Come join Pulumi for the industry's first Cloud Engineering Summit! October 7–8. Save Your Spot

deprecated

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-okta repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-okta repo.

class pulumi_okta.deprecated.AuthLoginApp(resource_name, opts=None, accessibility_error_redirect_url=None, accessibility_self_service=None, auto_submit_toolbar=None, credentials_scheme=None, groups=None, hide_ios=None, hide_web=None, label=None, preconfigured_app=None, reveal_password=None, shared_password=None, shared_username=None, sign_on_redirect_url=None, sign_on_url=None, status=None, users=None, __props__=None, __name__=None, __opts__=None)

Create a AuthLoginApp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] accessibility_error_redirect_url: Custom error page URL :param pulumi.Input[bool] accessibility_self_service: Enable self service :param pulumi.Input[bool] auto_submit_toolbar: Display auto submit toolbar :param pulumi.Input[str] credentials_scheme: Application credentials scheme :param pulumi.Input[list] groups: Groups associated with the application :param pulumi.Input[bool] hide_ios: Do not display application icon on mobile app :param pulumi.Input[bool] hide_web: Do not display application icon to users :param pulumi.Input[str] label: Pretty name of app. :param pulumi.Input[str] preconfigured_app: Preconfigured app name :param pulumi.Input[bool] reveal_password: Allow user to reveal password :param pulumi.Input[str] shared_password: Shared password, required for certain schemes. :param pulumi.Input[str] shared_username: Shared username, required for certain schemes. :param pulumi.Input[str] sign_on_redirect_url: Post login redirect URL :param pulumi.Input[str] sign_on_url: Login URL :param pulumi.Input[str] status: Status of application. :param pulumi.Input[list] users: Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

accessibility_error_redirect_url: pulumi.Output[str] = None

Custom error page URL

accessibility_self_service: pulumi.Output[bool] = None

Enable self service

auto_submit_toolbar: pulumi.Output[bool] = None

Display auto submit toolbar

credentials_scheme: pulumi.Output[str] = None

Application credentials scheme

groups: pulumi.Output[list] = None

Groups associated with the application

hide_ios: pulumi.Output[bool] = None

Do not display application icon on mobile app

hide_web: pulumi.Output[bool] = None

Do not display application icon to users

label: pulumi.Output[str] = None

Pretty name of app.

name: pulumi.Output[str] = None

name of app.

preconfigured_app: pulumi.Output[str] = None

Preconfigured app name

reveal_password: pulumi.Output[bool] = None

Allow user to reveal password

shared_password: pulumi.Output[str] = None

Shared password, required for certain schemes.

shared_username: pulumi.Output[str] = None

Shared username, required for certain schemes.

sign_on_mode: pulumi.Output[str] = None

Sign on mode of application.

sign_on_redirect_url: pulumi.Output[str] = None

Post login redirect URL

sign_on_url: pulumi.Output[str] = None

Login URL

status: pulumi.Output[str] = None

Status of application.

user_name_template: pulumi.Output[str] = None

Username template

user_name_template_type: pulumi.Output[str] = None

Username template type

users: pulumi.Output[list] = None

Users associated with the application

  • id (str)

  • password (str)

  • scope (str)

  • username (str)

static get(resource_name, id, opts=None, accessibility_error_redirect_url=None, accessibility_self_service=None, auto_submit_toolbar=None, credentials_scheme=None, groups=None, hide_ios=None, hide_web=None, label=None, name=None, preconfigured_app=None, reveal_password=None, shared_password=None, shared_username=None, sign_on_mode=None, sign_on_redirect_url=None, sign_on_url=None, status=None, user_name_template=None, user_name_template_type=None, users=None)

Get an existing AuthLoginApp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • accessibility_error_redirect_url (pulumi.Input[str]) – Custom error page URL

  • accessibility_self_service (pulumi.Input[bool]) – Enable self service

  • auto_submit_toolbar (pulumi.Input[bool]) – Display auto submit toolbar

  • credentials_scheme (pulumi.Input[str]) – Application credentials scheme

  • groups (pulumi.Input[list]) – Groups associated with the application

  • hide_ios (pulumi.Input[bool]) – Do not display application icon on mobile app

  • hide_web (pulumi.Input[bool]) – Do not display application icon to users

  • label (pulumi.Input[str]) – Pretty name of app.

  • name (pulumi.Input[str]) – name of app.

  • preconfigured_app (pulumi.Input[str]) – Preconfigured app name

  • reveal_password (pulumi.Input[bool]) – Allow user to reveal password

  • shared_password (pulumi.Input[str]) – Shared password, required for certain schemes.

  • shared_username (pulumi.Input[str]) – Shared username, required for certain schemes.

  • sign_on_mode (pulumi.Input[str]) – Sign on mode of application.

  • sign_on_redirect_url (pulumi.Input[str]) – Post login redirect URL

  • sign_on_url (pulumi.Input[str]) – Login URL

  • status (pulumi.Input[str]) – Status of application.

  • user_name_template (pulumi.Input[str]) – Username template

  • user_name_template_type (pulumi.Input[str]) – Username template type

  • users (pulumi.Input[list]) – Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.AwaitableGetDefaultPoliciesResult(id=None, type=None)
class pulumi_okta.deprecated.BookmarkApp(resource_name, opts=None, auto_submit_toolbar=None, groups=None, hide_ios=None, hide_web=None, label=None, request_integration=None, status=None, url=None, users=None, __props__=None, __name__=None, __opts__=None)

Create a BookmarkApp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] auto_submit_toolbar: Display auto submit toolbar :param pulumi.Input[list] groups: Groups associated with the application :param pulumi.Input[bool] hide_ios: Do not display application icon on mobile app :param pulumi.Input[bool] hide_web: Do not display application icon to users :param pulumi.Input[str] label: Pretty name of app. :param pulumi.Input[str] status: Status of application. :param pulumi.Input[list] users: Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

auto_submit_toolbar: pulumi.Output[bool] = None

Display auto submit toolbar

groups: pulumi.Output[list] = None

Groups associated with the application

hide_ios: pulumi.Output[bool] = None

Do not display application icon on mobile app

hide_web: pulumi.Output[bool] = None

Do not display application icon to users

label: pulumi.Output[str] = None

Pretty name of app.

name: pulumi.Output[str] = None

name of app.

sign_on_mode: pulumi.Output[str] = None

Sign on mode of application.

status: pulumi.Output[str] = None

Status of application.

users: pulumi.Output[list] = None

Users associated with the application

  • id (str)

  • password (str)

  • scope (str)

  • username (str)

static get(resource_name, id, opts=None, auto_submit_toolbar=None, groups=None, hide_ios=None, hide_web=None, label=None, name=None, request_integration=None, sign_on_mode=None, status=None, url=None, users=None)

Get an existing BookmarkApp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auto_submit_toolbar (pulumi.Input[bool]) – Display auto submit toolbar

  • groups (pulumi.Input[list]) – Groups associated with the application

  • hide_ios (pulumi.Input[bool]) – Do not display application icon on mobile app

  • hide_web (pulumi.Input[bool]) – Do not display application icon to users

  • label (pulumi.Input[str]) – Pretty name of app.

  • name (pulumi.Input[str]) – name of app.

  • sign_on_mode (pulumi.Input[str]) – Sign on mode of application.

  • status (pulumi.Input[str]) – Status of application.

  • users (pulumi.Input[list]) – Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.GetDefaultPoliciesResult(id=None, type=None)

A collection of values returned by getDefaultPolicies.

id = None

The provider-assigned unique ID for this managed resource.

class pulumi_okta.deprecated.Idp(resource_name, opts=None, account_link_action=None, account_link_group_includes=None, acs_binding=None, acs_type=None, authorization_binding=None, authorization_url=None, client_id=None, client_secret=None, deprovisioned_action=None, groups_action=None, groups_assignments=None, groups_attribute=None, groups_filters=None, issuer_mode=None, issuer_url=None, jwks_binding=None, jwks_url=None, max_clock_skew=None, name=None, profile_master=None, protocol_type=None, provisioning_action=None, request_signature_algorithm=None, request_signature_scope=None, response_signature_algorithm=None, response_signature_scope=None, scopes=None, status=None, subject_match_attribute=None, subject_match_type=None, suspended_action=None, token_binding=None, token_url=None, user_info_binding=None, user_info_url=None, username_template=None, __props__=None, __name__=None, __opts__=None)

Create a Idp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] issuer_mode: Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL :param pulumi.Input[str] name: name of idp :param pulumi.Input[str] request_signature_algorithm: algorithm to use to sign requests :param pulumi.Input[str] request_signature_scope: algorithm to use to sign response :param pulumi.Input[str] response_signature_algorithm: algorithm to use to sign requests :param pulumi.Input[str] response_signature_scope: algorithm to use to sign response

issuer_mode: pulumi.Output[str] = None

Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL

name: pulumi.Output[str] = None

name of idp

request_signature_algorithm: pulumi.Output[str] = None

algorithm to use to sign requests

request_signature_scope: pulumi.Output[str] = None

algorithm to use to sign response

response_signature_algorithm: pulumi.Output[str] = None

algorithm to use to sign requests

response_signature_scope: pulumi.Output[str] = None

algorithm to use to sign response

static get(resource_name, id, opts=None, account_link_action=None, account_link_group_includes=None, acs_binding=None, acs_type=None, authorization_binding=None, authorization_url=None, client_id=None, client_secret=None, deprovisioned_action=None, groups_action=None, groups_assignments=None, groups_attribute=None, groups_filters=None, issuer_mode=None, issuer_url=None, jwks_binding=None, jwks_url=None, max_clock_skew=None, name=None, profile_master=None, protocol_type=None, provisioning_action=None, request_signature_algorithm=None, request_signature_scope=None, response_signature_algorithm=None, response_signature_scope=None, scopes=None, status=None, subject_match_attribute=None, subject_match_type=None, suspended_action=None, token_binding=None, token_url=None, type=None, user_info_binding=None, user_info_url=None, username_template=None)

Get an existing Idp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • issuer_mode (pulumi.Input[str]) – Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL

  • name (pulumi.Input[str]) – name of idp

  • request_signature_algorithm (pulumi.Input[str]) – algorithm to use to sign requests

  • request_signature_scope (pulumi.Input[str]) – algorithm to use to sign response

  • response_signature_algorithm (pulumi.Input[str]) – algorithm to use to sign requests

  • response_signature_scope (pulumi.Input[str]) – algorithm to use to sign response

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.MfaPolicy(resource_name, opts=None, description=None, duo=None, fido_u2f=None, fido_webauthn=None, google_otp=None, groups_includeds=None, name=None, okta_call=None, okta_otp=None, okta_password=None, okta_push=None, okta_question=None, okta_sms=None, priority=None, rsa_token=None, status=None, symantec_vip=None, yubikey_token=None, __props__=None, __name__=None, __opts__=None)

Create a MfaPolicy resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] description: Policy Description :param pulumi.Input[list] groups_includeds: List of Group IDs to Include :param pulumi.Input[str] name: Policy Name :param pulumi.Input[float] priority: Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid

priority is provided. API defaults it to the last/lowest if not there.

