Docs Home
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.5.0 published on Monday, May 19, 2025 by Pulumi
azure-native.apimanagement.AuthorizationServer
Explore with Pulumi AI
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.5.0 published on Monday, May 19, 2025 by Pulumi
External OAuth authorization server settings.
Uses Azure REST API version 2022-09-01-preview. In version 2.x of the Azure Native provider, it used API version 2022-08-01.
Other available API versions: 2021-04-01-preview, 2021-08-01, 2021-12-01-preview, 2022-04-01-preview, 2022-08-01, 2023-03-01-preview, 2023-05-01-preview, 2023-09-01-preview, 2024-05-01, 2024-06-01-preview. These can be accessed by generating a local SDK package using the CLI command pulumi package add azure-native apimanagement [ApiVersion]. See the version guide for details.
Example Usage
ApiManagementCreateAuthorizationServer
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var authorizationServer = new AzureNative.ApiManagement.AuthorizationServer("authorizationServer", new()
{
AuthorizationEndpoint = "https://www.contoso.com/oauth2/auth",
AuthorizationMethods = new[]
{
AzureNative.ApiManagement.AuthorizationMethod.GET,
},
Authsid = "newauthServer",
BearerTokenSendingMethods = new[]
{
AzureNative.ApiManagement.BearerTokenSendingMethod.AuthorizationHeader,
},
ClientId = "1",
ClientRegistrationEndpoint = "https://www.contoso.com/apps",
ClientSecret = "2",
DefaultScope = "read write",
Description = "test server",
DisplayName = "test2",
GrantTypes = new[]
{
AzureNative.ApiManagement.GrantType.AuthorizationCode,
AzureNative.ApiManagement.GrantType.@Implicit,
},
ResourceGroupName = "rg1",
ResourceOwnerPassword = "pwd",
ResourceOwnerUsername = "un",
ServiceName = "apimService1",
SupportState = true,
TokenEndpoint = "https://www.contoso.com/oauth2/token",
UseInApiDocumentation = true,
UseInTestConsole = false,
});
});
package main
import (
apimanagement "github.com/pulumi/pulumi-azure-native-sdk/apimanagement/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apimanagement.NewAuthorizationServer(ctx, "authorizationServer", &apimanagement.AuthorizationServerArgs{
AuthorizationEndpoint: pulumi.String("https://www.contoso.com/oauth2/auth"),
AuthorizationMethods: apimanagement.AuthorizationMethodArray{
apimanagement.AuthorizationMethodGET,
},
Authsid: pulumi.String("newauthServer"),
BearerTokenSendingMethods: pulumi.StringArray{
pulumi.String(apimanagement.BearerTokenSendingMethodAuthorizationHeader),
},
ClientId: pulumi.String("1"),
ClientRegistrationEndpoint: pulumi.String("https://www.contoso.com/apps"),
ClientSecret: pulumi.String("2"),
DefaultScope: pulumi.String("read write"),
Description: pulumi.String("test server"),
DisplayName: pulumi.String("test2"),
GrantTypes: pulumi.StringArray{
pulumi.String(apimanagement.GrantTypeAuthorizationCode),
pulumi.String(apimanagement.GrantTypeImplicit),
},
ResourceGroupName: pulumi.String("rg1"),
ResourceOwnerPassword: pulumi.String("pwd"),
ResourceOwnerUsername: pulumi.String("un"),
ServiceName: pulumi.String("apimService1"),
SupportState: pulumi.Bool(true),
TokenEndpoint: pulumi.String("https://www.contoso.com/oauth2/token"),
UseInApiDocumentation: pulumi.Bool(true),
UseInTestConsole: pulumi.Bool(false),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.apimanagement.AuthorizationServer;
import com.pulumi.azurenative.apimanagement.AuthorizationServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var authorizationServer = new AuthorizationServer("authorizationServer", AuthorizationServerArgs.builder()
.authorizationEndpoint("https://www.contoso.com/oauth2/auth")
.authorizationMethods("GET")
.authsid("newauthServer")
.bearerTokenSendingMethods("authorizationHeader")
.clientId("1")
.clientRegistrationEndpoint("https://www.contoso.com/apps")
.clientSecret("2")
.defaultScope("read write")
.description("test server")
.displayName("test2")
.grantTypes(
"authorizationCode",
"implicit")
.resourceGroupName("rg1")
.resourceOwnerPassword("pwd")
.resourceOwnerUsername("un")
.serviceName("apimService1")
.supportState(true)
.tokenEndpoint("https://www.contoso.com/oauth2/token")
.useInApiDocumentation(true)
.useInTestConsole(false)
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const authorizationServer = new azure_native.apimanagement.AuthorizationServer("authorizationServer", {
authorizationEndpoint: "https://www.contoso.com/oauth2/auth",
