1. Packages
  2. Cloudflare
  3. API Docs
  4. AccessIdentityProvider
Cloudflare v5.11.0 published on Wednesday, Sep 20, 2023 by Pulumi

cloudflare.AccessIdentityProvider

Explore with Pulumi AI

cloudflare logo
Cloudflare v5.11.0 published on Wednesday, Sep 20, 2023 by Pulumi

    Provides a Cloudflare Access Identity Provider resource. Identity Providers are used as an authentication or authorisation source within Access.

    It’s required that an account_id or zone_id is provided and in most cases using either is fine. However, if you’re using a scoped access token, you must provide the argument that matches the token’s scope. For example, an access token that is scoped to the “example.com” zone needs to use the zone_id argument.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Cloudflare = Pulumi.Cloudflare;
    
    return await Deployment.RunAsync(() => 
    {
        // one time pin
        var pinLogin = new Cloudflare.AccessIdentityProvider("pinLogin", new()
        {
            AccountId = "f037e56e89293a057740de681ac9abbe",
            Name = "PIN login",
            Type = "onetimepin",
        });
    
        // oauth
        var githubOauth = new Cloudflare.AccessIdentityProvider("githubOauth", new()
        {
            AccountId = "f037e56e89293a057740de681ac9abbe",
            Configs = new[]
            {
                new Cloudflare.Inputs.AccessIdentityProviderConfigArgs
                {
                    ClientId = "example",
                    ClientSecret = "secret_key",
                },
            },
            Name = "GitHub OAuth",
            Type = "github",
        });
    
        // saml
        var jumpcloudSaml = new Cloudflare.AccessIdentityProvider("jumpcloudSaml", new()
        {
            AccountId = "f037e56e89293a057740de681ac9abbe",
            Configs = new[]
            {
                new Cloudflare.Inputs.AccessIdentityProviderConfigArgs
                {
                    Attributes = new[]
                    {
                        "email",
                        "username",
                    },
                    IdpPublicCert = @"MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
    uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o
    ",
                    IssuerUrl = "jumpcloud",
                    SignRequest = false,
                    SsoTargetUrl = "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
                },
            },
            Name = "JumpCloud SAML",
            Type = "saml",
        });
    
        // okta
        var okta = new Cloudflare.AccessIdentityProvider("okta", new()
        {
            AccountId = "f037e56e89293a057740de681ac9abbe",
            Configs = new[]
            {
                new Cloudflare.Inputs.AccessIdentityProviderConfigArgs
                {
                    ApiToken = "okta_api_token",
                    ClientId = "example",
                    ClientSecret = "secret_key",
                    OktaAccount = "https://example.com",
                },
            },
            Name = "Okta",
            Type = "okta",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-cloudflare/sdk/v5/go/cloudflare"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudflare.NewAccessIdentityProvider(ctx, "pinLogin", &cloudflare.AccessIdentityProviderArgs{
    			AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
    			Name:      pulumi.String("PIN login"),
    			Type:      pulumi.String("onetimepin"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = cloudflare.NewAccessIdentityProvider(ctx, "githubOauth", &cloudflare.AccessIdentityProviderArgs{
    			AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
    			Configs: cloudflare.AccessIdentityProviderConfigArray{
    				&cloudflare.AccessIdentityProviderConfigArgs{
    					ClientId:     pulumi.String("example"),
    					ClientSecret: pulumi.String("secret_key"),
    				},
    			},
    			Name: pulumi.String("GitHub OAuth"),
    			Type: pulumi.String("github"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = cloudflare.NewAccessIdentityProvider(ctx, "jumpcloudSaml", &cloudflare.AccessIdentityProviderArgs{
    			AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
    			Configs: cloudflare.AccessIdentityProviderConfigArray{
    				&cloudflare.AccessIdentityProviderConfigArgs{
    					Attributes: pulumi.StringArray{
    						pulumi.String("email"),
    						pulumi.String("username"),
    					},
    					IdpPublicCert: pulumi.String("MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg\nuTnQyuOqPuHbnN83d/2l1NSYKCbHt24o\n"),
    					IssuerUrl:     pulumi.String("jumpcloud"),
    					SignRequest:   pulumi.Bool(false),
    					SsoTargetUrl:  pulumi.String("https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess"),
    				},
    			},
    			Name: pulumi.String("JumpCloud SAML"),
    			Type: pulumi.String("saml"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = cloudflare.NewAccessIdentityProvider(ctx, "okta", &cloudflare.AccessIdentityProviderArgs{
    			AccountId: pulumi.String("f037e56e89293a057740de681ac9abbe"),
    			Configs: cloudflare.AccessIdentityProviderConfigArray{
    				&cloudflare.AccessIdentityProviderConfigArgs{
    					ApiToken:     pulumi.String("okta_api_token"),
    					ClientId:     pulumi.String("example"),
    					ClientSecret: pulumi.String("secret_key"),
    					OktaAccount:  pulumi.String("https://example.com"),
    				},
    			},
    			Name: pulumi.String("Okta"),
    			Type: pulumi.String("okta"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.cloudflare.AccessIdentityProvider;
    import com.pulumi.cloudflare.AccessIdentityProviderArgs;
    import com.pulumi.cloudflare.inputs.AccessIdentityProviderConfigArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var pinLogin = new AccessIdentityProvider("pinLogin", AccessIdentityProviderArgs.builder()        
                .accountId("f037e56e89293a057740de681ac9abbe")
                .name("PIN login")
                .type("onetimepin")
                .build());
    