Parameters

status (pulumi.Input[str]) – Policy Status: ACTIVE or INACTIVE.

The duo object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The fido_u2f object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The fido_webauthn object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The google_otp object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_call object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_otp object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_password object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_push object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_question object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_sms object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The rsa_token object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The symantec_vip object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The yubikey_token object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

description: pulumi.Output[str] = None

Policy Description

groups_includeds: pulumi.Output[list] = None

List of Group IDs to Include

name: pulumi.Output[str] = None

Policy Name

priority: pulumi.Output[float] = None

Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

status: pulumi.Output[str] = None

Policy Status: ACTIVE or INACTIVE.

static get(resource_name, id, opts=None, description=None, duo=None, fido_u2f=None, fido_webauthn=None, google_otp=None, groups_includeds=None, name=None, okta_call=None, okta_otp=None, okta_password=None, okta_push=None, okta_question=None, okta_sms=None, priority=None, rsa_token=None, status=None, symantec_vip=None, yubikey_token=None)

Get an existing MfaPolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • description (pulumi.Input[str]) – Policy Description

  • groups_includeds (pulumi.Input[list]) – List of Group IDs to Include

  • name (pulumi.Input[str]) – Policy Name

  • priority (pulumi.Input[float]) – Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

  • status (pulumi.Input[str]) – Policy Status: ACTIVE or INACTIVE.

The duo object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The fido_u2f object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The fido_webauthn object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The google_otp object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_call object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_otp object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_password object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_push object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_question object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The okta_sms object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The rsa_token object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The symantec_vip object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

The yubikey_token object supports the following:

  • consent_type (pulumi.Input[str])

  • enroll (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.MfaPolicyRule(resource_name, opts=None, enroll=None, name=None, network_connection=None, network_excludes=None, network_includes=None, policyid=None, priority=None, status=None, users_excludeds=None, __props__=None, __name__=None, __opts__=None)

Create a MfaPolicyRule resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] enroll: Should the user be enrolled the first time they LOGIN, the next time they are CHALLENGEd, or NEVER? :param pulumi.Input[str] name: Policy Rule Name :param pulumi.Input[str] network_connection: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK. :param pulumi.Input[list] network_excludes: The zones to exclude :param pulumi.Input[list] network_includes: The zones to include :param pulumi.Input[str] policyid: Policy ID of the Rule :param pulumi.Input[float] priority: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an

invalid priority is provided. API defaults it to the last/lowest if not there.

Parameters
  • status (pulumi.Input[str]) – Policy Rule Status: ACTIVE or INACTIVE.

  • users_excludeds (pulumi.Input[list]) – Set of User IDs to Exclude

enroll: pulumi.Output[str] = None

Should the user be enrolled the first time they LOGIN, the next time they are CHALLENGEd, or NEVER?

name: pulumi.Output[str] = None

Policy Rule Name

network_connection: pulumi.Output[str] = None

Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.

network_excludes: pulumi.Output[list] = None

The zones to exclude

network_includes: pulumi.Output[list] = None

The zones to include

policyid: pulumi.Output[str] = None

Policy ID of the Rule

priority: pulumi.Output[float] = None

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

status: pulumi.Output[str] = None

Policy Rule Status: ACTIVE or INACTIVE.

users_excludeds: pulumi.Output[list] = None

Set of User IDs to Exclude

static get(resource_name, id, opts=None, enroll=None, name=None, network_connection=None, network_excludes=None, network_includes=None, policyid=None, priority=None, status=None, users_excludeds=None)

Get an existing MfaPolicyRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • enroll (pulumi.Input[str]) – Should the user be enrolled the first time they LOGIN, the next time they are CHALLENGEd, or NEVER?

  • name (pulumi.Input[str]) – Policy Rule Name

  • network_connection (pulumi.Input[str]) – Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.

  • network_excludes (pulumi.Input[list]) – The zones to exclude

  • network_includes (pulumi.Input[list]) – The zones to include

  • policyid (pulumi.Input[str]) – Policy ID of the Rule

  • priority (pulumi.Input[float]) – Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

  • status (pulumi.Input[str]) – Policy Rule Status: ACTIVE or INACTIVE.

  • users_excludeds (pulumi.Input[list]) – Set of User IDs to Exclude

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.OauthApp(resource_name, opts=None, auto_key_rotation=None, auto_submit_toolbar=None, client_basic_secret=None, client_uri=None, consent_method=None, custom_client_id=None, grant_types=None, groups=None, hide_ios=None, hide_web=None, issuer_mode=None, label=None, login_uri=None, logo_uri=None, omit_secret=None, policy_uri=None, post_logout_redirect_uris=None, profile=None, redirect_uris=None, response_types=None, status=None, token_endpoint_auth_method=None, tos_uri=None, type=None, users=None, __props__=None, __name__=None, __opts__=None)

Create a OauthApp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] auto_key_rotation: Requested key rotation mode. :param pulumi.Input[bool] auto_submit_toolbar: Display auto submit toolbar :param pulumi.Input[str] client_basic_secret: OAuth client secret key, this can be set when token_endpoint_auth_method is client_secret_basic. :param pulumi.Input[str] client_uri: URI to a web page providing information about the client. :param pulumi.Input[str] consent_method: Early Access Property. Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED.

Default value is TRUSTED

Parameters
  • custom_client_id (pulumi.Input[str]) – This property allows you to set your client_id.

  • grant_types (pulumi.Input[list]) – List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.

  • groups (pulumi.Input[list]) – Groups associated with the application

  • hide_ios (pulumi.Input[bool]) – Do not display application icon on mobile app

  • hide_web (pulumi.Input[bool]) – Do not display application icon to users

  • issuer_mode (pulumi.Input[str]) – Early Access Property. Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.

  • label (pulumi.Input[str]) – Pretty name of app.

  • login_uri (pulumi.Input[str]) – URI that initiates login.

  • logo_uri (pulumi.Input[str]) – URI that references a logo for the client.

  • omit_secret (pulumi.Input[bool]) – This tells the provider not to persist the application’s secret to state. If this is ever changes from true => false your app will be recreated.

  • policy_uri (pulumi.Input[str]) – Early Access Property. URI to web page providing client policy document.

  • post_logout_redirect_uris (pulumi.Input[list]) – List of URIs for redirection after logout

  • profile (pulumi.Input[str]) – Custom JSON that represents an OAuth application’s profile

  • redirect_uris (pulumi.Input[list]) – List of URIs for use in the redirect-based flow. This is required for all application types except service. Note: see okta_app_oauth_redirect_uri for appending to this list in a decentralized way.

  • response_types (pulumi.Input[list]) – List of OAuth 2.0 response type strings.

  • status (pulumi.Input[str]) – Status of application.

  • token_endpoint_auth_method (pulumi.Input[str]) – Requested authentication method for the token endpoint.

  • tos_uri (pulumi.Input[str]) – Early Access Property. URI to web page providing client tos (terms of service).

  • type (pulumi.Input[str]) – The type of client application.

