auth0.ClientCredentials
Explore with Pulumi AI
With this resource, you can configure the method to use when making requests to any endpoint that requires this client to authenticate.
Refer to the client secret rotation guide for instructions on how to rotate client secrets with zero downtime.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Auth0 = Pulumi.Auth0;
return await Deployment.RunAsync(() =>
{
var myClient = new Auth0.Client("myClient", new()
{
AppType = "non_interactive",
JwtConfiguration = new Auth0.Inputs.ClientJwtConfigurationArgs
{
Alg = "RS256",
},
});
// Configuring client_secret_post as an authentication method.
var testClientCredentials = new Auth0.ClientCredentials("testClientCredentials", new()
{
ClientId = myClient.Id,
AuthenticationMethod = "client_secret_post",
});
// Configuring client_secret_basic as an authentication method.
var testIndex_clientCredentialsClientCredentials = new Auth0.ClientCredentials("testIndex/clientCredentialsClientCredentials", new()
{
ClientId = myClient.Id,
AuthenticationMethod = "client_secret_basic",
});
// Configuring none as an authentication method.
var testAuth0Index_clientCredentialsClientCredentials = new Auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials", new()
{
ClientId = myClient.Id,
AuthenticationMethod = "none",
});
// Configuring private_key_jwt as an authentication method.
var testAuth0Index_clientCredentialsClientCredentials1 = new Auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials1", new()
{
ClientId = myClient.Id,
AuthenticationMethod = "private_key_jwt",
PrivateKeyJwt = new Auth0.Inputs.ClientCredentialsPrivateKeyJwtArgs
{
Credentials = new[]
{
new Auth0.Inputs.ClientCredentialsPrivateKeyJwtCredentialArgs
{
Name = "Testing Credentials 1",
CredentialType = "public_key",
Algorithm = "RS256",
ParseExpiryFromCert = true,
Pem = @"-----BEGIN CERTIFICATE-----
MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
-----END CERTIFICATE-----
",
},
},
},
});
// Configuring the client_secret.
var testAuth0Index_clientCredentialsClientCredentials2 = new Auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials2", new()
{
ClientId = myClient.Id,
AuthenticationMethod = "client_secret_basic",
ClientSecret = "LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341",
});
});
package main
import (
"github.com/pulumi/pulumi-auth0/sdk/v3/go/auth0"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myClient, err := auth0.NewClient(ctx, "myClient", &auth0.ClientArgs{
AppType: pulumi.String("non_interactive"),
JwtConfiguration: &auth0.ClientJwtConfigurationArgs{
Alg: pulumi.String("RS256"),
},
})
if err != nil {
return err
}
_, err = auth0.NewClientCredentials(ctx, "testClientCredentials", &auth0.ClientCredentialsArgs{
ClientId: myClient.ID(),
AuthenticationMethod: pulumi.String("client_secret_post"),
})
if err != nil {
return err
}
_, err = auth0.NewClientCredentials(ctx, "testIndex/clientCredentialsClientCredentials", &auth0.ClientCredentialsArgs{
ClientId: myClient.ID(),
AuthenticationMethod: pulumi.String("client_secret_basic"),
})
if err != nil {
return err
}
_, err = auth0.NewClientCredentials(ctx, "testAuth0Index/clientCredentialsClientCredentials", &auth0.ClientCredentialsArgs{
ClientId: myClient.ID(),
AuthenticationMethod: pulumi.String("none"),
})
if err != nil {
return err
}
_, err = auth0.NewClientCredentials(ctx, "testAuth0Index/clientCredentialsClientCredentials1", &auth0.ClientCredentialsArgs{
ClientId: myClient.ID(),
AuthenticationMethod: pulumi.String("private_key_jwt"),
PrivateKeyJwt: &auth0.ClientCredentialsPrivateKeyJwtArgs{
Credentials: auth0.ClientCredentialsPrivateKeyJwtCredentialArray{
&auth0.ClientCredentialsPrivateKeyJwtCredentialArgs{
Name: pulumi.String("Testing Credentials 1"),
CredentialType: pulumi.String("public_key"),
Algorithm: pulumi.String("RS256"),
ParseExpiryFromCert: pulumi.Bool(true),
Pem: pulumi.String("-----BEGIN CERTIFICATE-----\nMIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl\n-----END CERTIFICATE-----\n"),
},
},
},
})
if err != nil {
return err
}
_, err = auth0.NewClientCredentials(ctx, "testAuth0Index/clientCredentialsClientCredentials2", &auth0.ClientCredentialsArgs{
ClientId: myClient.ID(),
AuthenticationMethod: pulumi.String("client_secret_basic"),
ClientSecret: pulumi.String("LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.auth0.Client;