authorizationMethods: [azure_native.apimanagement.AuthorizationMethod.GET],
authsid: "newauthServer",
bearerTokenSendingMethods: [azure_native.apimanagement.BearerTokenSendingMethod.AuthorizationHeader],
clientId: "1",
clientRegistrationEndpoint: "https://www.contoso.com/apps",
clientSecret: "2",
defaultScope: "read write",
description: "test server",
displayName: "test2",
grantTypes: [
azure_native.apimanagement.GrantType.AuthorizationCode,
azure_native.apimanagement.GrantType.Implicit,
],
resourceGroupName: "rg1",
resourceOwnerPassword: "pwd",
resourceOwnerUsername: "un",
serviceName: "apimService1",
supportState: true,
tokenEndpoint: "https://www.contoso.com/oauth2/token",
useInApiDocumentation: true,
useInTestConsole: false,
});
import pulumi
import pulumi_azure_native as azure_native
authorization_server = azure_native.apimanagement.AuthorizationServer("authorizationServer",
authorization_endpoint="https://www.contoso.com/oauth2/auth",
authorization_methods=[azure_native.apimanagement.AuthorizationMethod.GET],
authsid="newauthServer",
bearer_token_sending_methods=[azure_native.apimanagement.BearerTokenSendingMethod.AUTHORIZATION_HEADER],
client_id="1",
client_registration_endpoint="https://www.contoso.com/apps",
client_secret="2",
default_scope="read write",
description="test server",
display_name="test2",
grant_types=[
azure_native.apimanagement.GrantType.AUTHORIZATION_CODE,
azure_native.apimanagement.GrantType.IMPLICIT,
],
resource_group_name="rg1",
resource_owner_password="pwd",
resource_owner_username="un",
service_name="apimService1",
support_state=True,
token_endpoint="https://www.contoso.com/oauth2/token",
use_in_api_documentation=True,
use_in_test_console=False)
resources:
authorizationServer:
type: azure-native:apimanagement:AuthorizationServer
properties:
authorizationEndpoint: https://www.contoso.com/oauth2/auth
authorizationMethods:
- GET
authsid: newauthServer
bearerTokenSendingMethods:
- authorizationHeader
clientId: '1'
clientRegistrationEndpoint: https://www.contoso.com/apps
clientSecret: '2'
defaultScope: read write
description: test server
displayName: test2
grantTypes:
- authorizationCode
- implicit
resourceGroupName: rg1
resourceOwnerPassword: pwd
resourceOwnerUsername: un
serviceName: apimService1
supportState: true
tokenEndpoint: https://www.contoso.com/oauth2/token
useInApiDocumentation: true
useInTestConsole: false
Create AuthorizationServer Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AuthorizationServer(name: string, args: AuthorizationServerArgs, opts?: CustomResourceOptions);@overload
def AuthorizationServer(resource_name: str,
args: AuthorizationServerArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AuthorizationServer(resource_name: str,
opts: Optional[ResourceOptions] = None,
display_name: Optional[str] = None,
grant_types: Optional[Sequence[Union[str, GrantType]]] = None,
service_name: Optional[str] = None,
authorization_endpoint: Optional[str] = None,
resource_group_name: Optional[str] = None,
client_id: Optional[str] = None,
client_registration_endpoint: Optional[str] = None,
support_state: Optional[bool] = None,
use_in_api_documentation: Optional[bool] = None,
description: Optional[str] = None,
authorization_methods: Optional[Sequence[AuthorizationMethod]] = None,
client_authentication_method: Optional[Sequence[Union[str, ClientAuthenticationMethod]]] = None,
client_secret: Optional[str] = None,
authsid: Optional[str] = None,
resource_owner_username: Optional[str] = None,
default_scope: Optional[str] = None,
resource_owner_password: Optional[str] = None,
token_body_parameters: Optional[Sequence[TokenBodyParameterContractArgs]] = None,
token_endpoint: Optional[str] = None,
bearer_token_sending_methods: Optional[Sequence[Union[str, BearerTokenSendingMethod]]] = None,
use_in_test_console: Optional[bool] = None)func NewAuthorizationServer(ctx *Context, name string, args AuthorizationServerArgs, opts ...ResourceOption) (*AuthorizationServer, error)public AuthorizationServer(string name, AuthorizationServerArgs args, CustomResourceOptions? opts = null)
public AuthorizationServer(String name, AuthorizationServerArgs args)
public AuthorizationServer(String name, AuthorizationServerArgs args, CustomResourceOptions options)
