Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi IDP Pulumi Cloud Packages Tutorials
  1. Packages
  2. Authentik Provider
  3. API Docs
  4. PolicyEventMatcher
authentik 2025.8.1 published on Monday, Sep 8, 2025 by goauthentik
goauthentik/terraform-provider-authentik

authentik.PolicyEventMatcher

Explore with Pulumi AI

authentik logo
authentik 2025.8.1 published on Monday, Sep 8, 2025 by goauthentik
goauthentik/terraform-provider-authentik

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
import * as authentik from "@pulumi/authentik";

const name = new authentik.PolicyEventMatcher("name", {
    action: "login",
    app: "authentik.events",
    clientIp: "1.2.3.4",
});

    import pulumi
import pulumi_authentik as authentik

name = authentik.PolicyEventMatcher("name",
    action="login",
    app="authentik.events",
    client_ip="1.2.3.4")

    package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/authentik/v2025/authentik"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := authentik.NewPolicyEventMatcher(ctx, "name", &authentik.PolicyEventMatcherArgs{
			Action:   pulumi.String("login"),
			App:      pulumi.String("authentik.events"),
			ClientIp: pulumi.String("1.2.3.4"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Authentik = Pulumi.Authentik;

return await Deployment.RunAsync(() => 
{
    var name = new Authentik.PolicyEventMatcher("name", new()
    {
        Action = "login",
        App = "authentik.events",
        ClientIp = "1.2.3.4",
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.authentik.PolicyEventMatcher;
import com.pulumi.authentik.PolicyEventMatcherArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var name = new PolicyEventMatcher("name", PolicyEventMatcherArgs.builder()
            .action("login")
            .app("authentik.events")
            .clientIp("1.2.3.4")
            .build());

    }
}

    resources:
  name:
    type: authentik:PolicyEventMatcher
    properties:
      action: login
      app: authentik.events
      clientIp: 1.2.3.4

    Create PolicyEventMatcher Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new PolicyEventMatcher(name: string, args?: PolicyEventMatcherArgs, opts?: CustomResourceOptions);
    @overload
def PolicyEventMatcher(resource_name: str,
                       args: Optional[PolicyEventMatcherArgs] = None,
                       opts: Optional[ResourceOptions] = None)

@overload
def PolicyEventMatcher(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       action: Optional[str] = None,
                       app: Optional[str] = None,
                       client_ip: Optional[str] = None,
                       execution_logging: Optional[bool] = None,
                       model: Optional[str] = None,
                       name: Optional[str] = None,
                       policy_event_matcher_id: Optional[str] = None)
    func NewPolicyEventMatcher(ctx *Context, name string, args *PolicyEventMatcherArgs, opts ...ResourceOption) (*PolicyEventMatcher, error)
    public PolicyEventMatcher(string name, PolicyEventMatcherArgs? args = null, CustomResourceOptions? opts = null)
    public PolicyEventMatcher(String name, PolicyEventMatcherArgs args)
public PolicyEventMatcher(String name, PolicyEventMatcherArgs args, CustomResourceOptions options)

    type: authentik:PolicyEventMatcher
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args PolicyEventMatcherArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args PolicyEventMatcherArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args PolicyEventMatcherArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args PolicyEventMatcherArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args PolicyEventMatcherArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var policyEventMatcherResource = new Authentik.PolicyEventMatcher("policyEventMatcherResource", new()
{
    Action = "string",
    App = "string",
    ClientIp = "string",
    ExecutionLogging = false,
    Model = "string",
    Name = "string",
    PolicyEventMatcherId = "string",
});

    example, err := authentik.NewPolicyEventMatcher(ctx, "policyEventMatcherResource", &authentik.PolicyEventMatcherArgs{
	Action:               pulumi.String("string"),
	App:                  pulumi.String("string"),
	ClientIp:             pulumi.String("string"),
	ExecutionLogging:     pulumi.Bool(false),
	Model:                pulumi.String("string"),
	Name:                 pulumi.String("string"),
	PolicyEventMatcherId: pulumi.String("string"),
})

    var policyEventMatcherResource = new PolicyEventMatcher("policyEventMatcherResource", PolicyEventMatcherArgs.builder()
    .action("string")
    .app("string")
    .clientIp("string")
    .executionLogging(false)
    .model("string")
    .name("string")
    .policyEventMatcherId("string")
    .build());

    policy_event_matcher_resource = authentik.PolicyEventMatcher("policyEventMatcherResource",
    action="string",
    app="string",
    client_ip="string",
    execution_logging=False,
    model="string",
    name="string",
    policy_event_matcher_id="string")

    const policyEventMatcherResource = new authentik.PolicyEventMatcher("policyEventMatcherResource", {
    action: "string",
    app: "string",
    clientIp: "string",
    executionLogging: false,
    model: "string",
    name: "string",
    policyEventMatcherId: "string",
});

    type: authentik:PolicyEventMatcher
properties:
    action: string
    app: string
    clientIp: string
    executionLogging: false
    model: string
    name: string
    policyEventMatcherId: string