import com.pulumi.auth0.ClientArgs;
import com.pulumi.auth0.inputs.ClientJwtConfigurationArgs;
import com.pulumi.auth0.ClientCredentials;
import com.pulumi.auth0.ClientCredentialsArgs;
import com.pulumi.auth0.inputs.ClientCredentialsPrivateKeyJwtArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myClient = new Client("myClient", ClientArgs.builder()
.appType("non_interactive")
.jwtConfiguration(ClientJwtConfigurationArgs.builder()
.alg("RS256")
.build())
.build());
var testClientCredentials = new ClientCredentials("testClientCredentials", ClientCredentialsArgs.builder()
.clientId(myClient.id())
.authenticationMethod("client_secret_post")
.build());
var testIndex_clientCredentialsClientCredentials = new ClientCredentials("testIndex/clientCredentialsClientCredentials", ClientCredentialsArgs.builder()
.clientId(myClient.id())
.authenticationMethod("client_secret_basic")
.build());
var testAuth0Index_clientCredentialsClientCredentials = new ClientCredentials("testAuth0Index/clientCredentialsClientCredentials", ClientCredentialsArgs.builder()
.clientId(myClient.id())
.authenticationMethod("none")
.build());
var testAuth0Index_clientCredentialsClientCredentials1 = new ClientCredentials("testAuth0Index/clientCredentialsClientCredentials1", ClientCredentialsArgs.builder()
.clientId(myClient.id())
.authenticationMethod("private_key_jwt")
.privateKeyJwt(ClientCredentialsPrivateKeyJwtArgs.builder()
.credentials(ClientCredentialsPrivateKeyJwtCredentialArgs.builder()
.name("Testing Credentials 1")
.credentialType("public_key")
.algorithm("RS256")
.parseExpiryFromCert(true)
.pem("""
-----BEGIN CERTIFICATE-----
MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
-----END CERTIFICATE-----
""")
.build())
.build())
.build());
var testAuth0Index_clientCredentialsClientCredentials2 = new ClientCredentials("testAuth0Index/clientCredentialsClientCredentials2", ClientCredentialsArgs.builder()
.clientId(myClient.id())
.authenticationMethod("client_secret_basic")
.clientSecret("LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341")
.build());
}
}
import pulumi
import pulumi_auth0 as auth0
my_client = auth0.Client("myClient",
app_type="non_interactive",
jwt_configuration=auth0.ClientJwtConfigurationArgs(
alg="RS256",
))
# Configuring client_secret_post as an authentication method.
test_client_credentials = auth0.ClientCredentials("testClientCredentials",
client_id=my_client.id,
authentication_method="client_secret_post")
# Configuring client_secret_basic as an authentication method.
test_index_client_credentials_client_credentials = auth0.ClientCredentials("testIndex/clientCredentialsClientCredentials",
client_id=my_client.id,
authentication_method="client_secret_basic")
# Configuring none as an authentication method.
test_auth0_index_client_credentials_client_credentials = auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials",
client_id=my_client.id,
authentication_method="none")
# Configuring private_key_jwt as an authentication method.
test_auth0_index_client_credentials_client_credentials1 = auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials1",
client_id=my_client.id,
authentication_method="private_key_jwt",
private_key_jwt=auth0.ClientCredentialsPrivateKeyJwtArgs(
credentials=[auth0.ClientCredentialsPrivateKeyJwtCredentialArgs(
name="Testing Credentials 1",
credential_type="public_key",
algorithm="RS256",
parse_expiry_from_cert=True,
pem="""-----BEGIN CERTIFICATE-----
MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
-----END CERTIFICATE-----
""",
)],
))
# Configuring the client_secret.
test_auth0_index_client_credentials_client_credentials2 = auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials2",
client_id=my_client.id,
authentication_method="client_secret_basic",
client_secret="LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341")
import * as pulumi from "@pulumi/pulumi";
import * as auth0 from "@pulumi/auth0";
const myClient = new auth0.Client("myClient", {
appType: "non_interactive",
jwtConfiguration: {
alg: "RS256",
},
});
// Configuring client_secret_post as an authentication method.
const testClientCredentials = new auth0.ClientCredentials("testClientCredentials", {
clientId: myClient.id,
authenticationMethod: "client_secret_post",
});
// Configuring client_secret_basic as an authentication method.