type: azure-native:apimanagement:AuthorizationServer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AuthorizationServerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AuthorizationServerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AuthorizationServerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthorizationServerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AuthorizationServerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var authorizationServerResource = new AzureNative.ApiManagement.AuthorizationServer("authorizationServerResource", new()
{
DisplayName = "string",
GrantTypes = new[]
{
"string",
},
ServiceName = "string",
AuthorizationEndpoint = "string",
ResourceGroupName = "string",
ClientId = "string",
ClientRegistrationEndpoint = "string",
SupportState = false,
UseInApiDocumentation = false,
Description = "string",
AuthorizationMethods = new[]
{
AzureNative.ApiManagement.AuthorizationMethod.HEAD,
},
ClientAuthenticationMethod = new[]
{
"string",
},
ClientSecret = "string",
Authsid = "string",
ResourceOwnerUsername = "string",
DefaultScope = "string",
ResourceOwnerPassword = "string",
TokenBodyParameters = new[]
{
new AzureNative.ApiManagement.Inputs.TokenBodyParameterContractArgs
{
Name = "string",
Value = "string",
},
},
TokenEndpoint = "string",
BearerTokenSendingMethods = new[]
{
"string",
},
UseInTestConsole = false,
});
example, err := apimanagement.NewAuthorizationServer(ctx, "authorizationServerResource", &apimanagement.AuthorizationServerArgs{
DisplayName: pulumi.String("string"),
GrantTypes: pulumi.StringArray{
pulumi.String("string"),
},
ServiceName: pulumi.String("string"),
AuthorizationEndpoint: pulumi.String("string"),
ResourceGroupName: pulumi.String("string"),
ClientId: pulumi.String("string"),
ClientRegistrationEndpoint: pulumi.String("string"),
SupportState: pulumi.Bool(false),
UseInApiDocumentation: pulumi.Bool(false),
Description: pulumi.String("string"),
AuthorizationMethods: apimanagement.AuthorizationMethodArray{
apimanagement.AuthorizationMethodHEAD,
},
ClientAuthenticationMethod: pulumi.StringArray{
pulumi.String("string"),
},
ClientSecret: pulumi.String("string"),
Authsid: pulumi.String("string"),
ResourceOwnerUsername: pulumi.String("string"),
DefaultScope: pulumi.String("string"),
ResourceOwnerPassword: pulumi.String("string"),
TokenBodyParameters: apimanagement.TokenBodyParameterContractArray{
&apimanagement.TokenBodyParameterContractArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
TokenEndpoint: pulumi.String("string"),
BearerTokenSendingMethods: pulumi.StringArray{
pulumi.String("string"),
},
UseInTestConsole: pulumi.Bool(false),
})
var authorizationServerResource = new AuthorizationServer("authorizationServerResource", AuthorizationServerArgs.builder()
.displayName("string")
.grantTypes("string")
.serviceName("string")
.authorizationEndpoint("string")
.resourceGroupName("string")
.clientId("string")
.clientRegistrationEndpoint("string")
.supportState(false)
.useInApiDocumentation(false)
.description("string")
.authorizationMethods("HEAD")
.clientAuthenticationMethod("string")
.clientSecret("string")
.authsid("string")
.resourceOwnerUsername("string")
.defaultScope("string")
.resourceOwnerPassword("string")
.tokenBodyParameters(TokenBodyParameterContractArgs.builder()
.name("string")
.value("string")
.build())
.tokenEndpoint("string")
.bearerTokenSendingMethods("string")
.useInTestConsole(false)
.build());
authorization_server_resource = azure_native.apimanagement.AuthorizationServer("authorizationServerResource",
display_name="string",
grant_types=["string"],
service_name="string",
authorization_endpoint="string",
resource_group_name="string",
client_id="string",
client_registration_endpoint="string",
support_state=False,
use_in_api_documentation=False,
description="string",
authorization_methods=[azure_native.apimanagement.AuthorizationMethod.HEAD],
client_authentication_method=["string"],
client_secret="string",
authsid="string",
resource_owner_username="string",
default_scope="string",
resource_owner_password="string",
token_body_parameters=[{
"name": "string",
"value": "string",
}],
token_endpoint="string",
bearer_token_sending_methods=["string"],
use_in_test_console=False)
const authorizationServerResource = new azure_native.apimanagement.AuthorizationServer("authorizationServerResource", {
displayName: "string",
grantTypes: ["string"],
serviceName: "string",
authorizationEndpoint: "string",
resourceGroupName: "string",
clientId: "string",
clientRegistrationEndpoint: "string",