    PolicyEventMatcher Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The PolicyEventMatcher resource accepts the following input properties:

    Action string
    App string
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    ClientIp string
    ExecutionLogging bool
    Defaults to false.
    Model string
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    Name string
    PolicyEventMatcherId string
    Action string
    App string
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    ClientIp string
    ExecutionLogging bool
    Defaults to false.
    Model string
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    Name string
    PolicyEventMatcherId string
    action String
    app String
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    clientIp String
    executionLogging Boolean
    Defaults to false.
    model String
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    name String
    policyEventMatcherId String
    action string
    app string
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    clientIp string
    executionLogging boolean
    Defaults to false.
    model string
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    name string
    policyEventMatcherId string
    action str
    app str
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    client_ip str
    execution_logging bool
    Defaults to false.
    model str
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    name str
    policy_event_matcher_id str
    action String
    app String
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    clientIp String
    executionLogging Boolean
    Defaults to false.
    model String
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    name String
    policyEventMatcherId String

    Outputs

    All input properties are implicitly available as output properties. Additionally, the PolicyEventMatcher resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing PolicyEventMatcher Resource

    Get an existing PolicyEventMatcher resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: PolicyEventMatcherState, opts?: CustomResourceOptions): PolicyEventMatcher
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        action: Optional[str] = None,
        app: Optional[str] = None,
        client_ip: Optional[str] = None,
        execution_logging: Optional[bool] = None,
        model: Optional[str] = None,
        name: Optional[str] = None,
        policy_event_matcher_id: Optional[str] = None) -> PolicyEventMatcher
    func GetPolicyEventMatcher(ctx *Context, name string, id IDInput, state *PolicyEventMatcherState, opts ...ResourceOption) (*PolicyEventMatcher, error)
    public static PolicyEventMatcher Get(string name, Input<string> id, PolicyEventMatcherState? state, CustomResourceOptions? opts = null)
    public static PolicyEventMatcher get(String name, Output<String> id, PolicyEventMatcherState state, CustomResourceOptions options)
    resources:  _:    type: authentik:PolicyEventMatcher    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Action string
    App string
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    ClientIp string
    ExecutionLogging bool
    Defaults to false.
    Model string
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    Name string
    PolicyEventMatcherId string
    Action string
    App string
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    ClientIp string
    ExecutionLogging bool
    Defaults to false.
    Model string
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    Name string
    PolicyEventMatcherId string
    action String
    app String
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    clientIp String
    executionLogging Boolean
    Defaults to false.
    model String
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    name String
    policyEventMatcherId String
    action string
    app string
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    clientIp string
    executionLogging boolean
    Defaults to false.
    model string
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    name string
    policyEventMatcherId string
    action str
    app str
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    client_ip str
    execution_logging bool
    Defaults to false.
    model str
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    name str
    policy_event_matcher_id str
    action String
    app String
    Allowed values: - authentik.tenants - authentik.tasks - authentik.admin - authentik.api - authentik.core - authentik.crypto - authentik.enterprise - authentik.events - authentik.flows - authentik.outposts - authentik.policies.dummy - authentik.policies.event_matcher - authentik.policies.expiry - authentik.policies.expression - authentik.policies.geoip - authentik.policies.password - authentik.policies.reputation - authentik.policies - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim - authentik.rbac - authentik.recovery - authentik.sources.kerberos - authentik.sources.ldap - authentik.sources.oauth - authentik.sources.plex - authentik.sources.saml - authentik.sources.scim - authentik.stages.authenticator - authentik.stages.authenticator_duo - authentik.stages.authenticator_email - authentik.stages.authenticator_sms - authentik.stages.authenticator_static