const testIndex_clientCredentialsClientCredentials = new auth0.ClientCredentials("testIndex/clientCredentialsClientCredentials", {
clientId: myClient.id,
authenticationMethod: "client_secret_basic",
});
// Configuring none as an authentication method.
const testAuth0Index_clientCredentialsClientCredentials = new auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials", {
clientId: myClient.id,
authenticationMethod: "none",
});
// Configuring private_key_jwt as an authentication method.
const testAuth0Index_clientCredentialsClientCredentials1 = new auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials1", {
clientId: myClient.id,
authenticationMethod: "private_key_jwt",
privateKeyJwt: {
credentials: [{
name: "Testing Credentials 1",
credentialType: "public_key",
algorithm: "RS256",
parseExpiryFromCert: true,
pem: `-----BEGIN CERTIFICATE-----
MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
-----END CERTIFICATE-----
`,
}],
},
});
// Configuring the client_secret.
const testAuth0Index_clientCredentialsClientCredentials2 = new auth0.ClientCredentials("testAuth0Index/clientCredentialsClientCredentials2", {
clientId: myClient.id,
authenticationMethod: "client_secret_basic",
clientSecret: "LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341",
});
resources:
myClient:
type: auth0:Client
properties:
appType: non_interactive
jwtConfiguration:
alg: RS256
# Configuring client_secret_post as an authentication method.
testClientCredentials:
type: auth0:ClientCredentials
properties:
clientId: ${myClient.id}
authenticationMethod: client_secret_post
# Configuring client_secret_basic as an authentication method.
testIndex/clientCredentialsClientCredentials:
type: auth0:ClientCredentials
properties:
clientId: ${myClient.id}
authenticationMethod: client_secret_basic
# Configuring none as an authentication method.
testAuth0Index/clientCredentialsClientCredentials:
type: auth0:ClientCredentials
properties:
clientId: ${myClient.id}
authenticationMethod: none
# Configuring private_key_jwt as an authentication method.
testAuth0Index/clientCredentialsClientCredentials1:
type: auth0:ClientCredentials
properties:
clientId: ${myClient.id}
authenticationMethod: private_key_jwt
privateKeyJwt:
credentials:
- name: Testing Credentials 1
credentialType: public_key
algorithm: RS256
parseExpiryFromCert: true
pem: |
-----BEGIN CERTIFICATE-----
MIIFWDCCA0ACCQDXqpBo3R...G9w0BAQsFADBuMQswCQYDVQQGEwJl
-----END CERTIFICATE-----
# Configuring the client_secret.
testAuth0Index/clientCredentialsClientCredentials2:
type: auth0:ClientCredentials
properties:
clientId: ${myClient.id}
authenticationMethod: client_secret_basic
clientSecret: LUFqPx+sRLjbL7peYRPFmFu-bbvE7u7og4YUNe_C345=683341
Create ClientCredentials Resource
new ClientCredentials(name: string, args: ClientCredentialsArgs, opts?: CustomResourceOptions);
@overload
def ClientCredentials(resource_name: str,
opts: Optional[ResourceOptions] = None,
authentication_method: Optional[str] = None,
client_id: Optional[str] = None,
client_secret: Optional[str] = None,
private_key_jwt: Optional[ClientCredentialsPrivateKeyJwtArgs] = None)
@overload
def ClientCredentials(resource_name: str,
args: ClientCredentialsArgs,
opts: Optional[ResourceOptions] = None)
func NewClientCredentials(ctx *Context, name string, args ClientCredentialsArgs, opts ...ResourceOption) (*ClientCredentials, error)
public ClientCredentials(string name, ClientCredentialsArgs args, CustomResourceOptions? opts = null)
public ClientCredentials(String name, ClientCredentialsArgs args)
public ClientCredentials(String name, ClientCredentialsArgs args, CustomResourceOptions options)
type: auth0:ClientCredentials
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientCredentialsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ClientCredentialsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ClientCredentialsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClientCredentialsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ClientCredentialsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
ClientCredentials Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ClientCredentials resource accepts the following input properties:
- Authentication
Method string Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- Client
Id string The ID of the client for which to configure the authentication method.
- Client
Secret string Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- Private
Key ClientJwt Credentials Private Key Jwt Defines
private_key_jwt
client authentication method.
- Authentication
Method string Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- Client
Id string The ID of the client for which to configure the authentication method.