  • users (pulumi.Input[list]) – Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

auto_key_rotation: pulumi.Output[bool] = None

Requested key rotation mode.

auto_submit_toolbar: pulumi.Output[bool] = None

Display auto submit toolbar

client_basic_secret: pulumi.Output[str] = None

OAuth client secret key, this can be set when token_endpoint_auth_method is client_secret_basic.

client_id: pulumi.Output[str] = None

OAuth client ID.

client_secret: pulumi.Output[str] = None

OAuth client secret key. This will be in plain text in your statefile unless you set omit_secret above.

client_uri: pulumi.Output[str] = None

URI to a web page providing information about the client.

consent_method: pulumi.Output[str] = None

Early Access Property. Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED

custom_client_id: pulumi.Output[str] = None

This property allows you to set your client_id.

grant_types: pulumi.Output[list] = None

List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.

groups: pulumi.Output[list] = None

Groups associated with the application

hide_ios: pulumi.Output[bool] = None

Do not display application icon on mobile app

hide_web: pulumi.Output[bool] = None

Do not display application icon to users

issuer_mode: pulumi.Output[str] = None

Early Access Property. Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.

label: pulumi.Output[str] = None

Pretty name of app.

login_uri: pulumi.Output[str] = None

URI that initiates login.

logo_uri: pulumi.Output[str] = None

URI that references a logo for the client.

name: pulumi.Output[str] = None

name of app.

omit_secret: pulumi.Output[bool] = None

This tells the provider not to persist the application’s secret to state. If this is ever changes from true => false your app will be recreated.

policy_uri: pulumi.Output[str] = None

Early Access Property. URI to web page providing client policy document.

post_logout_redirect_uris: pulumi.Output[list] = None

List of URIs for redirection after logout

profile: pulumi.Output[str] = None

Custom JSON that represents an OAuth application’s profile

redirect_uris: pulumi.Output[list] = None

List of URIs for use in the redirect-based flow. This is required for all application types except service. Note: see okta_app_oauth_redirect_uri for appending to this list in a decentralized way.

response_types: pulumi.Output[list] = None

List of OAuth 2.0 response type strings.

sign_on_mode: pulumi.Output[str] = None

Sign on mode of application.

status: pulumi.Output[str] = None

Status of application.

token_endpoint_auth_method: pulumi.Output[str] = None

Requested authentication method for the token endpoint.

tos_uri: pulumi.Output[str] = None

Early Access Property. URI to web page providing client tos (terms of service).

type: pulumi.Output[str] = None

The type of client application.

users: pulumi.Output[list] = None

Users associated with the application

  • id (str)

  • password (str)

  • scope (str)

  • username (str)

static get(resource_name, id, opts=None, auto_key_rotation=None, auto_submit_toolbar=None, client_basic_secret=None, client_id=None, client_secret=None, client_uri=None, consent_method=None, custom_client_id=None, grant_types=None, groups=None, hide_ios=None, hide_web=None, issuer_mode=None, label=None, login_uri=None, logo_uri=None, name=None, omit_secret=None, policy_uri=None, post_logout_redirect_uris=None, profile=None, redirect_uris=None, response_types=None, sign_on_mode=None, status=None, token_endpoint_auth_method=None, tos_uri=None, type=None, users=None)

Get an existing OauthApp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auto_key_rotation (pulumi.Input[bool]) – Requested key rotation mode.

  • auto_submit_toolbar (pulumi.Input[bool]) – Display auto submit toolbar

  • client_basic_secret (pulumi.Input[str]) – OAuth client secret key, this can be set when token_endpoint_auth_method is client_secret_basic.

  • client_id (pulumi.Input[str]) – OAuth client ID.

  • client_secret (pulumi.Input[str]) – OAuth client secret key. This will be in plain text in your statefile unless you set omit_secret above.

  • client_uri (pulumi.Input[str]) – URI to a web page providing information about the client.

  • consent_method (pulumi.Input[str]) – Early Access Property. Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED

  • custom_client_id (pulumi.Input[str]) – This property allows you to set your client_id.

  • grant_types (pulumi.Input[list]) – List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.

  • groups (pulumi.Input[list]) – Groups associated with the application

  • hide_ios (pulumi.Input[bool]) – Do not display application icon on mobile app

  • hide_web (pulumi.Input[bool]) – Do not display application icon to users

  • issuer_mode (pulumi.Input[str]) – Early Access Property. Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.

  • label (pulumi.Input[str]) – Pretty name of app.

  • login_uri (pulumi.Input[str]) – URI that initiates login.

  • logo_uri (pulumi.Input[str]) – URI that references a logo for the client.

  • name (pulumi.Input[str]) – name of app.

  • omit_secret (pulumi.Input[bool]) – This tells the provider not to persist the application’s secret to state. If this is ever changes from true => false your app will be recreated.

  • policy_uri (pulumi.Input[str]) – Early Access Property. URI to web page providing client policy document.

  • post_logout_redirect_uris (pulumi.Input[list]) – List of URIs for redirection after logout

  • profile (pulumi.Input[str]) – Custom JSON that represents an OAuth application’s profile

  • redirect_uris (pulumi.Input[list]) – List of URIs for use in the redirect-based flow. This is required for all application types except service. Note: see okta_app_oauth_redirect_uri for appending to this list in a decentralized way.

  • response_types (pulumi.Input[list]) – List of OAuth 2.0 response type strings.

  • sign_on_mode (pulumi.Input[str]) – Sign on mode of application.

  • status (pulumi.Input[str]) – Status of application.

  • token_endpoint_auth_method (pulumi.Input[str]) – Requested authentication method for the token endpoint.

  • tos_uri (pulumi.Input[str]) – Early Access Property. URI to web page providing client tos (terms of service).

  • type (pulumi.Input[str]) – The type of client application.

  • users (pulumi.Input[list]) – Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.OauthAppRedirectUri(resource_name, opts=None, app_id=None, uri=None, __props__=None, __name__=None, __opts__=None)

Create a OauthAppRedirectUri resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] uri: Redirect URI to append to Okta OIDC application.

uri: pulumi.Output[str] = None

Redirect URI to append to Okta OIDC application.

static get(resource_name, id, opts=None, app_id=None, uri=None)

Get an existing OauthAppRedirectUri resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • uri (pulumi.Input[str]) – Redirect URI to append to Okta OIDC application.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.PasswordPolicy(resource_name, opts=None, auth_provider=None, description=None, email_recovery=None, groups_includeds=None, name=None, password_auto_unlock_minutes=None, password_dictionary_lookup=None, password_exclude_first_name=None, password_exclude_last_name=None, password_exclude_username=None, password_expire_warn_days=None, password_history_count=None, password_max_age_days=None, password_max_lockout_attempts=None, password_min_age_minutes=None, password_min_length=None, password_min_lowercase=None, password_min_number=None, password_min_symbol=None, password_min_uppercase=None, password_show_lockout_failures=None, priority=None, question_min_length=None, question_recovery=None, recovery_email_token=None, skip_unlock=None, sms_recovery=None, status=None, __props__=None, __name__=None, __opts__=None)

Create a PasswordPolicy resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] auth_provider: Authentication Provider: OKTA or ACTIVE_DIRECTORY. :param pulumi.Input[str] description: Policy Description :param pulumi.Input[str] email_recovery: Enable or disable email password recovery: ACTIVE or INACTIVE. :param pulumi.Input[list] groups_includeds: List of Group IDs to Include :param pulumi.Input[str] name: Policy Name :param pulumi.Input[float] password_auto_unlock_minutes: Number of minutes before a locked account is unlocked: 0 = no limit. :param pulumi.Input[bool] password_dictionary_lookup: Check Passwords Against Common Password Dictionary. :param pulumi.Input[bool] password_exclude_first_name: User firstName attribute must be excluded from the password :param pulumi.Input[bool] password_exclude_last_name: User lastName attribute must be excluded from the password :param pulumi.Input[bool] password_exclude_username: If the user name must be excluded from the password. :param pulumi.Input[float] password_expire_warn_days: Length in days a user will be warned before password expiry: 0 = no warning. :param pulumi.Input[float] password_history_count: Number of distinct passwords that must be created before they can be reused: 0 = none. :param pulumi.Input[float] password_max_age_days: Length in days a password is valid before expiry: 0 = no limit. :param pulumi.Input[float] password_max_lockout_attempts: Number of unsuccessful login attempts allowed before lockout: 0 = no limit. :param pulumi.Input[float] password_min_age_minutes: Minimum time interval in minutes between password changes: 0 = no limit. :param pulumi.Input[float] password_min_length: Minimum password length. :param pulumi.Input[float] password_min_lowercase: If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default = 1 :param pulumi.Input[float] password_min_number: If a password must contain at least one number: 0 = no, 1 = yes. Default = 1 :param pulumi.Input[float] password_min_symbol: If a password must contain at least one symbol (!@#$%^&*): 0 = no, 1 = yes. Default = 1 :param pulumi.Input[float] password_min_uppercase: If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default = 1 :param pulumi.Input[bool] password_show_lockout_failures: If a user should be informed when their account is locked. :param pulumi.Input[float] priority: Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid

priority is provided. API defaults it to the last/lowest if not there.

Parameters
  • question_min_length (pulumi.Input[float]) – Min length of the password recovery question answer.

  • question_recovery (pulumi.Input[str]) – Enable or disable security question password recovery: ACTIVE or INACTIVE.

  • recovery_email_token (pulumi.Input[float]) – Lifetime in minutes of the recovery email token.

  • skip_unlock (pulumi.Input[bool]) – When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user’s Windows account.

  • sms_recovery (pulumi.Input[str]) – Enable or disable SMS password recovery: ACTIVE or INACTIVE.

