes String
    Freeform notes about the app.
    parameters AppParameters
    policyId Integer
    The security policy assigned to the app.
    provisioning AppProvisioning
    Indicates if provisioning is enabled for this app.
    roleIds List<Integer>
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    sso AppSso
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    tabId Integer
    ID of the OneLogin portal tab that the app is assigned to.
    updatedAt String
    the date the app was last updated
    visible Boolean
    Indicates if the app is visible in the OneLogin portal.
    connectorId number
    ID of the connector to base the app from.
    allowAssumedSignin boolean
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    authMethod number
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    authMethodDescription string
    brandId number
    configuration AppConfiguration
    Only apply configurations that are applicable to the type of app
    createdAt string
    the date the app was created
    description string
    Freeform description of the app.
    enforcementPoint AppEnforcementPoint
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    iconUrl string
    A link to the apps icon url
    loginConfig number
    name string
    The name of the app.
    notes string
    Freeform notes about the app.
    parameters AppParameters
    policyId number
    The security policy assigned to the app.
    provisioning AppProvisioning
    Indicates if provisioning is enabled for this app.
    roleIds number[]
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    sso AppSso
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    tabId number
    ID of the OneLogin portal tab that the app is assigned to.
    updatedAt string
    the date the app was last updated
    visible boolean
    Indicates if the app is visible in the OneLogin portal.
    connector_id int
    ID of the connector to base the app from.
    allow_assumed_signin bool
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    auth_method int
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    auth_method_description str
    brand_id int
    configuration AppConfigurationArgs
    Only apply configurations that are applicable to the type of app
    created_at str
    the date the app was created
    description str
    Freeform description of the app.
    enforcement_point AppEnforcementPointArgs
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    icon_url str
    A link to the apps icon url
    login_config int
    name str
    The name of the app.
    notes str
    Freeform notes about the app.
    parameters AppParametersArgs
    policy_id int
    The security policy assigned to the app.
    provisioning AppProvisioningArgs
    Indicates if provisioning is enabled for this app.
    role_ids Sequence[int]
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    sso AppSsoArgs
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    tab_id int
    ID of the OneLogin portal tab that the app is assigned to.
    updated_at str
    the date the app was last updated
    visible bool
    Indicates if the app is visible in the OneLogin portal.
    connectorId Number
    ID of the connector to base the app from.
    allowAssumedSignin Boolean
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    authMethod Number
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    authMethodDescription String
    brandId Number
    configuration Property Map
    Only apply configurations that are applicable to the type of app
    createdAt String
    the date the app was created
    description String
    Freeform description of the app.
    enforcementPoint Property Map
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    iconUrl String
    A link to the apps icon url
    loginConfig Number
    name String
    The name of the app.
    notes String
    Freeform notes about the app.
    parameters Property Map
    policyId Number
    The security policy assigned to the app.
    provisioning Property Map
    Indicates if provisioning is enabled for this app.
    roleIds List<Number>
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    sso Property Map
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    tabId Number
    ID of the OneLogin portal tab that the app is assigned to.
    updatedAt String
    the date the app was last updated
    visible Boolean
    Indicates if the app is visible in the OneLogin portal.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the App resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing App Resource