- Client
Secret string Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- Private
Key ClientJwt Credentials Private Key Jwt Args Defines
private_key_jwt
client authentication method.
- authentication
Method String Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- client
Id String The ID of the client for which to configure the authentication method.
- client
Secret String Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- private
Key ClientJwt Credentials Private Key Jwt Defines
private_key_jwt
client authentication method.
- authentication
Method string Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- client
Id string The ID of the client for which to configure the authentication method.
- client
Secret string Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- private
Key ClientJwt Credentials Private Key Jwt Defines
private_key_jwt
client authentication method.
- authentication_
method str Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- client_
id str The ID of the client for which to configure the authentication method.
- client_
secret str Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- private_
key_ Clientjwt Credentials Private Key Jwt Args Defines
private_key_jwt
client authentication method.
- authentication
Method String Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- client
Id String The ID of the client for which to configure the authentication method.
- client
Secret String Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- private
Key Property MapJwt Defines
private_key_jwt
client authentication method.
Outputs
All input properties are implicitly available as output properties. Additionally, the ClientCredentials resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing ClientCredentials Resource
Get an existing ClientCredentials resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ClientCredentialsState, opts?: CustomResourceOptions): ClientCredentials
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authentication_method: Optional[str] = None,
client_id: Optional[str] = None,
client_secret: Optional[str] = None,
private_key_jwt: Optional[ClientCredentialsPrivateKeyJwtArgs] = None) -> ClientCredentials
func GetClientCredentials(ctx *Context, name string, id IDInput, state *ClientCredentialsState, opts ...ResourceOption) (*ClientCredentials, error)
public static ClientCredentials Get(string name, Input<string> id, ClientCredentialsState? state, CustomResourceOptions? opts = null)
public static ClientCredentials get(String name, Output<String> id, ClientCredentialsState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Authentication
Method string Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- Client
Id string The ID of the client for which to configure the authentication method.
- Client
Secret string Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- Private
Key ClientJwt Credentials Private Key Jwt Defines
private_key_jwt
client authentication method.
- Authentication
Method string Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- Client
Id string The ID of the client for which to configure the authentication method.
- Client
Secret string Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- Private
Key ClientJwt Credentials Private Key Jwt Args Defines
private_key_jwt
client authentication method.
- authentication
Method String Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- client
Id String The ID of the client for which to configure the authentication method.
- client
Secret String Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- private
Key ClientJwt Credentials Private Key Jwt Defines
private_key_jwt
client authentication method.
- authentication
Method string Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- client
Id string The ID of the client for which to configure the authentication method.
- client
Secret string Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- private
Key ClientJwt Credentials Private Key Jwt Defines
private_key_jwt
client authentication method.
- authentication_
method str Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- client_
id str The ID of the client for which to configure the authentication method.
- client_
secret str Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- private_
key_ Clientjwt Credentials Private Key Jwt Args Defines
private_key_jwt
client authentication method.
- authentication
Method String Configure the method to use when making requests to any endpoint that requires this client to authenticate. Options include
none
(public client without a client secret),client_secret_post
(confidential client using HTTP POST parameters),client_secret_basic
(confidential client using HTTP Basic),private_key_jwt
(confidential client using a Private Key JWT).- client
Id String The ID of the client for which to configure the authentication method.
- client
Secret String Secret for the client when using
client_secret_post
orclient_secret_basic
authentication method. Keep this private. To access this attribute you need to add theread:client_keys
scope to the Terraform client. Otherwise, the attribute will contain an empty string. The attribute will also be an empty string in caseprivate_key_jwt
is selected as an authentication method.- private
Key Property MapJwt Defines
private_key_jwt
client authentication method.
Supporting Types
ClientCredentialsPrivateKeyJwt, ClientCredentialsPrivateKeyJwtArgs
- Credentials
List<Client
Credentials Private Key Jwt Credential> Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.
- Credentials
[]Client
Credentials Private Key Jwt Credential Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.
- credentials
List<Client
Credentials Private Key Jwt Credential> Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.
- credentials
Client
Credentials Private Key Jwt Credential[] Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.
- credentials
Sequence[Client
Credentials Private Key Jwt Credential] Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.
- credentials List<Property Map>
Client credentials available for use when Private Key JWT is in use as the client authentication method. A maximum of 2 client credentials can be set.
ClientCredentialsPrivateKeyJwtCredential, ClientCredentialsPrivateKeyJwtCredentialArgs
- Credential
Type string Credential type. Supported types:
public_key
.- Pem string
PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.