  • status (pulumi.Input[str]) – Policy Status: ACTIVE or INACTIVE.

auth_provider: pulumi.Output[str] = None

Authentication Provider: OKTA or ACTIVE_DIRECTORY.

description: pulumi.Output[str] = None

Policy Description

email_recovery: pulumi.Output[str] = None

Enable or disable email password recovery: ACTIVE or INACTIVE.

groups_includeds: pulumi.Output[list] = None

List of Group IDs to Include

name: pulumi.Output[str] = None

Policy Name

password_auto_unlock_minutes: pulumi.Output[float] = None

Number of minutes before a locked account is unlocked: 0 = no limit.

password_dictionary_lookup: pulumi.Output[bool] = None

Check Passwords Against Common Password Dictionary.

password_exclude_first_name: pulumi.Output[bool] = None

User firstName attribute must be excluded from the password

password_exclude_last_name: pulumi.Output[bool] = None

User lastName attribute must be excluded from the password

password_exclude_username: pulumi.Output[bool] = None

If the user name must be excluded from the password.

password_expire_warn_days: pulumi.Output[float] = None

Length in days a user will be warned before password expiry: 0 = no warning.

password_history_count: pulumi.Output[float] = None

Number of distinct passwords that must be created before they can be reused: 0 = none.

password_max_age_days: pulumi.Output[float] = None

Length in days a password is valid before expiry: 0 = no limit.

password_max_lockout_attempts: pulumi.Output[float] = None

Number of unsuccessful login attempts allowed before lockout: 0 = no limit.

password_min_age_minutes: pulumi.Output[float] = None

Minimum time interval in minutes between password changes: 0 = no limit.

password_min_length: pulumi.Output[float] = None

Minimum password length.

password_min_lowercase: pulumi.Output[float] = None

If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default = 1

password_min_number: pulumi.Output[float] = None

If a password must contain at least one number: 0 = no, 1 = yes. Default = 1

password_min_symbol: pulumi.Output[float] = None

If a password must contain at least one symbol (!@#$%^&*): 0 = no, 1 = yes. Default = 1

password_min_uppercase: pulumi.Output[float] = None

If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default = 1

password_show_lockout_failures: pulumi.Output[bool] = None

If a user should be informed when their account is locked.

priority: pulumi.Output[float] = None

Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

question_min_length: pulumi.Output[float] = None

Min length of the password recovery question answer.

question_recovery: pulumi.Output[str] = None

Enable or disable security question password recovery: ACTIVE or INACTIVE.

recovery_email_token: pulumi.Output[float] = None

Lifetime in minutes of the recovery email token.

skip_unlock: pulumi.Output[bool] = None

When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user’s Windows account.

sms_recovery: pulumi.Output[str] = None

Enable or disable SMS password recovery: ACTIVE or INACTIVE.

status: pulumi.Output[str] = None

Policy Status: ACTIVE or INACTIVE.

static get(resource_name, id, opts=None, auth_provider=None, description=None, email_recovery=None, groups_includeds=None, name=None, password_auto_unlock_minutes=None, password_dictionary_lookup=None, password_exclude_first_name=None, password_exclude_last_name=None, password_exclude_username=None, password_expire_warn_days=None, password_history_count=None, password_max_age_days=None, password_max_lockout_attempts=None, password_min_age_minutes=None, password_min_length=None, password_min_lowercase=None, password_min_number=None, password_min_symbol=None, password_min_uppercase=None, password_show_lockout_failures=None, priority=None, question_min_length=None, question_recovery=None, recovery_email_token=None, skip_unlock=None, sms_recovery=None, status=None)

Get an existing PasswordPolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • auth_provider (pulumi.Input[str]) – Authentication Provider: OKTA or ACTIVE_DIRECTORY.

  • description (pulumi.Input[str]) – Policy Description

  • email_recovery (pulumi.Input[str]) – Enable or disable email password recovery: ACTIVE or INACTIVE.

  • groups_includeds (pulumi.Input[list]) – List of Group IDs to Include

  • name (pulumi.Input[str]) – Policy Name

  • password_auto_unlock_minutes (pulumi.Input[float]) – Number of minutes before a locked account is unlocked: 0 = no limit.

  • password_dictionary_lookup (pulumi.Input[bool]) – Check Passwords Against Common Password Dictionary.

  • password_exclude_first_name (pulumi.Input[bool]) – User firstName attribute must be excluded from the password

  • password_exclude_last_name (pulumi.Input[bool]) – User lastName attribute must be excluded from the password

  • password_exclude_username (pulumi.Input[bool]) – If the user name must be excluded from the password.

  • password_expire_warn_days (pulumi.Input[float]) – Length in days a user will be warned before password expiry: 0 = no warning.

  • password_history_count (pulumi.Input[float]) – Number of distinct passwords that must be created before they can be reused: 0 = none.

  • password_max_age_days (pulumi.Input[float]) – Length in days a password is valid before expiry: 0 = no limit.

  • password_max_lockout_attempts (pulumi.Input[float]) – Number of unsuccessful login attempts allowed before lockout: 0 = no limit.

  • password_min_age_minutes (pulumi.Input[float]) – Minimum time interval in minutes between password changes: 0 = no limit.

  • password_min_length (pulumi.Input[float]) – Minimum password length.

  • password_min_lowercase (pulumi.Input[float]) – If a password must contain at least one lower case letter: 0 = no, 1 = yes. Default = 1

  • password_min_number (pulumi.Input[float]) – If a password must contain at least one number: 0 = no, 1 = yes. Default = 1

  • password_min_symbol (pulumi.Input[float]) – If a password must contain at least one symbol (!@#$%^&*): 0 = no, 1 = yes. Default = 1

  • password_min_uppercase (pulumi.Input[float]) – If a password must contain at least one upper case letter: 0 = no, 1 = yes. Default = 1

  • password_show_lockout_failures (pulumi.Input[bool]) – If a user should be informed when their account is locked.

  • priority (pulumi.Input[float]) – Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

  • question_min_length (pulumi.Input[float]) – Min length of the password recovery question answer.

  • question_recovery (pulumi.Input[str]) – Enable or disable security question password recovery: ACTIVE or INACTIVE.

  • recovery_email_token (pulumi.Input[float]) – Lifetime in minutes of the recovery email token.

  • skip_unlock (pulumi.Input[bool]) – When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user’s Windows account.

  • sms_recovery (pulumi.Input[str]) – Enable or disable SMS password recovery: ACTIVE or INACTIVE.

  • status (pulumi.Input[str]) – Policy Status: ACTIVE or INACTIVE.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.PasswordPolicyRule(resource_name, opts=None, name=None, network_connection=None, network_excludes=None, network_includes=None, password_change=None, password_reset=None, password_unlock=None, policyid=None, priority=None, status=None, users_excludeds=None, __props__=None, __name__=None, __opts__=None)

Create a PasswordPolicyRule resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] name: Policy Rule Name :param pulumi.Input[str] network_connection: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK. :param pulumi.Input[list] network_excludes: The zones to exclude :param pulumi.Input[list] network_includes: The zones to include :param pulumi.Input[str] password_change: Allow or deny a user to change their password: ALLOW or DENY. Default = ALLOW :param pulumi.Input[str] password_reset: Allow or deny a user to reset their password: ALLOW or DENY. Default = ALLOW :param pulumi.Input[str] password_unlock: Allow or deny a user to unlock. Default = DENY :param pulumi.Input[str] policyid: Policy ID of the Rule :param pulumi.Input[float] priority: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an

invalid priority is provided. API defaults it to the last/lowest if not there.

Parameters
  • status (pulumi.Input[str]) – Policy Rule Status: ACTIVE or INACTIVE.

  • users_excludeds (pulumi.Input[list]) – Set of User IDs to Exclude

name: pulumi.Output[str] = None

Policy Rule Name

network_connection: pulumi.Output[str] = None

Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.

network_excludes: pulumi.Output[list] = None

The zones to exclude

network_includes: pulumi.Output[list] = None

The zones to include

password_change: pulumi.Output[str] = None

Allow or deny a user to change their password: ALLOW or DENY. Default = ALLOW

password_reset: pulumi.Output[str] = None

Allow or deny a user to reset their password: ALLOW or DENY. Default = ALLOW

password_unlock: pulumi.Output[str] = None

Allow or deny a user to unlock. Default = DENY

policyid: pulumi.Output[str] = None

Policy ID of the Rule

priority: pulumi.Output[float] = None

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

status: pulumi.Output[str] = None

Policy Rule Status: ACTIVE or INACTIVE.

users_excludeds: pulumi.Output[list] = None

Set of User IDs to Exclude

static get(resource_name, id, opts=None, name=None, network_connection=None, network_excludes=None, network_includes=None, password_change=None, password_reset=None, password_unlock=None, policyid=None, priority=None, status=None, users_excludeds=None)

Get an existing PasswordPolicyRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • name (pulumi.Input[str]) – Policy Rule Name

  • network_connection (pulumi.Input[str]) – Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.

  • network_excludes (pulumi.Input[list]) – The zones to exclude

  • network_includes (pulumi.Input[list]) – The zones to include

  • password_change (pulumi.Input[str]) – Allow or deny a user to change their password: ALLOW or DENY. Default = ALLOW

  • password_reset (pulumi.Input[str]) – Allow or deny a user to reset their password: ALLOW or DENY. Default = ALLOW

  • password_unlock (pulumi.Input[str]) – Allow or deny a user to unlock. Default = DENY

  • policyid (pulumi.Input[str]) – Policy ID of the Rule

  • priority (pulumi.Input[float]) – Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

  • status (pulumi.Input[str]) – Policy Rule Status: ACTIVE or INACTIVE.