    Get an existing App resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AppState, opts?: CustomResourceOptions): App
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            allow_assumed_signin: Optional[bool] = None,
            auth_method: Optional[int] = None,
            auth_method_description: Optional[str] = None,
            brand_id: Optional[int] = None,
            configuration: Optional[AppConfigurationArgs] = None,
            connector_id: Optional[int] = None,
            created_at: Optional[str] = None,
            description: Optional[str] = None,
            enforcement_point: Optional[AppEnforcementPointArgs] = None,
            icon_url: Optional[str] = None,
            login_config: Optional[int] = None,
            name: Optional[str] = None,
            notes: Optional[str] = None,
            parameters: Optional[AppParametersArgs] = None,
            policy_id: Optional[int] = None,
            provisioning: Optional[AppProvisioningArgs] = None,
            role_ids: Optional[Sequence[int]] = None,
            sso: Optional[AppSsoArgs] = None,
            tab_id: Optional[int] = None,
            updated_at: Optional[str] = None,
            visible: Optional[bool] = None) -> App
    func GetApp(ctx *Context, name string, id IDInput, state *AppState, opts ...ResourceOption) (*App, error)
    public static App Get(string name, Input<string> id, AppState? state, CustomResourceOptions? opts = null)
    public static App get(String name, Output<String> id, AppState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AllowAssumedSignin bool
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    AuthMethod int
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    AuthMethodDescription string
    BrandId int
    Configuration AppConfiguration
    Only apply configurations that are applicable to the type of app
    ConnectorId int
    ID of the connector to base the app from.
    CreatedAt string
    the date the app was created
    Description string
    Freeform description of the app.
    EnforcementPoint AppEnforcementPoint
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    IconUrl string
    A link to the apps icon url
    LoginConfig int
    Name string
    The name of the app.
    Notes string
    Freeform notes about the app.
    Parameters AppParameters
    PolicyId int
    The security policy assigned to the app.
    Provisioning AppProvisioning
    Indicates if provisioning is enabled for this app.
    RoleIds List<int>
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    Sso AppSso
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    TabId int
    ID of the OneLogin portal tab that the app is assigned to.
    UpdatedAt string
    the date the app was last updated
    Visible bool
    Indicates if the app is visible in the OneLogin portal.
    AllowAssumedSignin bool
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    AuthMethod int
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    AuthMethodDescription string
    BrandId int
    Configuration AppConfigurationArgs
    Only apply configurations that are applicable to the type of app
    ConnectorId int
    ID of the connector to base the app from.
    CreatedAt string
    the date the app was created
    Description string
    Freeform description of the app.
    EnforcementPoint AppEnforcementPointArgs
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    IconUrl string
    A link to the apps icon url
    LoginConfig int
    Name string
    The name of the app.
    Notes string
    Freeform notes about the app.
    Parameters AppParametersArgs
    PolicyId int
    The security policy assigned to the app.
    Provisioning AppProvisioningArgs
    Indicates if provisioning is enabled for this app.
    RoleIds []int
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    Sso AppSsoArgs
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    TabId int
    ID of the OneLogin portal tab that the app is assigned to.
    UpdatedAt string
    the date the app was last updated
    Visible bool
    Indicates if the app is visible in the OneLogin portal.
    allowAssumedSignin Boolean
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    authMethod Integer
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    authMethodDescription String
    brandId Integer
    configuration AppConfiguration
    Only apply configurations that are applicable to the type of app
    connectorId Integer
    ID of the connector to base the app from.
    createdAt String
    the date the app was created
    description String
    Freeform description of the app.
    enforcementPoint AppEnforcementPoint
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    iconUrl String
    A link to the apps icon url
    loginConfig Integer
    name String
    The name of the app.
    notes String
    Freeform notes about the app.
    parameters AppParameters
    policyId Integer
    The security policy assigned to the app.
    provisioning AppProvisioning
    Indicates if provisioning is enabled for this app.
    roleIds List<Integer>
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    sso AppSso
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    tabId Integer
    ID of the OneLogin portal tab that the app is assigned to.
    updatedAt String
    the date the app was last updated
    visible Boolean
    Indicates if the app is visible in the OneLogin portal.
    allowAssumedSignin boolean
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    authMethod number
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    authMethodDescription string
    brandId number
    configuration AppConfiguration
    Only apply configurations that are applicable to the type of app
    connectorId number
    ID of the connector to base the app from.
    createdAt string
    the date the app was created
    description string
    Freeform description of the app.
    enforcementPoint AppEnforcementPoint
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    iconUrl string
    A link to the apps icon url
    loginConfig number
    name string
    The name of the app.
    notes string
    Freeform notes about the app.
    parameters AppParameters
    policyId number
    The security policy assigned to the app.
    provisioning AppProvisioning
    Indicates if provisioning is enabled for this app.
    roleIds number[]
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    sso AppSso
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    tabId number
    ID of the OneLogin portal tab that the app is assigned to.
    updatedAt string
    the date the app was last updated
    visible boolean
    Indicates if the app is visible in the OneLogin portal.
    allow_assumed_signin bool
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    auth_method int
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    auth_method_description str
    brand_id int
    configuration AppConfigurationArgs
    Only apply configurations that are applicable to the type of app
    connector_id int
    ID of the connector to base the app from.
    created_at str
    the date the app was created
    description str
    Freeform description of the app.
    enforcement_point AppEnforcementPointArgs
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    icon_url str
    A link to the apps icon url
    login_config int
    name str
    The name of the app.
    notes str
    Freeform notes about the app.
    parameters AppParametersArgs
    policy_id int
    The security policy assigned to the app.
    provisioning AppProvisioningArgs
    Indicates if provisioning is enabled for this app.
    role_ids Sequence[int]
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    sso AppSsoArgs
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    tab_id int
    ID of the OneLogin portal tab that the app is assigned to.
    updated_at str
    the date the app was last updated
    visible bool
    Indicates if the app is visible in the OneLogin portal.
    allowAssumedSignin Boolean
    Indicates whether or not administrators can access the app as a user that they have assumed control over.
    authMethod Number
    An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
    authMethodDescription String
    brandId Number
    configuration Property Map
    Only apply configurations that are applicable to the type of app
    connectorId Number
    ID of the connector to base the app from.
    createdAt String
    the date the app was created
    description String
    Freeform description of the app.
    enforcementPoint Property Map
    For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
    iconUrl String
    A link to the apps icon url
    loginConfig Number
    name String
    The name of the app.
    notes String
    Freeform notes about the app.
    parameters Property Map
    policyId Number
    The security policy assigned to the app.
    provisioning Property Map
    Indicates if provisioning is enabled for this app.
    roleIds List<Number>
    List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
    sso Property Map
    The attributes included in the sso section are determined by the type of app. All of the attributes of the sso object are read only.
    tabId Number
    ID of the OneLogin portal tab that the app is assigned to.
    updatedAt String
    the date the app was last updated
    visible Boolean
    Indicates if the app is visible in the OneLogin portal.