supportState: false,
useInApiDocumentation: false,
description: "string",
authorizationMethods: [azure_native.apimanagement.AuthorizationMethod.HEAD],
clientAuthenticationMethod: ["string"],
clientSecret: "string",
authsid: "string",
resourceOwnerUsername: "string",
defaultScope: "string",
resourceOwnerPassword: "string",
tokenBodyParameters: [{
name: "string",
value: "string",
}],
tokenEndpoint: "string",
bearerTokenSendingMethods: ["string"],
useInTestConsole: false,
});
type: azure-native:apimanagement:AuthorizationServer
properties:
authorizationEndpoint: string
authorizationMethods:
- HEAD
authsid: string
bearerTokenSendingMethods:
- string
clientAuthenticationMethod:
- string
clientId: string
clientRegistrationEndpoint: string
clientSecret: string
defaultScope: string
description: string
displayName: string
grantTypes:
- string
resourceGroupName: string
resourceOwnerPassword: string
resourceOwnerUsername: string
serviceName: string
supportState: false
tokenBodyParameters:
- name: string
value: string
tokenEndpoint: string
useInApiDocumentation: false
useInTestConsole: false
AuthorizationServer Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AuthorizationServer resource accepts the following input properties:
- string
- OAuth authorization endpoint. See http://tools.ietf.org/html/rfc6749#section-3.2.
- Client
Id string - Client or app id registered with this authorization server.
- Client
Registration stringEndpoint - Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced.
- Display
Name string - User-friendly authorization server name.
- Grant
Types List<Union<string, Pulumi.Azure Native. Api Management. Grant Type>> - Form of an authorization grant, which the client uses to request the access token.
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Service
Name string - The name of the API Management service.
-
List<Pulumi.
Azure Native. Api Management. Authorization Method> - HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional.
- Authsid string
- Identifier of the authorization server.
- Bearer
Token List<Union<string, Pulumi.Sending Methods Azure Native. Api Management. Bearer Token Sending Method>> - Specifies the mechanism by which access token is passed to the API.
- Client
Authentication List<Union<string, Pulumi.Method Azure Native. Api Management. Client Authentication Method>> - Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format.
- Client
Secret string - Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value.
- Default
Scope string - Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values.
- Description string
- Description of the authorization server. Can contain HTML formatting tags.
- Resource
Owner stringPassword - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password.
- Resource
Owner stringUsername - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username.
- Support
State bool - If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security.
- Token
Body List<Pulumi.Parameters Azure Native. Api Management. Inputs. Token Body Parameter Contract> - Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}.
- Token
Endpoint string - OAuth token endpoint. Contains absolute URI to entity being referenced.
- Use
In boolApi Documentation - If true, the authorization server will be used in the API documentation in the developer portal. False by default if no value is provided.
- Use
In boolTest Console - If true, the authorization server may be used in the developer portal test console. True by default if no value is provided.
- string
- OAuth authorization endpoint. See http://tools.ietf.org/html/rfc6749#section-3.2.
- Client
Id string - Client or app id registered with this authorization server.
- Client
Registration stringEndpoint - Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced.
- Display
Name string - User-friendly authorization server name.
- Grant
Types []string - Form of an authorization grant, which the client uses to request the access token.
- Resource
Group stringName - The name of the resource group. The name is case insensitive.
- Service
Name string - The name of the API Management service.
-
[]Authorization
Method - HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional.
- Authsid string
- Identifier of the authorization server.
- Bearer
Token []stringSending Methods - Specifies the mechanism by which access token is passed to the API.