  • users_excludeds (pulumi.Input[list]) – Set of User IDs to Exclude

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.SamlApp(resource_name, opts=None, accessibility_error_redirect_url=None, accessibility_login_redirect_url=None, accessibility_self_service=None, app_settings_json=None, assertion_signed=None, attribute_statements=None, audience=None, authn_context_class_ref=None, auto_submit_toolbar=None, default_relay_state=None, destination=None, digest_algorithm=None, features=None, groups=None, hide_ios=None, hide_web=None, honor_force_authn=None, idp_issuer=None, key_name=None, key_years_valid=None, label=None, preconfigured_app=None, recipient=None, request_compressed=None, response_signed=None, signature_algorithm=None, sp_issuer=None, sso_url=None, status=None, subject_name_id_format=None, subject_name_id_template=None, user_name_template=None, user_name_template_suffix=None, user_name_template_type=None, users=None, __props__=None, __name__=None, __opts__=None)

Create a SamlApp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] accessibility_error_redirect_url: Custom error page URL :param pulumi.Input[str] accessibility_login_redirect_url: Custom login page URL :param pulumi.Input[bool] accessibility_self_service: Enable self service :param pulumi.Input[str] app_settings_json: Application settings in JSON format :param pulumi.Input[bool] assertion_signed: Determines whether the SAML assertion is digitally signed :param pulumi.Input[str] audience: Audience Restriction :param pulumi.Input[str] authn_context_class_ref: Identifies the SAML authentication context class for the assertion’s authentication statement :param pulumi.Input[bool] auto_submit_toolbar: Display auto submit toolbar :param pulumi.Input[str] default_relay_state: Identifies a specific application resource in an IDP initiated SSO scenario. :param pulumi.Input[str] destination: Identifies the location where the SAML response is intended to be sent inside of the SAML assertion :param pulumi.Input[str] digest_algorithm: Determines the digest algorithm used to digitally sign the SAML assertion and response :param pulumi.Input[list] features: features to enable :param pulumi.Input[list] groups: Groups associated with the application :param pulumi.Input[bool] hide_ios: Do not display application icon on mobile app :param pulumi.Input[bool] hide_web: Do not display application icon to users :param pulumi.Input[bool] honor_force_authn: Prompt user to re-authenticate if SP asks for it :param pulumi.Input[str] idp_issuer: SAML issuer ID :param pulumi.Input[str] key_name: Certificate name. This modulates the rotation of keys. New name == new key. :param pulumi.Input[float] key_years_valid: Number of years the certificate is valid. :param pulumi.Input[str] label: Pretty name of app. :param pulumi.Input[str] preconfigured_app: Name of preexisting SAML application. For instance ‘slack’ :param pulumi.Input[str] recipient: The location where the app may present the SAML assertion :param pulumi.Input[bool] request_compressed: Denotes whether the request is compressed or not. :param pulumi.Input[bool] response_signed: Determines whether the SAML auth response message is digitally signed :param pulumi.Input[str] signature_algorithm: Signature algorithm used ot digitally sign the assertion and response :param pulumi.Input[str] sp_issuer: SAML SP issuer ID :param pulumi.Input[str] sso_url: Single Sign On URL :param pulumi.Input[str] status: Status of application. :param pulumi.Input[str] subject_name_id_format: Identifies the SAML processing rules. :param pulumi.Input[str] subject_name_id_template: Template for app user’s username when a user is assigned to the app :param pulumi.Input[str] user_name_template: Username template :param pulumi.Input[str] user_name_template_suffix: Username template suffix :param pulumi.Input[str] user_name_template_type: Username template type :param pulumi.Input[list] users: Users associated with the application

The attribute_statements object supports the following:

  • filterType (pulumi.Input[str])

  • filterValue (pulumi.Input[str])

  • name (pulumi.Input[str])

  • namespace (pulumi.Input[str])

  • type (pulumi.Input[str])

  • values (pulumi.Input[list])

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

accessibility_error_redirect_url: pulumi.Output[str] = None

Custom error page URL

accessibility_login_redirect_url: pulumi.Output[str] = None

Custom login page URL

accessibility_self_service: pulumi.Output[bool] = None

Enable self service

app_settings_json: pulumi.Output[str] = None

Application settings in JSON format

assertion_signed: pulumi.Output[bool] = None

Determines whether the SAML assertion is digitally signed

audience: pulumi.Output[str] = None

Audience Restriction

authn_context_class_ref: pulumi.Output[str] = None

Identifies the SAML authentication context class for the assertion’s authentication statement

auto_submit_toolbar: pulumi.Output[bool] = None

Display auto submit toolbar

certificate: pulumi.Output[str] = None

cert from SAML XML metadata payload

default_relay_state: pulumi.Output[str] = None

Identifies a specific application resource in an IDP initiated SSO scenario.

destination: pulumi.Output[str] = None

Identifies the location where the SAML response is intended to be sent inside of the SAML assertion

digest_algorithm: pulumi.Output[str] = None

Determines the digest algorithm used to digitally sign the SAML assertion and response

entity_key: pulumi.Output[str] = None

Entity ID, the ID portion of the entity_url

entity_url: pulumi.Output[str] = None

Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8

features: pulumi.Output[list] = None

features to enable

groups: pulumi.Output[list] = None

Groups associated with the application

hide_ios: pulumi.Output[bool] = None

Do not display application icon on mobile app

hide_web: pulumi.Output[bool] = None

Do not display application icon to users

honor_force_authn: pulumi.Output[bool] = None

Prompt user to re-authenticate if SP asks for it

http_post_binding: pulumi.Output[str] = None

urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.

http_redirect_binding: pulumi.Output[str] = None

urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.

idp_issuer: pulumi.Output[str] = None

SAML issuer ID

key_id: pulumi.Output[str] = None

Certificate ID

key_name: pulumi.Output[str] = None

Certificate name. This modulates the rotation of keys. New name == new key.

key_years_valid: pulumi.Output[float] = None

Number of years the certificate is valid.

label: pulumi.Output[str] = None

Pretty name of app.

metadata: pulumi.Output[str] = None

SAML xml metadata payload

name: pulumi.Output[str] = None

name of app.

preconfigured_app: pulumi.Output[str] = None

Name of preexisting SAML application. For instance ‘slack’

recipient: pulumi.Output[str] = None

The location where the app may present the SAML assertion

request_compressed: pulumi.Output[bool] = None

Denotes whether the request is compressed or not.

response_signed: pulumi.Output[bool] = None

Determines whether the SAML auth response message is digitally signed

sign_on_mode: pulumi.Output[str] = None

Sign on mode of application.

signature_algorithm: pulumi.Output[str] = None

Signature algorithm used ot digitally sign the assertion and response

sp_issuer: pulumi.Output[str] = None

SAML SP issuer ID

sso_url: pulumi.Output[str] = None

Single Sign On URL

status: pulumi.Output[str] = None

Status of application.

subject_name_id_format: pulumi.Output[str] = None

Identifies the SAML processing rules.

subject_name_id_template: pulumi.Output[str] = None

Template for app user’s username when a user is assigned to the app

user_name_template: pulumi.Output[str] = None

Username template

user_name_template_suffix: pulumi.Output[str] = None

Username template suffix

user_name_template_type: pulumi.Output[str] = None

Username template type

users: pulumi.Output[list] = None

Users associated with the application

  • id (str)

  • password (str)

  • scope (str)

  • username (str)

static get(resource_name, id, opts=None, accessibility_error_redirect_url=None, accessibility_login_redirect_url=None, accessibility_self_service=None, app_settings_json=None, assertion_signed=None, attribute_statements=None, audience=None, authn_context_class_ref=None, auto_submit_toolbar=None, certificate=None, default_relay_state=None, destination=None, digest_algorithm=None, entity_key=None, entity_url=None, features=None, groups=None, hide_ios=None, hide_web=None, honor_force_authn=None, http_post_binding=None, http_redirect_binding=None, idp_issuer=None, key_id=None, key_name=None, key_years_valid=None, label=None, metadata=None, name=None, preconfigured_app=None, recipient=None, request_compressed=None, response_signed=None, sign_on_mode=None, signature_algorithm=None, sp_issuer=None, sso_url=None, status=None, subject_name_id_format=None, subject_name_id_template=None, user_name_template=None, user_name_template_suffix=None, user_name_template_type=None, users=None)

Get an existing SamlApp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • accessibility_error_redirect_url (pulumi.Input[str]) – Custom error page URL

  • accessibility_login_redirect_url (pulumi.Input[str]) – Custom login page URL

  • accessibility_self_service (pulumi.Input[bool]) – Enable self service

  • app_settings_json (pulumi.Input[str]) – Application settings in JSON format

  • assertion_signed (pulumi.Input[bool]) – Determines whether the SAML assertion is digitally signed

  • audience (pulumi.Input[str]) – Audience Restriction

  • authn_context_class_ref (pulumi.Input[str]) – Identifies the SAML authentication context class for the assertion’s authentication statement

  • auto_submit_toolbar (pulumi.Input[bool]) – Display auto submit toolbar

  • certificate (pulumi.Input[str]) – cert from SAML XML metadata payload

  • default_relay_state (pulumi.Input[str]) – Identifies a specific application resource in an IDP initiated SSO scenario.

  • destination (pulumi.Input[str]) – Identifies the location where the SAML response is intended to be sent inside of the SAML assertion

  • digest_algorithm (pulumi.Input[str]) – Determines the digest algorithm used to digitally sign the SAML assertion and response

  • entity_key (pulumi.Input[str]) – Entity ID, the ID portion of the entity_url

  • entity_url (pulumi.Input[str]) – Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8

  • features (pulumi.Input[list]) – features to enable

  • groups (pulumi.Input[list]) – Groups associated with the application

  • hide_ios (pulumi.Input[bool]) – Do not display application icon on mobile app

  • hide_web (pulumi.Input[bool]) – Do not display application icon to users

  • honor_force_authn (pulumi.Input[bool]) – Prompt user to re-authenticate if SP asks for it

  • http_post_binding (pulumi.Input[str]) – urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post location from the SAML metadata.

  • http_redirect_binding (pulumi.Input[str]) – urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect location from the SAML metadata.

  • idp_issuer (pulumi.Input[str]) – SAML issuer ID

  • key_id (pulumi.Input[str]) – Certificate ID

  • key_name (pulumi.Input[str]) – Certificate name. This modulates the rotation of keys. New name == new key.

  • key_years_valid (pulumi.Input[float]) – Number of years the certificate is valid.

  • label (pulumi.Input[str]) – Pretty name of app.

  • metadata (pulumi.Input[str]) – SAML xml metadata payload

  • name (pulumi.Input[str]) – name of app.

  • preconfigured_app (pulumi.Input[str]) – Name of preexisting SAML application. For instance ‘slack’

  • recipient (pulumi.Input[str]) – The location where the app may present the SAML assertion

  • request_compressed (pulumi.Input[bool]) – Denotes whether the request is compressed or not.