    • authentik.stages.authenticator_totp - authentik.stages.authenticator_validate - authentik.stages.authenticator_webauthn - authentik.stages.captcha - authentik.stages.consent - authentik.stages.deny - authentik.stages.dummy - authentik.stages.email - authentik.stages.identification - authentik.stages.invitation - authentik.stages.password - authentik.stages.prompt - authentik.stages.redirect - authentik.stages.user_delete - authentik.stages.user_login - authentik.stages.user_logout - authentik.stages.user_write - authentik.tasks.schedules - authentik.brands - authentik.blueprints - authentik.enterprise.audit - authentik.enterprise.policies.unique_password - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - authentik.enterprise.providers.ssf - authentik.enterprise.search - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.mtls - authentik.enterprise.stages.source
    clientIp String
    executionLogging Boolean
    Defaults to false.
    model String
    Allowed values: - authentik_tenants.domain - authentik_core.group - authentik_core.user - authentik_core.application - authentik_core.applicationentitlement - authentik_core.token - authentik_crypto.certificatekeypair - authentik_enterprise.license - authentik_events.event - authentik_events.notificationtransport - authentik_events.notification - authentik_events.notificationrule - authentik_events.notificationwebhookmapping - authentik_flows.flow - authentik_flows.flowstagebinding - authentik_outposts.dockerserviceconnection - authentik_outposts.kubernetesserviceconnection - authentik_outposts.outpost - authentik_policies_dummy.dummypolicy - authentik_policies_event_matcher.eventmatcherpolicy - authentik_policies_expiry.passwordexpirypolicy - authentik_policies_expression.expressionpolicy - authentik_policies_geoip.geoippolicy - authentik_policies_password.passwordpolicy - authentik_policies_reputation.reputationpolicy - authentik_policies.policybinding - authentik_providers_ldap.ldapprovider - authentik_providers_oauth2.scopemapping

    • authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider - authentik_providers_rac.racprovider - authentik_providers_rac.endpoint - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider - authentik_providers_saml.samlpropertymapping - authentik_providers_scim.scimprovider - authentik_providers_scim.scimmapping - authentik_rbac.role - authentik_rbac.initialpermissions - authentik_sources_kerberos.kerberossource - authentik_sources_kerberos.kerberossourcepropertymapping - authentik_sources_kerberos.userkerberossourceconnection - authentik_sources_kerberos.groupkerberossourceconnection - authentik_sources_ldap.ldapsource - authentik_sources_ldap.ldapsourcepropertymapping - authentik_sources_ldap.userldapsourceconnection - authentik_sources_ldap.groupldapsourceconnection - authentik_sources_oauth.oauthsource - authentik_sources_oauth.oauthsourcepropertymapping - authentik_sources_oauth.useroauthsourceconnection - authentik_sources_oauth.groupoauthsourceconnection - authentik_sources_plex.plexsource - authentik_sources_plex.plexsourcepropertymapping - authentik_sources_plex.userplexsourceconnection - authentik_sources_plex.groupplexsourceconnection - authentik_sources_saml.samlsource - authentik_sources_saml.samlsourcepropertymapping - authentik_sources_saml.usersamlsourceconnection - authentik_sources_saml.groupsamlsourceconnection - authentik_sources_scim.scimsource - authentik_sources_scim.scimsourcepropertymapping - authentik_stages_authenticator_duo.authenticatorduostage - authentik_stages_authenticator_duo.duodevice - authentik_stages_authenticator_email.authenticatoremailstage - authentik_stages_authenticator_email.emaildevice - authentik_stages_authenticator_sms.authenticatorsmsstage - authentik_stages_authenticator_sms.smsdevice - authentik_stages_authenticator_static.authenticatorstaticstage - authentik_stages_authenticator_static.staticdevice
    • authentik_stages_authenticator_totp.authenticatortotpstage - authentik_stages_authenticator_totp.totpdevice - authentik_stages_authenticator_validate.authenticatorvalidatestage - authentik_stages_authenticator_webauthn.authenticatorwebauthnstage - authentik_stages_authenticator_webauthn.webauthndevice - authentik_stages_captcha.captchastage - authentik_stages_consent.consentstage - authentik_stages_consent.userconsent - authentik_stages_deny.denystage - authentik_stages_dummy.dummystage - authentik_stages_email.emailstage - authentik_stages_identification.identificationstage - authentik_stages_invitation.invitationstage - authentik_stages_invitation.invitation - authentik_stages_password.passwordstage - authentik_stages_prompt.prompt
    • authentik_stages_prompt.promptstage - authentik_stages_redirect.redirectstage - authentik_stages_user_delete.userdeletestage - authentik_stages_user_login.userloginstage - authentik_stages_user_logout.userlogoutstage - authentik_stages_user_write.userwritestage - authentik_tasks_schedules.schedule - authentik_brands.brand - authentik_blueprints.blueprintinstance - authentik_policies_unique_password.uniquepasswordpolicy - authentik_providers_google_workspace.googleworkspaceprovider - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_mtls.mutualtlsstage - authentik_stages_source.sourcestage
    name String
    policyEventMatcherId String

    Package Details

    Repository
    authentik goauthentik/terraform-provider-authentik
    License
    Notes
    This Pulumi package is based on the authentik Terraform Provider.
    authentik logo
    authentik 2025.8.1 published on Monday, Sep 8, 2025 by goauthentik
    goauthentik/terraform-provider-authentik