            var githubOauth = new AccessIdentityProvider("githubOauth", AccessIdentityProviderArgs.builder()        
                .accountId("f037e56e89293a057740de681ac9abbe")
                .configs(AccessIdentityProviderConfigArgs.builder()
                    .clientId("example")
                    .clientSecret("secret_key")
                    .build())
                .name("GitHub OAuth")
                .type("github")
                .build());
    
            var jumpcloudSaml = new AccessIdentityProvider("jumpcloudSaml", AccessIdentityProviderArgs.builder()        
                .accountId("f037e56e89293a057740de681ac9abbe")
                .configs(AccessIdentityProviderConfigArgs.builder()
                    .attributes(                
                        "email",
                        "username")
                    .idpPublicCert("""
    MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
    uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o
                    """)
                    .issuerUrl("jumpcloud")
                    .signRequest(false)
                    .ssoTargetUrl("https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess")
                    .build())
                .name("JumpCloud SAML")
                .type("saml")
                .build());
    
            var okta = new AccessIdentityProvider("okta", AccessIdentityProviderArgs.builder()        
                .accountId("f037e56e89293a057740de681ac9abbe")
                .configs(AccessIdentityProviderConfigArgs.builder()
                    .apiToken("okta_api_token")
                    .clientId("example")
                    .clientSecret("secret_key")
                    .oktaAccount("https://example.com")
                    .build())
                .name("Okta")
                .type("okta")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_cloudflare as cloudflare
    
    # one time pin
    pin_login = cloudflare.AccessIdentityProvider("pinLogin",
        account_id="f037e56e89293a057740de681ac9abbe",
        name="PIN login",
        type="onetimepin")
    # oauth
    github_oauth = cloudflare.AccessIdentityProvider("githubOauth",
        account_id="f037e56e89293a057740de681ac9abbe",
        configs=[cloudflare.AccessIdentityProviderConfigArgs(
            client_id="example",
            client_secret="secret_key",
        )],
        name="GitHub OAuth",
        type="github")
    # saml
    jumpcloud_saml = cloudflare.AccessIdentityProvider("jumpcloudSaml",
        account_id="f037e56e89293a057740de681ac9abbe",
        configs=[cloudflare.AccessIdentityProviderConfigArgs(
            attributes=[
                "email",
                "username",
            ],
            idp_public_cert="""MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
    uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o
    """,
            issuer_url="jumpcloud",
            sign_request=False,
            sso_target_url="https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
        )],
        name="JumpCloud SAML",
        type="saml")
    # okta
    okta = cloudflare.AccessIdentityProvider("okta",
        account_id="f037e56e89293a057740de681ac9abbe",
        configs=[cloudflare.AccessIdentityProviderConfigArgs(
            api_token="okta_api_token",
            client_id="example",
            client_secret="secret_key",
            okta_account="https://example.com",
        )],
        name="Okta",
        type="okta")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as cloudflare from "@pulumi/cloudflare";
    
    // one time pin
    const pinLogin = new cloudflare.AccessIdentityProvider("pinLogin", {
        accountId: "f037e56e89293a057740de681ac9abbe",
        name: "PIN login",
        type: "onetimepin",
    });
    // oauth
    const githubOauth = new cloudflare.AccessIdentityProvider("githubOauth", {
        accountId: "f037e56e89293a057740de681ac9abbe",
        configs: [{
            clientId: "example",
            clientSecret: "secret_key",
        }],
        name: "GitHub OAuth",
        type: "github",
    });
    // saml
    const jumpcloudSaml = new cloudflare.AccessIdentityProvider("jumpcloudSaml", {
        accountId: "f037e56e89293a057740de681ac9abbe",
        configs: [{
            attributes: [
                "email",
                "username",
            ],
            idpPublicCert: `MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
    uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o
    `,
            issuerUrl: "jumpcloud",
            signRequest: false,
            ssoTargetUrl: "https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess",
        }],
        name: "JumpCloud SAML",
        type: "saml",
    });
    // okta
    const okta = new cloudflare.AccessIdentityProvider("okta", {
        accountId: "f037e56e89293a057740de681ac9abbe",
        configs: [{
            apiToken: "okta_api_token",
            clientId: "example",
            clientSecret: "secret_key",
            oktaAccount: "https://example.com",
        }],
        name: "Okta",
        type: "okta",
    });
    