    Supporting Types

    AppConfiguration, AppConfigurationArgs

    AccessTokenExpirationMinutes int
    OIDC Apps only Number of minutes the refresh token will be valid for.
    LoginUrl string
    OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
    OidcApiVersion string
    OidcApplicationType int
    OIDC Apps Only

    • 0: Web
    • 1: Native/Mobile
    OidcEncryptionKey string
    OIDC Apps only
    PostLogoutRedirectUri string
    OIDC Apps only
    RedirectUri string
    OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
    RefreshTokenExpirationMinutes int
    Number of minutes the refresh token will be valid for.
    TokenEndpointAuthMethod int
    OIDC Apps only

    • 0: Basic
    • 1: POST
    • 2: None / PKCE
    AccessTokenExpirationMinutes int
    OIDC Apps only Number of minutes the refresh token will be valid for.
    LoginUrl string
    OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
    OidcApiVersion string
    OidcApplicationType int
    OIDC Apps Only

    • 0: Web
    • 1: Native/Mobile
    OidcEncryptionKey string
    OIDC Apps only
    PostLogoutRedirectUri string
    OIDC Apps only
    RedirectUri string
    OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
    RefreshTokenExpirationMinutes int
    Number of minutes the refresh token will be valid for.
    TokenEndpointAuthMethod int
    OIDC Apps only

    • 0: Basic
    • 1: POST
    • 2: None / PKCE
    accessTokenExpirationMinutes Integer
    OIDC Apps only Number of minutes the refresh token will be valid for.
    loginUrl String
    OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
    oidcApiVersion String
    oidcApplicationType Integer
    OIDC Apps Only