  • response_signed (pulumi.Input[bool]) – Determines whether the SAML auth response message is digitally signed

  • sign_on_mode (pulumi.Input[str]) – Sign on mode of application.

  • signature_algorithm (pulumi.Input[str]) – Signature algorithm used ot digitally sign the assertion and response

  • sp_issuer (pulumi.Input[str]) – SAML SP issuer ID

  • sso_url (pulumi.Input[str]) – Single Sign On URL

  • status (pulumi.Input[str]) – Status of application.

  • subject_name_id_format (pulumi.Input[str]) – Identifies the SAML processing rules.

  • subject_name_id_template (pulumi.Input[str]) – Template for app user’s username when a user is assigned to the app

  • user_name_template (pulumi.Input[str]) – Username template

  • user_name_template_suffix (pulumi.Input[str]) – Username template suffix

  • user_name_template_type (pulumi.Input[str]) – Username template type

  • users (pulumi.Input[list]) – Users associated with the application

The attribute_statements object supports the following:

  • filterType (pulumi.Input[str])

  • filterValue (pulumi.Input[str])

  • name (pulumi.Input[str])

  • namespace (pulumi.Input[str])

  • type (pulumi.Input[str])

  • values (pulumi.Input[list])

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.SamlIdp(resource_name, opts=None, account_link_action=None, account_link_group_includes=None, acs_binding=None, acs_type=None, deprovisioned_action=None, groups_action=None, groups_assignments=None, groups_attribute=None, groups_filters=None, issuer=None, issuer_mode=None, kid=None, name=None, name_format=None, profile_master=None, provisioning_action=None, request_signature_algorithm=None, request_signature_scope=None, response_signature_algorithm=None, response_signature_scope=None, sso_binding=None, sso_destination=None, sso_url=None, status=None, subject_filter=None, subject_formats=None, subject_match_attribute=None, subject_match_type=None, suspended_action=None, username_template=None, __props__=None, __name__=None, __opts__=None)

Create a SamlIdp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] issuer_mode: Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL :param pulumi.Input[str] name: name of idp :param pulumi.Input[str] request_signature_algorithm: algorithm to use to sign requests :param pulumi.Input[str] request_signature_scope: algorithm to use to sign response :param pulumi.Input[str] response_signature_algorithm: algorithm to use to sign requests :param pulumi.Input[str] response_signature_scope: algorithm to use to sign response

issuer_mode: pulumi.Output[str] = None

Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL

name: pulumi.Output[str] = None

name of idp

request_signature_algorithm: pulumi.Output[str] = None

algorithm to use to sign requests

request_signature_scope: pulumi.Output[str] = None

algorithm to use to sign response

response_signature_algorithm: pulumi.Output[str] = None

algorithm to use to sign requests

response_signature_scope: pulumi.Output[str] = None

algorithm to use to sign response

static get(resource_name, id, opts=None, account_link_action=None, account_link_group_includes=None, acs_binding=None, acs_type=None, audience=None, deprovisioned_action=None, groups_action=None, groups_assignments=None, groups_attribute=None, groups_filters=None, issuer=None, issuer_mode=None, kid=None, name=None, name_format=None, profile_master=None, provisioning_action=None, request_signature_algorithm=None, request_signature_scope=None, response_signature_algorithm=None, response_signature_scope=None, sso_binding=None, sso_destination=None, sso_url=None, status=None, subject_filter=None, subject_formats=None, subject_match_attribute=None, subject_match_type=None, suspended_action=None, type=None, username_template=None)

Get an existing SamlIdp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • issuer_mode (pulumi.Input[str]) – Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL

  • name (pulumi.Input[str]) – name of idp

  • request_signature_algorithm (pulumi.Input[str]) – algorithm to use to sign requests

  • request_signature_scope (pulumi.Input[str]) – algorithm to use to sign response

  • response_signature_algorithm (pulumi.Input[str]) – algorithm to use to sign requests

  • response_signature_scope (pulumi.Input[str]) – algorithm to use to sign response

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.SamlIdpSigningKey(resource_name, opts=None, x5cs=None, __props__=None, __name__=None, __opts__=None)

Create a SamlIdpSigningKey resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[list] x5cs: base64-encoded X.509 certificate chain with DER encoding

x5cs: pulumi.Output[list] = None

base64-encoded X.509 certificate chain with DER encoding

static get(resource_name, id, opts=None, created=None, expires_at=None, kid=None, kty=None, use=None, x5cs=None, x5t_s256=None)

Get an existing SamlIdpSigningKey resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • x5cs (pulumi.Input[list]) – base64-encoded X.509 certificate chain with DER encoding

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.SecurePasswordStoreApp(resource_name, opts=None, accessibility_error_redirect_url=None, accessibility_self_service=None, auto_submit_toolbar=None, credentials_scheme=None, groups=None, hide_ios=None, hide_web=None, label=None, optional_field1=None, optional_field1_value=None, optional_field2=None, optional_field2_value=None, optional_field3=None, optional_field3_value=None, password_field=None, reveal_password=None, shared_password=None, shared_username=None, status=None, url=None, username_field=None, users=None, __props__=None, __name__=None, __opts__=None)

Create a SecurePasswordStoreApp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] accessibility_error_redirect_url: Custom error page URL :param pulumi.Input[bool] accessibility_self_service: Enable self service :param pulumi.Input[bool] auto_submit_toolbar: Display auto submit toolbar :param pulumi.Input[str] credentials_scheme: Application credentials scheme :param pulumi.Input[list] groups: Groups associated with the application :param pulumi.Input[bool] hide_ios: Do not display application icon on mobile app :param pulumi.Input[bool] hide_web: Do not display application icon to users :param pulumi.Input[str] label: Pretty name of app. :param pulumi.Input[str] optional_field1: Name of optional param in the login form :param pulumi.Input[str] optional_field1_value: Name of optional value in login form :param pulumi.Input[str] optional_field2: Name of optional param in the login form :param pulumi.Input[str] optional_field2_value: Name of optional value in login form :param pulumi.Input[str] optional_field3: Name of optional param in the login form :param pulumi.Input[str] optional_field3_value: Name of optional value in login form :param pulumi.Input[str] password_field: Login password field :param pulumi.Input[bool] reveal_password: Allow user to reveal password :param pulumi.Input[str] shared_password: Shared password, required for certain schemes. :param pulumi.Input[str] shared_username: Shared username, required for certain schemes. :param pulumi.Input[str] status: Status of application. :param pulumi.Input[str] url: Login URL :param pulumi.Input[str] username_field: Login username field :param pulumi.Input[list] users: Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

accessibility_error_redirect_url: pulumi.Output[str] = None

Custom error page URL

accessibility_self_service: pulumi.Output[bool] = None

Enable self service

auto_submit_toolbar: pulumi.Output[bool] = None

Display auto submit toolbar

credentials_scheme: pulumi.Output[str] = None

Application credentials scheme

groups: pulumi.Output[list] = None

Groups associated with the application

hide_ios: pulumi.Output[bool] = None

Do not display application icon on mobile app

hide_web: pulumi.Output[bool] = None

Do not display application icon to users

label: pulumi.Output[str] = None

Pretty name of app.

name: pulumi.Output[str] = None

name of app.

optional_field1: pulumi.Output[str] = None

Name of optional param in the login form

optional_field1_value: pulumi.Output[str] = None

Name of optional value in login form

optional_field2: pulumi.Output[str] = None

Name of optional param in the login form

optional_field2_value: pulumi.Output[str] = None

Name of optional value in login form

optional_field3: pulumi.Output[str] = None

Name of optional param in the login form

optional_field3_value: pulumi.Output[str] = None

Name of optional value in login form

password_field: pulumi.Output[str] = None

Login password field

reveal_password: pulumi.Output[bool] = None

Allow user to reveal password

shared_password: pulumi.Output[str] = None

Shared password, required for certain schemes.

shared_username: pulumi.Output[str] = None

Shared username, required for certain schemes.

sign_on_mode: pulumi.Output[str] = None

Sign on mode of application.

status: pulumi.Output[str] = None

Status of application.

url: pulumi.Output[str] = None

Login URL

user_name_template: pulumi.Output[str] = None

Username template

user_name_template_type: pulumi.Output[str] = None

Username template type

username_field: pulumi.Output[str] = None

Login username field

users: pulumi.Output[list] = None

Users associated with the application

  • id (str)

  • password (str)

  • scope (str)

  • username (str)

static get(resource_name, id, opts=None, accessibility_error_redirect_url=None, accessibility_self_service=None, auto_submit_toolbar=None, credentials_scheme=None, groups=None, hide_ios=None, hide_web=None, label=None, name=None, optional_field1=None, optional_field1_value=None, optional_field2=None, optional_field2_value=None, optional_field3=None, optional_field3_value=None, password_field=None, reveal_password=None, shared_password=None, shared_username=None, sign_on_mode=None, status=None, url=None, user_name_template=None, user_name_template_type=None, username_field=None, users=None)

Get an existing SecurePasswordStoreApp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • accessibility_error_redirect_url (pulumi.Input[str]) – Custom error page URL

  • accessibility_self_service (pulumi.Input[bool]) – Enable self service

  • auto_submit_toolbar (pulumi.Input[bool]) – Display auto submit toolbar

  • credentials_scheme (pulumi.Input[str]) – Application credentials scheme

  • groups (pulumi.Input[list]) – Groups associated with the application

  • hide_ios (pulumi.Input[bool]) – Do not display application icon on mobile app

  • hide_web (pulumi.Input[bool]) – Do not display application icon to users

  • label (pulumi.Input[str]) – Pretty name of app.

  • name (pulumi.Input[str]) – name of app.