- Client
Authentication []stringMethod - Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format.
- Client
Secret string - Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value.
- Default
Scope string - Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values.
- Description string
- Description of the authorization server. Can contain HTML formatting tags.
- Resource
Owner stringPassword - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password.
- Resource
Owner stringUsername - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username.
- Support
State bool - If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security.
- Token
Body []TokenParameters Body Parameter Contract Args - Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}.
- Token
Endpoint string - OAuth token endpoint. Contains absolute URI to entity being referenced.
- Use
In boolApi Documentation - If true, the authorization server will be used in the API documentation in the developer portal. False by default if no value is provided.
- Use
In boolTest Console - If true, the authorization server may be used in the developer portal test console. True by default if no value is provided.
- String
- OAuth authorization endpoint. See http://tools.ietf.org/html/rfc6749#section-3.2.
- client
Id String - Client or app id registered with this authorization server.
- client
Registration StringEndpoint - Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced.
- display
Name String - User-friendly authorization server name.
- grant
Types List<Either<String,GrantType>> - Form of an authorization grant, which the client uses to request the access token.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- service
Name String - The name of the API Management service.
-
List<Authorization
Method> - HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional.
- authsid String
- Identifier of the authorization server.
- bearer
Token List<Either<String,BearerSending Methods Token Sending Method>> - Specifies the mechanism by which access token is passed to the API.
- client
Authentication List<Either<String,ClientMethod Authentication Method>> - Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format.
- client
Secret String - Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value.
- default
Scope String - Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values.
- description String
- Description of the authorization server. Can contain HTML formatting tags.
- resource
Owner StringPassword - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password.
- resource
Owner StringUsername - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username.
- support
State Boolean - If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security.
- token
Body List<TokenParameters Body Parameter Contract> - Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}.
- token
Endpoint String - OAuth token endpoint. Contains absolute URI to entity being referenced.
- use
In BooleanApi Documentation - If true, the authorization server will be used in the API documentation in the developer portal. False by default if no value is provided.
- use
In BooleanTest Console - If true, the authorization server may be used in the developer portal test console. True by default if no value is provided.
- string
- OAuth authorization endpoint. See http://tools.ietf.org/html/rfc6749#section-3.2.
- client
Id string - Client or app id registered with this authorization server.
- client
Registration stringEndpoint - Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced.
- display
Name string - User-friendly authorization server name.
- grant
Types (string | GrantType)[] - Form of an authorization grant, which the client uses to request the access token.
- resource
Group stringName - The name of the resource group. The name is case insensitive.
- service
Name string - The name of the API Management service.
-
Authorization
Method[] - HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional.
- authsid string
- Identifier of the authorization server.
- bearer
Token (string | BearerSending Methods Token Sending Method)[] - Specifies the mechanism by which access token is passed to the API.
- client
Authentication (string | ClientMethod Authentication Method)[] - Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format.
- client
Secret string - Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value.
- default
Scope string - Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values.
- description string
- Description of the authorization server. Can contain HTML formatting tags.
- resource
Owner stringPassword - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password.
- resource
Owner stringUsername - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username.
- support
State boolean - If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security.
- token
Body TokenParameters Body Parameter Contract[] - Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}.
- token
Endpoint string - OAuth token endpoint. Contains absolute URI to entity being referenced.
- use
In booleanApi Documentation - If true, the authorization server will be used in the API documentation in the developer portal. False by default if no value is provided.
- use
In booleanTest Console - If true, the authorization server may be used in the developer portal test console. True by default if no value is provided.
- str
- OAuth authorization endpoint. See http://tools.ietf.org/html/rfc6749#section-3.2.
- client_
id str - Client or app id registered with this authorization server.
- client_
registration_ strendpoint - Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced.
- display_
name str - User-friendly authorization server name.
- grant_
types Sequence[Union[str, GrantType]] - Form of an authorization grant, which the client uses to request the access token.
- resource_
group_ strname - The name of the resource group. The name is case insensitive.
- service_
name str - The name of the API Management service.
-
Sequence[Authorization
Method] - HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional.
- authsid str
- Identifier of the authorization server.
- bearer_
token_ Sequence[Union[str, Bearersending_ methods Token Sending Method]] - Specifies the mechanism by which access token is passed to the API.
- client_
authentication_ Sequence[Union[str, Clientmethod Authentication Method]] - Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format.