    • 0: Web
    • 1: Native/Mobile
    oidcEncryptionKey String
    OIDC Apps only
    postLogoutRedirectUri String
    OIDC Apps only
    redirectUri String
    OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
    refreshTokenExpirationMinutes Integer
    Number of minutes the refresh token will be valid for.
    tokenEndpointAuthMethod Integer
    OIDC Apps only

    • 0: Basic
    • 1: POST
    • 2: None / PKCE
    accessTokenExpirationMinutes number
    OIDC Apps only Number of minutes the refresh token will be valid for.
    loginUrl string
    OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
    oidcApiVersion string
    oidcApplicationType number
    OIDC Apps Only

    • 0: Web
    • 1: Native/Mobile
    oidcEncryptionKey string
    OIDC Apps only
    postLogoutRedirectUri string
    OIDC Apps only
    redirectUri string
    OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
    refreshTokenExpirationMinutes number
    Number of minutes the refresh token will be valid for.
    tokenEndpointAuthMethod number
    OIDC Apps only

    • 0: Basic
    • 1: POST
    • 2: None / PKCE
    access_token_expiration_minutes int
    OIDC Apps only Number of minutes the refresh token will be valid for.
    login_url str
    OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
    oidc_api_version str
    oidc_application_type int
    OIDC Apps Only

    • 0: Web
    • 1: Native/Mobile
    oidc_encryption_key str
    OIDC Apps only
    post_logout_redirect_uri str
    OIDC Apps only
    redirect_uri str
    OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
    refresh_token_expiration_minutes int
    Number of minutes the refresh token will be valid for.
    token_endpoint_auth_method int
    OIDC Apps only

    • 0: Basic
    • 1: POST
    • 2: None / PKCE
    accessTokenExpirationMinutes Number
    OIDC Apps only Number of minutes the refresh token will be valid for.
    loginUrl String
    OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
    oidcApiVersion String
    oidcApplicationType Number
    OIDC Apps Only

    • 0: Web
    • 1: Native/Mobile
    oidcEncryptionKey String
    OIDC Apps only
    postLogoutRedirectUri String
    OIDC Apps only
    redirectUri String
    OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
    refreshTokenExpirationMinutes Number
    Number of minutes the refresh token will be valid for.
    tokenEndpointAuthMethod Number
    OIDC Apps only