  • optional_field1 (pulumi.Input[str]) – Name of optional param in the login form

  • optional_field1_value (pulumi.Input[str]) – Name of optional value in login form

  • optional_field2 (pulumi.Input[str]) – Name of optional param in the login form

  • optional_field2_value (pulumi.Input[str]) – Name of optional value in login form

  • optional_field3 (pulumi.Input[str]) – Name of optional param in the login form

  • optional_field3_value (pulumi.Input[str]) – Name of optional value in login form

  • password_field (pulumi.Input[str]) – Login password field

  • reveal_password (pulumi.Input[bool]) – Allow user to reveal password

  • shared_password (pulumi.Input[str]) – Shared password, required for certain schemes.

  • shared_username (pulumi.Input[str]) – Shared username, required for certain schemes.

  • sign_on_mode (pulumi.Input[str]) – Sign on mode of application.

  • status (pulumi.Input[str]) – Status of application.

  • url (pulumi.Input[str]) – Login URL

  • user_name_template (pulumi.Input[str]) – Username template

  • user_name_template_type (pulumi.Input[str]) – Username template type

  • username_field (pulumi.Input[str]) – Login username field

  • users (pulumi.Input[list]) – Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.SignonPolicy(resource_name, opts=None, description=None, groups_includeds=None, name=None, priority=None, status=None, __props__=None, __name__=None, __opts__=None)

Create a SignonPolicy resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] description: Policy Description :param pulumi.Input[list] groups_includeds: List of Group IDs to Include :param pulumi.Input[str] name: Policy Name :param pulumi.Input[float] priority: Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid

priority is provided. API defaults it to the last/lowest if not there.

Parameters

status (pulumi.Input[str]) – Policy Status: ACTIVE or INACTIVE.

description: pulumi.Output[str] = None

Policy Description

groups_includeds: pulumi.Output[list] = None

List of Group IDs to Include

name: pulumi.Output[str] = None

Policy Name

priority: pulumi.Output[float] = None

Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

status: pulumi.Output[str] = None

Policy Status: ACTIVE or INACTIVE.

static get(resource_name, id, opts=None, description=None, groups_includeds=None, name=None, priority=None, status=None)

Get an existing SignonPolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • description (pulumi.Input[str]) – Policy Description

  • groups_includeds (pulumi.Input[list]) – List of Group IDs to Include

  • name (pulumi.Input[str]) – Policy Name

  • priority (pulumi.Input[float]) – Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

  • status (pulumi.Input[str]) – Policy Status: ACTIVE or INACTIVE.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.SignonPolicyRule(resource_name, opts=None, access=None, authtype=None, mfa_lifetime=None, mfa_prompt=None, mfa_remember_device=None, mfa_required=None, name=None, network_connection=None, network_excludes=None, network_includes=None, policyid=None, priority=None, session_idle=None, session_lifetime=None, session_persistent=None, status=None, users_excludeds=None, __props__=None, __name__=None, __opts__=None)

Create a SignonPolicyRule resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] access: Allow or deny access based on the rule conditions: ALLOW or DENY. :param pulumi.Input[str] authtype: Authentication entrypoint: ANY or RADIUS. :param pulumi.Input[float] mfa_lifetime: Elapsed time before the next MFA challenge :param pulumi.Input[str] mfa_prompt: Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS :param pulumi.Input[bool] mfa_remember_device: Remember MFA device. :param pulumi.Input[bool] mfa_required: Require MFA. :param pulumi.Input[str] name: Policy Rule Name :param pulumi.Input[str] network_connection: Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK. :param pulumi.Input[list] network_excludes: The zones to exclude :param pulumi.Input[list] network_includes: The zones to include :param pulumi.Input[str] policyid: Policy ID of the Rule :param pulumi.Input[float] priority: Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an

invalid priority is provided. API defaults it to the last/lowest if not there.

Parameters
  • session_idle (pulumi.Input[float]) – Max minutes a session can be idle.

  • session_lifetime (pulumi.Input[float]) – Max minutes a session is active: Disable = 0.

  • session_persistent (pulumi.Input[bool]) – Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.

  • status (pulumi.Input[str]) – Policy Rule Status: ACTIVE or INACTIVE.

  • users_excludeds (pulumi.Input[list]) – Set of User IDs to Exclude

access: pulumi.Output[str] = None

Allow or deny access based on the rule conditions: ALLOW or DENY.

authtype: pulumi.Output[str] = None

Authentication entrypoint: ANY or RADIUS.

mfa_lifetime: pulumi.Output[float] = None

Elapsed time before the next MFA challenge

mfa_prompt: pulumi.Output[str] = None

Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS

mfa_remember_device: pulumi.Output[bool] = None

Remember MFA device.

mfa_required: pulumi.Output[bool] = None

Require MFA.

name: pulumi.Output[str] = None

Policy Rule Name

network_connection: pulumi.Output[str] = None

Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.

network_excludes: pulumi.Output[list] = None

The zones to exclude

network_includes: pulumi.Output[list] = None

The zones to include

policyid: pulumi.Output[str] = None

Policy ID of the Rule

priority: pulumi.Output[float] = None

Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

session_idle: pulumi.Output[float] = None

Max minutes a session can be idle.

session_lifetime: pulumi.Output[float] = None

Max minutes a session is active: Disable = 0.

session_persistent: pulumi.Output[bool] = None

Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.

status: pulumi.Output[str] = None

Policy Rule Status: ACTIVE or INACTIVE.

users_excludeds: pulumi.Output[list] = None

Set of User IDs to Exclude

static get(resource_name, id, opts=None, access=None, authtype=None, mfa_lifetime=None, mfa_prompt=None, mfa_remember_device=None, mfa_required=None, name=None, network_connection=None, network_excludes=None, network_includes=None, policyid=None, priority=None, session_idle=None, session_lifetime=None, session_persistent=None, status=None, users_excludeds=None)

Get an existing SignonPolicyRule resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access (pulumi.Input[str]) – Allow or deny access based on the rule conditions: ALLOW or DENY.

  • authtype (pulumi.Input[str]) – Authentication entrypoint: ANY or RADIUS.

  • mfa_lifetime (pulumi.Input[float]) – Elapsed time before the next MFA challenge

  • mfa_prompt (pulumi.Input[str]) – Prompt for MFA based on the device used, a factor session lifetime, or every sign on attempt: DEVICE, SESSION or ALWAYS

  • mfa_remember_device (pulumi.Input[bool]) – Remember MFA device.

  • mfa_required (pulumi.Input[bool]) – Require MFA.

  • name (pulumi.Input[str]) – Policy Rule Name

  • network_connection (pulumi.Input[str]) – Network selection mode: ANYWHERE, ZONE, ON_NETWORK, or OFF_NETWORK.

  • network_excludes (pulumi.Input[list]) – The zones to exclude

  • network_includes (pulumi.Input[list]) – The zones to include

  • policyid (pulumi.Input[str]) – Policy ID of the Rule

  • priority (pulumi.Input[float]) – Policy Rule Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last/lowest if not there.

  • session_idle (pulumi.Input[float]) – Max minutes a session can be idle.

  • session_lifetime (pulumi.Input[float]) – Max minutes a session is active: Disable = 0.

  • session_persistent (pulumi.Input[bool]) – Whether session cookies will last across browser sessions. Okta Administrators can never have persistent session cookies.

  • status (pulumi.Input[str]) – Policy Rule Status: ACTIVE or INACTIVE.

  • users_excludeds (pulumi.Input[list]) – Set of User IDs to Exclude

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.SocialIdp(resource_name, opts=None, account_link_action=None, account_link_group_includes=None, client_id=None, client_secret=None, deprovisioned_action=None, groups_action=None, groups_assignments=None, groups_attribute=None, groups_filters=None, issuer_mode=None, match_attribute=None, match_type=None, max_clock_skew=None, name=None, profile_master=None, protocol_type=None, provisioning_action=None, request_signature_algorithm=None, request_signature_scope=None, response_signature_algorithm=None, response_signature_scope=None, scopes=None, status=None, subject_match_attribute=None, subject_match_type=None, suspended_action=None, type=None, username_template=None, __props__=None, __name__=None, __opts__=None)

Create a SocialIdp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] issuer_mode: Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL :param pulumi.Input[str] name: name of idp :param pulumi.Input[str] request_signature_algorithm: algorithm to use to sign requests :param pulumi.Input[str] request_signature_scope: algorithm to use to sign response :param pulumi.Input[str] response_signature_algorithm: algorithm to use to sign requests :param pulumi.Input[str] response_signature_scope: algorithm to use to sign response

issuer_mode: pulumi.Output[str] = None

Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL

name: pulumi.Output[str] = None

name of idp

request_signature_algorithm: pulumi.Output[str] = None

algorithm to use to sign requests

request_signature_scope: pulumi.Output[str] = None

algorithm to use to sign response

response_signature_algorithm: pulumi.Output[str] = None

algorithm to use to sign requests

response_signature_scope: pulumi.Output[str] = None

algorithm to use to sign response

static get(resource_name, id, opts=None, account_link_action=None, account_link_group_includes=None, authorization_binding=None, authorization_url=None, client_id=None, client_secret=None, deprovisioned_action=None, groups_action=None, groups_assignments=None, groups_attribute=None, groups_filters=None, issuer_mode=None, match_attribute=None, match_type=None, max_clock_skew=None, name=None, profile_master=None, protocol_type=None, provisioning_action=None, request_signature_algorithm=None, request_signature_scope=None, response_signature_algorithm=None, response_signature_scope=None, scopes=None, status=None, subject_match_attribute=None, subject_match_type=None, suspended_action=None, token_binding=None, token_url=None, type=None, username_template=None)

Get an existing SocialIdp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • issuer_mode (pulumi.Input[str]) – Indicates whether Okta uses the original Okta org domain URL, or a custom domain URL