- client_
secret str - Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value.
- default_
scope str - Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values.
- description str
- Description of the authorization server. Can contain HTML formatting tags.
- resource_
owner_ strpassword - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password.
- resource_
owner_ strusername - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username.
- support_
state bool - If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security.
- token_
body_ Sequence[Tokenparameters Body Parameter Contract Args] - Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}.
- token_
endpoint str - OAuth token endpoint. Contains absolute URI to entity being referenced.
- use_
in_ boolapi_ documentation - If true, the authorization server will be used in the API documentation in the developer portal. False by default if no value is provided.
- use_
in_ booltest_ console - If true, the authorization server may be used in the developer portal test console. True by default if no value is provided.
- String
- OAuth authorization endpoint. See http://tools.ietf.org/html/rfc6749#section-3.2.
- client
Id String - Client or app id registered with this authorization server.
- client
Registration StringEndpoint - Optional reference to a page where client or app registration for this authorization server is performed. Contains absolute URL to entity being referenced.
- display
Name String - User-friendly authorization server name.
- grant
Types List<String | "authorizationCode" | "implicit" | "resource Owner Password" | "client Credentials"> - Form of an authorization grant, which the client uses to request the access token.
- resource
Group StringName - The name of the resource group. The name is case insensitive.
- service
Name String - The name of the API Management service.
- List<"HEAD" | "OPTIONS" | "TRACE" | "GET" | "POST" | "PUT" | "PATCH" | "DELETE">
- HTTP verbs supported by the authorization endpoint. GET must be always present. POST is optional.
- authsid String
- Identifier of the authorization server.
- bearer
Token List<String | "authorizationSending Methods Header" | "query"> - Specifies the mechanism by which access token is passed to the API.
- client
Authentication List<String | "Basic" | "Body">Method - Method of authentication supported by the token endpoint of this authorization server. Possible values are Basic and/or Body. When Body is specified, client credentials and other parameters are passed within the request body in the application/x-www-form-urlencoded format.
- client
Secret String - Client or app secret registered with this authorization server. This property will not be filled on 'GET' operations! Use '/listSecrets' POST request to get the value.
- default
Scope String - Access token scope that is going to be requested by default. Can be overridden at the API level. Should be provided in the form of a string containing space-delimited values.
- description String
- Description of the authorization server. Can contain HTML formatting tags.
- resource
Owner StringPassword - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner password.
- resource
Owner StringUsername - Can be optionally specified when resource owner password grant type is supported by this authorization server. Default resource owner username.
- support
State Boolean - If true, authorization server will include state parameter from the authorization request to its response. Client may use state parameter to raise protocol security.
- token
Body List<Property Map>Parameters - Additional parameters required by the token endpoint of this authorization server represented as an array of JSON objects with name and value string properties, i.e. {"name" : "name value", "value": "a value"}.
- token
Endpoint String - OAuth token endpoint. Contains absolute URI to entity being referenced.
- use
In BooleanApi Documentation - If true, the authorization server will be used in the API documentation in the developer portal. False by default if no value is provided.
- use
In BooleanTest Console - If true, the authorization server may be used in the developer portal test console. True by default if no value is provided.
Outputs
All input properties are implicitly available as output properties. Additionally, the AuthorizationServer resource produces the following output properties:
- Azure
Api stringVersion - The Azure API version of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Azure
Api stringVersion - The Azure API version of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The name of the resource
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- azure
Api StringVersion - The Azure API version of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- azure
Api stringVersion - The Azure API version of the resource.
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- The name of the resource
- type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- azure_
api_ strversion - The Azure API version of the resource.