    • 0: Basic
    • 1: POST
    • 2: None / PKCE

    AppEnforcementPoint, AppEnforcementPointArgs

    CaseSensitive bool
    The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
    Conditions string
    If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
    ContextRoot string
    The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
    LandingPage string
    The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
    Permissions string
    Specify to always allow, deny access to resources, of if access is conditional.
    RequireSitewideAuthentication bool
    Require user authentication to access any resource protected by this enforcement point.
    Resources List<AppEnforcementPointResource>
    Array of resource objects
    SessionExpiryFixed AppEnforcementPointSessionExpiryFixed
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    SessionExpiryInactivity AppEnforcementPointSessionExpiryInactivity
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    Target string
    A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
    Token string
    Can only be set on create. Access Gateway Token.
    UseTargetHostHeader bool
    Use the target host header as opposed to the original gateway or upstream host header.
    Vhost string
    A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
    CaseSensitive bool
    The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
    Conditions string
    If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
    ContextRoot string
    The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
    LandingPage string
    The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
    Permissions string
    Specify to always allow, deny access to resources, of if access is conditional.
    RequireSitewideAuthentication bool
    Require user authentication to access any resource protected by this enforcement point.
    Resources []AppEnforcementPointResource
    Array of resource objects
    SessionExpiryFixed AppEnforcementPointSessionExpiryFixed
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    SessionExpiryInactivity AppEnforcementPointSessionExpiryInactivity
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    Target string
    A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
    Token string
    Can only be set on create. Access Gateway Token.
    UseTargetHostHeader bool
    Use the target host header as opposed to the original gateway or upstream host header.
    Vhost string
    A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
    caseSensitive Boolean
    The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
    conditions String
    If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
    contextRoot String
    The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
    landingPage String
    The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
    permissions String
    Specify to always allow, deny access to resources, of if access is conditional.
    requireSitewideAuthentication Boolean
    Require user authentication to access any resource protected by this enforcement point.
    resources List<AppEnforcementPointResource>
    Array of resource objects
    sessionExpiryFixed AppEnforcementPointSessionExpiryFixed
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    sessionExpiryInactivity AppEnforcementPointSessionExpiryInactivity
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    target String
    A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
    token String
    Can only be set on create. Access Gateway Token.
    useTargetHostHeader Boolean
    Use the target host header as opposed to the original gateway or upstream host header.
    vhost String
    A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
    caseSensitive boolean
    The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
    conditions string
    If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
    contextRoot string
    The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
    landingPage string
    The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
    permissions string
    Specify to always allow, deny access to resources, of if access is conditional.
    requireSitewideAuthentication boolean
    Require user authentication to access any resource protected by this enforcement point.
    resources AppEnforcementPointResource[]
    Array of resource objects
    sessionExpiryFixed AppEnforcementPointSessionExpiryFixed
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    sessionExpiryInactivity AppEnforcementPointSessionExpiryInactivity
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    target string
    A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
    token string
    Can only be set on create. Access Gateway Token.
    useTargetHostHeader boolean
    Use the target host header as opposed to the original gateway or upstream host header.
    vhost string
    A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
    case_sensitive bool
    The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
    conditions str
    If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
    context_root str
    The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
    landing_page str
    The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
    permissions str
    Specify to always allow, deny access to resources, of if access is conditional.
    require_sitewide_authentication bool
    Require user authentication to access any resource protected by this enforcement point.
    resources Sequence[AppEnforcementPointResource]
    Array of resource objects
    session_expiry_fixed AppEnforcementPointSessionExpiryFixed
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    session_expiry_inactivity AppEnforcementPointSessionExpiryInactivity
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    target str
    A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
    token str
    Can only be set on create. Access Gateway Token.
    use_target_host_header bool
    Use the target host header as opposed to the original gateway or upstream host header.
    vhost str
    A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
    caseSensitive Boolean
    The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
    conditions String
    If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
    contextRoot String
    The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
    landingPage String
    The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
    permissions String
    Specify to always allow, deny access to resources, of if access is conditional.
    requireSitewideAuthentication Boolean
    Require user authentication to access any resource protected by this enforcement point.
    resources List<Property Map>
    Array of resource objects
    sessionExpiryFixed Property Map
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    sessionExpiryInactivity Property Map
    unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
    target String
    A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
    token String
    Can only be set on create. Access Gateway Token.
    useTargetHostHeader Boolean
    Use the target host header as opposed to the original gateway or upstream host header.
    vhost String
    A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.

    AppEnforcementPointResource, AppEnforcementPointResourceArgs

    Conditions string
    required if permission == "conditions"
    IsPathRegex bool
    Path string
    Permission string
    RequireAuth bool
    Conditions string
    required if permission == "conditions"
    IsPathRegex bool
    Path string
    Permission string
    RequireAuth bool
    conditions String
    required if permission == "conditions"
    isPathRegex Boolean
    path String
    permission String
    requireAuth Boolean
    conditions string
    required if permission == "conditions"
    isPathRegex boolean
    path string
    permission string
    requireAuth boolean
    conditions str
    required if permission == "conditions"
    is_path_regex bool
    path str
    permission str
    require_auth bool
    conditions String
    required if permission == "conditions"
    isPathRegex Boolean
    path String
    permission String
    requireAuth Boolean