  • name (pulumi.Input[str]) – name of idp

  • request_signature_algorithm (pulumi.Input[str]) – algorithm to use to sign requests

  • request_signature_scope (pulumi.Input[str]) – algorithm to use to sign response

  • response_signature_algorithm (pulumi.Input[str]) – algorithm to use to sign requests

  • response_signature_scope (pulumi.Input[str]) – algorithm to use to sign response

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.SwaApp(resource_name, opts=None, accessibility_error_redirect_url=None, accessibility_self_service=None, auto_submit_toolbar=None, button_field=None, groups=None, hide_ios=None, hide_web=None, label=None, password_field=None, preconfigured_app=None, status=None, url=None, url_regex=None, username_field=None, users=None, __props__=None, __name__=None, __opts__=None)

Create a SwaApp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] accessibility_error_redirect_url: Custom error page URL :param pulumi.Input[bool] accessibility_self_service: Enable self service :param pulumi.Input[bool] auto_submit_toolbar: Display auto submit toolbar :param pulumi.Input[str] button_field: Login button field :param pulumi.Input[list] groups: Groups associated with the application :param pulumi.Input[bool] hide_ios: Do not display application icon on mobile app :param pulumi.Input[bool] hide_web: Do not display application icon to users :param pulumi.Input[str] label: Pretty name of app. :param pulumi.Input[str] password_field: Login password field :param pulumi.Input[str] preconfigured_app: Preconfigured app name :param pulumi.Input[str] status: Status of application. :param pulumi.Input[str] url: Login URL :param pulumi.Input[str] url_regex: A regex that further restricts URL to the specified regex :param pulumi.Input[str] username_field: Login username field :param pulumi.Input[list] users: Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

accessibility_error_redirect_url: pulumi.Output[str] = None

Custom error page URL

accessibility_self_service: pulumi.Output[bool] = None

Enable self service

auto_submit_toolbar: pulumi.Output[bool] = None

Display auto submit toolbar

button_field: pulumi.Output[str] = None

Login button field

groups: pulumi.Output[list] = None

Groups associated with the application

hide_ios: pulumi.Output[bool] = None

Do not display application icon on mobile app

hide_web: pulumi.Output[bool] = None

Do not display application icon to users

label: pulumi.Output[str] = None

Pretty name of app.

name: pulumi.Output[str] = None

name of app.

password_field: pulumi.Output[str] = None

Login password field

preconfigured_app: pulumi.Output[str] = None

Preconfigured app name

sign_on_mode: pulumi.Output[str] = None

Sign on mode of application.

status: pulumi.Output[str] = None

Status of application.

url: pulumi.Output[str] = None

Login URL

url_regex: pulumi.Output[str] = None

A regex that further restricts URL to the specified regex

user_name_template: pulumi.Output[str] = None

Username template

user_name_template_type: pulumi.Output[str] = None

Username template type

username_field: pulumi.Output[str] = None

Login username field

users: pulumi.Output[list] = None

Users associated with the application

  • id (str)

  • password (str)

  • scope (str)

  • username (str)

static get(resource_name, id, opts=None, accessibility_error_redirect_url=None, accessibility_self_service=None, auto_submit_toolbar=None, button_field=None, groups=None, hide_ios=None, hide_web=None, label=None, name=None, password_field=None, preconfigured_app=None, sign_on_mode=None, status=None, url=None, url_regex=None, user_name_template=None, user_name_template_type=None, username_field=None, users=None)

Get an existing SwaApp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • accessibility_error_redirect_url (pulumi.Input[str]) – Custom error page URL

  • accessibility_self_service (pulumi.Input[bool]) – Enable self service

  • auto_submit_toolbar (pulumi.Input[bool]) – Display auto submit toolbar

  • button_field (pulumi.Input[str]) – Login button field

  • groups (pulumi.Input[list]) – Groups associated with the application

  • hide_ios (pulumi.Input[bool]) – Do not display application icon on mobile app

  • hide_web (pulumi.Input[bool]) – Do not display application icon to users

  • label (pulumi.Input[str]) – Pretty name of app.

  • name (pulumi.Input[str]) – name of app.

  • password_field (pulumi.Input[str]) – Login password field

  • preconfigured_app (pulumi.Input[str]) – Preconfigured app name

  • sign_on_mode (pulumi.Input[str]) – Sign on mode of application.

  • status (pulumi.Input[str]) – Status of application.

  • url (pulumi.Input[str]) – Login URL

  • url_regex (pulumi.Input[str]) – A regex that further restricts URL to the specified regex

  • user_name_template (pulumi.Input[str]) – Username template

  • user_name_template_type (pulumi.Input[str]) – Username template type

  • username_field (pulumi.Input[str]) – Login username field

  • users (pulumi.Input[list]) – Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_okta.deprecated.ThreeFieldApp(resource_name, opts=None, accessibility_error_redirect_url=None, accessibility_self_service=None, auto_submit_toolbar=None, button_selector=None, extra_field_selector=None, extra_field_value=None, groups=None, hide_ios=None, hide_web=None, label=None, password_selector=None, status=None, url=None, url_regex=None, username_selector=None, users=None, __props__=None, __name__=None, __opts__=None)

Create a ThreeFieldApp resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] accessibility_error_redirect_url: Custom error page URL :param pulumi.Input[bool] accessibility_self_service: Enable self service :param pulumi.Input[bool] auto_submit_toolbar: Display auto submit toolbar :param pulumi.Input[str] button_selector: Login button field CSS selector :param pulumi.Input[str] extra_field_selector: Extra field CSS selector :param pulumi.Input[str] extra_field_value: Value for extra form field :param pulumi.Input[list] groups: Groups associated with the application :param pulumi.Input[bool] hide_ios: Do not display application icon on mobile app :param pulumi.Input[bool] hide_web: Do not display application icon to users :param pulumi.Input[str] label: Pretty name of app. :param pulumi.Input[str] password_selector: Login password field CSS selector :param pulumi.Input[str] status: Status of application. :param pulumi.Input[str] url: Login URL :param pulumi.Input[str] url_regex: A regex that further restricts URL to the specified regex :param pulumi.Input[str] username_selector: Login username field CSS selector :param pulumi.Input[list] users: Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

accessibility_error_redirect_url: pulumi.Output[str] = None

Custom error page URL

accessibility_self_service: pulumi.Output[bool] = None

Enable self service

auto_submit_toolbar: pulumi.Output[bool] = None

Display auto submit toolbar

button_selector: pulumi.Output[str] = None

Login button field CSS selector

extra_field_selector: pulumi.Output[str] = None

Extra field CSS selector

extra_field_value: pulumi.Output[str] = None

Value for extra form field

groups: pulumi.Output[list] = None

Groups associated with the application

hide_ios: pulumi.Output[bool] = None

Do not display application icon on mobile app

hide_web: pulumi.Output[bool] = None

Do not display application icon to users

label: pulumi.Output[str] = None

Pretty name of app.

name: pulumi.Output[str] = None

name of app.

password_selector: pulumi.Output[str] = None

Login password field CSS selector

sign_on_mode: pulumi.Output[str] = None

Sign on mode of application.

status: pulumi.Output[str] = None

Status of application.

url: pulumi.Output[str] = None

Login URL

url_regex: pulumi.Output[str] = None

A regex that further restricts URL to the specified regex

user_name_template: pulumi.Output[str] = None

Username template

user_name_template_type: pulumi.Output[str] = None

Username template type

username_selector: pulumi.Output[str] = None

Login username field CSS selector

users: pulumi.Output[list] = None

Users associated with the application

  • id (str)

  • password (str)

  • scope (str)

  • username (str)

static get(resource_name, id, opts=None, accessibility_error_redirect_url=None, accessibility_self_service=None, auto_submit_toolbar=None, button_selector=None, extra_field_selector=None, extra_field_value=None, groups=None, hide_ios=None, hide_web=None, label=None, name=None, password_selector=None, sign_on_mode=None, status=None, url=None, url_regex=None, user_name_template=None, user_name_template_type=None, username_selector=None, users=None)

Get an existing ThreeFieldApp resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • accessibility_error_redirect_url (pulumi.Input[str]) – Custom error page URL

  • accessibility_self_service (pulumi.Input[bool]) – Enable self service

  • auto_submit_toolbar (pulumi.Input[bool]) – Display auto submit toolbar

  • button_selector (pulumi.Input[str]) – Login button field CSS selector

  • extra_field_selector (pulumi.Input[str]) – Extra field CSS selector

  • extra_field_value (pulumi.Input[str]) – Value for extra form field

  • groups (pulumi.Input[list]) – Groups associated with the application

  • hide_ios (pulumi.Input[bool]) – Do not display application icon on mobile app

  • hide_web (pulumi.Input[bool]) – Do not display application icon to users

  • label (pulumi.Input[str]) – Pretty name of app.

  • name (pulumi.Input[str]) – name of app.

  • password_selector (pulumi.Input[str]) – Login password field CSS selector

  • sign_on_mode (pulumi.Input[str]) – Sign on mode of application.

  • status (pulumi.Input[str]) – Status of application.

  • url (pulumi.Input[str]) – Login URL

  • url_regex (pulumi.Input[str]) – A regex that further restricts URL to the specified regex

  • user_name_template (pulumi.Input[str]) – Username template

  • user_name_template_type (pulumi.Input[str]) – Username template type

  • username_selector (pulumi.Input[str]) – Login username field CSS selector

  • users (pulumi.Input[list]) – Users associated with the application

The users object supports the following:

  • id (pulumi.Input[str])

  • password (pulumi.Input[str])

  • scope (pulumi.Input[str])

  • username (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

pulumi_okta.deprecated.get_default_policies(type=None, opts=None)

Use this data source to access information about an existing resource.