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- The name of the resource
- type str
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- azure
Api StringVersion - The Azure API version of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The name of the resource
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
Supporting Types
AuthorizationMethod, AuthorizationMethodArgs
- HEAD
- HEAD
- OPTIONS
- OPTIONS
- TRACE
- TRACE
- GET
- GET
- POST
- POST
- PUT
- PUT
- PATCH
- PATCH
- DELETE
- DELETE
- Authorization
Method HEAD - HEAD
- Authorization
Method OPTIONS - OPTIONS
- Authorization
Method TRACE - TRACE
- Authorization
Method GET - GET
- Authorization
Method POST - POST
- Authorization
Method PUT - PUT
- Authorization
Method PATCH - PATCH
- Authorization
Method DELETE - DELETE
- HEAD
- HEAD
- OPTIONS
- OPTIONS
- TRACE
- TRACE
- GET
- GET
- POST
- POST
- PUT
- PUT
- PATCH
- PATCH
- DELETE
- DELETE
- HEAD
- HEAD
- OPTIONS
- OPTIONS
- TRACE
- TRACE
- GET
- GET
- POST
- POST
- PUT
- PUT
- PATCH
- PATCH
- DELETE
- DELETE
- HEAD
- HEAD
- OPTIONS
- OPTIONS
- TRACE
- TRACE
- GET
- GET
- POST
- POST
- PUT
- PUT
- PATCH
- PATCH
- DELETE
- DELETE
- "HEAD"
- HEAD
- "OPTIONS"
- OPTIONS
- "TRACE"
- TRACE
- "GET"
- GET
- "POST"
- POST
- "PUT"
- PUT
- "PATCH"
- PATCH
- "DELETE"
- DELETE
BearerTokenSendingMethod, BearerTokenSendingMethodArgs
- Authorization
Header - authorizationHeader
- Query
- query
- Bearer
Token Sending Method Authorization Header - authorizationHeader
- Bearer
Token Sending Method Query - query
- Authorization
Header - authorizationHeader
- Query
- query
- Authorization
Header - authorizationHeader
- Query
- query
- AUTHORIZATION_HEADER
- authorizationHeader
- QUERY
- query
- "authorization
Header" - authorizationHeader
- "query"
- query
ClientAuthenticationMethod, ClientAuthenticationMethodArgs
- Basic
- BasicBasic Client Authentication method.
- Body
- BodyBody based Authentication method.
- Client
Authentication Method Basic - BasicBasic Client Authentication method.
- Client
Authentication Method Body - BodyBody based Authentication method.
- Basic
- BasicBasic Client Authentication method.
- Body
- BodyBody based Authentication method.
- Basic
- BasicBasic Client Authentication method.
- Body
- BodyBody based Authentication method.
- BASIC
- BasicBasic Client Authentication method.
- BODY
- BodyBody based Authentication method.
- "Basic"
- BasicBasic Client Authentication method.
- "Body"
- BodyBody based Authentication method.
GrantType, GrantTypeArgs
- Authorization
Code - authorizationCodeAuthorization Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.1.
- @Implicit
- implicitImplicit Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.2.
- Resource
Owner Password - resourceOwnerPasswordResource Owner Password Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.3.
- Client
Credentials - clientCredentialsClient Credentials Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.4.
- Grant
Type Authorization Code - authorizationCodeAuthorization Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.1.
- Grant
Type Implicit - implicitImplicit Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.2.
- Grant
Type Resource Owner Password - resourceOwnerPasswordResource Owner Password Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.3.
- Grant
Type Client Credentials - clientCredentialsClient Credentials Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.4.
- Authorization
Code - authorizationCodeAuthorization Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.1.
- Implicit
- implicitImplicit Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.2.
- Resource
Owner Password - resourceOwnerPasswordResource Owner Password Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.3.
- Client
Credentials - clientCredentialsClient Credentials Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.4.
- Authorization
Code - authorizationCodeAuthorization Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.1.
- Implicit
- implicitImplicit Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.2.
- Resource
Owner Password - resourceOwnerPasswordResource Owner Password Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.3.
- Client
Credentials - clientCredentialsClient Credentials Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.4.
- AUTHORIZATION_CODE
- authorizationCodeAuthorization Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.1.
- IMPLICIT
- implicitImplicit Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.2.
- RESOURCE_OWNER_PASSWORD
- resourceOwnerPasswordResource Owner Password Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.3.
- CLIENT_CREDENTIALS
- clientCredentialsClient Credentials Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.4.
- "authorization
Code" - authorizationCodeAuthorization Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.1.
- "implicit"
- implicitImplicit Code Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.2.
- "resource
Owner Password" - resourceOwnerPasswordResource Owner Password Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.3.
- "client
Credentials" - clientCredentialsClient Credentials Grant flow as described https://tools.ietf.org/html/rfc6749#section-4.4.
TokenBodyParameterContract, TokenBodyParameterContractArgs
TokenBodyParameterContractResponse, TokenBodyParameterContractResponseArgs
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:apimanagement:AuthorizationServer newauthServer /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/authorizationServers/{authsid}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.5.0 published on Monday, May 19, 2025 by Pulumi