    AppEnforcementPointSessionExpiryFixed, AppEnforcementPointSessionExpiryFixedArgs

    Unit int
    Value int
    Unit int
    Value int
    unit Integer
    value Integer
    unit number
    value number
    unit int
    value int
    unit Number
    value Number

    AppEnforcementPointSessionExpiryInactivity, AppEnforcementPointSessionExpiryInactivityArgs

    Unit int
    Value int
    Unit int
    Value int
    unit Integer
    value Integer
    unit number
    value number
    unit int
    value int
    unit Number
    value Number

    AppParameters, AppParametersArgs

    AppParametersGroups, AppParametersGroupsArgs

    AppProvisioning, AppProvisioningArgs

    Enabled bool
    Status string
    Enabled bool
    Status string
    enabled Boolean
    status String
    enabled boolean
    status string
    enabled bool
    status str
    enabled Boolean
    status String

    AppSso, AppSsoArgs

    AcsUrl string
    App Name. This is only returned after Creating a SAML App.
    Certificate AppSsoCertificate
    The certificate used for signing. This is only returned after Creating a SAML App.
    ClientId string
    The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
    ClientSecret string
    OpenId Connet Client Secret
    Issuer string
    Issuer of app. This is only returned after Creating a SAML App.
    MetadataUrl string
    ID of the apps underlying connector. This is only returned after Creating a SAML App.
    AcsUrl string
    App Name. This is only returned after Creating a SAML App.
    Certificate AppSsoCertificate
    The certificate used for signing. This is only returned after Creating a SAML App.
    ClientId string
    The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
    ClientSecret string
    OpenId Connet Client Secret
    Issuer string
    Issuer of app. This is only returned after Creating a SAML App.
    MetadataUrl string
    ID of the apps underlying connector. This is only returned after Creating a SAML App.
    acsUrl String
    App Name. This is only returned after Creating a SAML App.
    certificate AppSsoCertificate
    The certificate used for signing. This is only returned after Creating a SAML App.
    clientId String
    The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
    clientSecret String
    OpenId Connet Client Secret
    issuer String
    Issuer of app. This is only returned after Creating a SAML App.
    metadataUrl String
    ID of the apps underlying connector. This is only returned after Creating a SAML App.
    acsUrl string
    App Name. This is only returned after Creating a SAML App.
    certificate AppSsoCertificate
    The certificate used for signing. This is only returned after Creating a SAML App.
    clientId string
    The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
    clientSecret string
    OpenId Connet Client Secret
    issuer string
    Issuer of app. This is only returned after Creating a SAML App.
    metadataUrl string
    ID of the apps underlying connector. This is only returned after Creating a SAML App.
    acs_url str
    App Name. This is only returned after Creating a SAML App.
    certificate AppSsoCertificate
    The certificate used for signing. This is only returned after Creating a SAML App.
    client_id str
    The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
    client_secret str
    OpenId Connet Client Secret
    issuer str
    Issuer of app. This is only returned after Creating a SAML App.
    metadata_url str
    ID of the apps underlying connector. This is only returned after Creating a SAML App.
    acsUrl String
    App Name. This is only returned after Creating a SAML App.
    certificate Property Map
    The certificate used for signing. This is only returned after Creating a SAML App.
    clientId String
    The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
    clientSecret String
    OpenId Connet Client Secret
    issuer String
    Issuer of app. This is only returned after Creating a SAML App.
    metadataUrl String
    ID of the apps underlying connector. This is only returned after Creating a SAML App.

    AppSsoCertificate, AppSsoCertificateArgs

    Id int
    Name string
    Value string
    Id int
    Name string
    Value string
    id Integer
    name String
    value String
    id number
    name string
    value string
    id int
    name str
    value str
    id Number
    name String
    value String

    Package Details

    Repository
    onelogin pulumi/pulumi-onelogin
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the onelogin Terraform Provider.
    onelogin logo
    onelogin v0.6.2 published on Monday, Mar 11, 2024 by Pulumi