- Algorithm string
Algorithm which will be used with the credential. Can be one of
RS256
,RS384
,PS256
. If not specified,RS256
will be used.- Created
At string The ISO 8601 formatted date the credential was created.
- Expires
At string The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.
- Id string
The ID of the client credential.
- Key
Id string The key identifier of the credential, generated on creation.
- Name string
Friendly name for a credential.
- Parse
Expiry boolFrom Cert Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the
expires_at
is set the credential expiry will be set to the explicitexpires_at
value.- Updated
At string The ISO 8601 formatted date the credential was updated.
- Credential
Type string Credential type. Supported types:
public_key
.- Pem string
PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.
- Algorithm string
Algorithm which will be used with the credential. Can be one of
RS256
,RS384
,PS256
. If not specified,RS256
will be used.- Created
At string The ISO 8601 formatted date the credential was created.
- Expires
At string The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.
- Id string
The ID of the client credential.
- Key
Id string The key identifier of the credential, generated on creation.
- Name string
Friendly name for a credential.
- Parse
Expiry boolFrom Cert Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the
expires_at
is set the credential expiry will be set to the explicitexpires_at
value.- Updated
At string The ISO 8601 formatted date the credential was updated.
- credential
Type String Credential type. Supported types:
public_key
.- pem String
PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.
- algorithm String
Algorithm which will be used with the credential. Can be one of
RS256
,RS384
,PS256
. If not specified,RS256
will be used.- created
At String The ISO 8601 formatted date the credential was created.
- expires
At String The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.
- id String
The ID of the client credential.
- key
Id String The key identifier of the credential, generated on creation.
- name String
Friendly name for a credential.
- parse
Expiry BooleanFrom Cert Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the
expires_at
is set the credential expiry will be set to the explicitexpires_at
value.- updated
At String The ISO 8601 formatted date the credential was updated.
- credential
Type string Credential type. Supported types:
public_key
.- pem string
PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.
- algorithm string
Algorithm which will be used with the credential. Can be one of
RS256
,RS384
,PS256
. If not specified,RS256
will be used.- created
At string The ISO 8601 formatted date the credential was created.
- expires
At string The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.
- id string
The ID of the client credential.
- key
Id string The key identifier of the credential, generated on creation.
- name string
Friendly name for a credential.
- parse
Expiry booleanFrom Cert Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the
expires_at
is set the credential expiry will be set to the explicitexpires_at
value.- updated
At string The ISO 8601 formatted date the credential was updated.
- credential_
type str Credential type. Supported types:
public_key
.- pem str
PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.
- algorithm str
Algorithm which will be used with the credential. Can be one of
RS256
,RS384
,PS256
. If not specified,RS256
will be used.- created_
at str The ISO 8601 formatted date the credential was created.
- expires_
at str The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.
- id str
The ID of the client credential.
- key_
id str The key identifier of the credential, generated on creation.
- name str
Friendly name for a credential.
- parse_
expiry_ boolfrom_ cert Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the
expires_at
is set the credential expiry will be set to the explicitexpires_at
value.- updated_
at str The ISO 8601 formatted date the credential was updated.
- credential
Type String Credential type. Supported types:
public_key
.- pem String
PEM-formatted public key (SPKI and PKCS1) or X509 certificate. Must be JSON escaped.
- algorithm String
Algorithm which will be used with the credential. Can be one of
RS256
,RS384
,PS256
. If not specified,RS256
will be used.- created
At String The ISO 8601 formatted date the credential was created.
- expires
At String The ISO 8601 formatted date representing the expiration of the credential. It is not possible to set this to never expire after it has been set. Recreate the certificate if needed.
- id String
The ID of the client credential.
- key
Id String The key identifier of the credential, generated on creation.
- name String
Friendly name for a credential.
- parse
Expiry BooleanFrom Cert Parse expiry from x509 certificate. If true, attempts to parse the expiry date from the provided PEM. If also the
expires_at
is set the credential expiry will be set to the explicitexpires_at
value.- updated
At String The ISO 8601 formatted date the credential was updated.
Import
This resource can be imported by specifying the client ID. # Example
$ pulumi import auth0:index/clientCredentials:ClientCredentials my_creds "AaiyAPdpYdesoKnqjj8HJqRn4T5titww"
~> Importing this resource when the authentication_method
is set to private_key_jwt
will force the resource to be recreated. This is to be expected, because the pem file can’t be checked for differences.
Package Details
- Repository
- Auth0 pulumi/pulumi-auth0
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
auth0
Terraform Provider.