    resources:
      # one time pin
      pinLogin:
        type: cloudflare:AccessIdentityProvider
        properties:
          accountId: f037e56e89293a057740de681ac9abbe
          name: PIN login
          type: onetimepin
      # oauth
      githubOauth:
        type: cloudflare:AccessIdentityProvider
        properties:
          accountId: f037e56e89293a057740de681ac9abbe
          configs:
            - clientId: example
              clientSecret: secret_key
          name: GitHub OAuth
          type: github
      # saml
      jumpcloudSaml:
        type: cloudflare:AccessIdentityProvider
        properties:
          accountId: f037e56e89293a057740de681ac9abbe
          configs:
            - attributes:
                - email
                - username
              idpPublicCert: |
                MIIDpDCCAoygAwIBAgIGAV2ka+55MA0GCSqGSIb3DQEBCwUAMIGSMQswCQ...GF/Q2/MHadws97cZg
                uTnQyuOqPuHbnN83d/2l1NSYKCbHt24o            
              issuerUrl: jumpcloud
              signRequest: false
              ssoTargetUrl: https://sso.myexample.jumpcloud.com/saml2/cloudflareaccess
          name: JumpCloud SAML
          type: saml
      # okta
      okta:
        type: cloudflare:AccessIdentityProvider
        properties:
          accountId: f037e56e89293a057740de681ac9abbe
          configs:
            - apiToken: okta_api_token
              clientId: example
              clientSecret: secret_key
              oktaAccount: https://example.com
          name: Okta
          type: okta
    

    Create AccessIdentityProvider Resource

    new AccessIdentityProvider(name: string, args: AccessIdentityProviderArgs, opts?: CustomResourceOptions);
    @overload
    def AccessIdentityProvider(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               account_id: Optional[str] = None,
                               configs: Optional[Sequence[AccessIdentityProviderConfigArgs]] = None,
                               name: Optional[str] = None,
                               scim_configs: Optional[Sequence[AccessIdentityProviderScimConfigArgs]] = None,
                               type: Optional[str] = None,
                               zone_id: Optional[str] = None)
    @overload
    def AccessIdentityProvider(resource_name: str,
                               args: AccessIdentityProviderArgs,
                               opts: Optional[ResourceOptions] = None)
    func NewAccessIdentityProvider(ctx *Context, name string, args AccessIdentityProviderArgs, opts ...ResourceOption) (*AccessIdentityProvider, error)
    public AccessIdentityProvider(string name, AccessIdentityProviderArgs args, CustomResourceOptions? opts = null)
    public AccessIdentityProvider(String name, AccessIdentityProviderArgs args)
    public AccessIdentityProvider(String name, AccessIdentityProviderArgs args, CustomResourceOptions options)
    
    type: cloudflare:AccessIdentityProvider
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args AccessIdentityProviderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AccessIdentityProviderArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AccessIdentityProviderArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AccessIdentityProviderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AccessIdentityProviderArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    AccessIdentityProvider Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AccessIdentityProvider resource accepts the following input properties:

    Name string

    Friendly name of the Access Identity Provider configuration.

    Type string

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    AccountId string

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    Configs List<AccessIdentityProviderConfig>

    Provider configuration from the developer documentation.

    ScimConfigs List<AccessIdentityProviderScimConfig>

    Configuration for SCIM settings for a given IDP.

    ZoneId string

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    Name string

    Friendly name of the Access Identity Provider configuration.

    Type string

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    AccountId string

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    Configs []AccessIdentityProviderConfigArgs

    Provider configuration from the developer documentation.

    ScimConfigs []AccessIdentityProviderScimConfigArgs

    Configuration for SCIM settings for a given IDP.

    ZoneId string

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    name String

    Friendly name of the Access Identity Provider configuration.

    type String

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    accountId String

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    configs List<AccessIdentityProviderConfig>

    Provider configuration from the developer documentation.

    scimConfigs List<AccessIdentityProviderScimConfig>

    Configuration for SCIM settings for a given IDP.

    zoneId String

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    name string

    Friendly name of the Access Identity Provider configuration.

    type string

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    accountId string

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    configs AccessIdentityProviderConfig[]

    Provider configuration from the developer documentation.

    scimConfigs AccessIdentityProviderScimConfig[]

    Configuration for SCIM settings for a given IDP.

    zoneId string

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    name str

    Friendly name of the Access Identity Provider configuration.

    type str

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    account_id str

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    configs Sequence[AccessIdentityProviderConfigArgs]

    Provider configuration from the developer documentation.

    scim_configs Sequence[AccessIdentityProviderScimConfigArgs]

    Configuration for SCIM settings for a given IDP.

    zone_id str

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    name String

    Friendly name of the Access Identity Provider configuration.

    type String

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    accountId String

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    configs List<Property Map>

    Provider configuration from the developer documentation.

    scimConfigs List<Property Map>

    Configuration for SCIM settings for a given IDP.

    zoneId String

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AccessIdentityProvider resource produces the following output properties:

    Id string

    The provider-assigned unique ID for this managed resource.

    Id string

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    id string

    The provider-assigned unique ID for this managed resource.

    id str

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    Look up Existing AccessIdentityProvider Resource

    Get an existing AccessIdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AccessIdentityProviderState, opts?: CustomResourceOptions): AccessIdentityProvider
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            account_id: Optional[str] = None,
            configs: Optional[Sequence[AccessIdentityProviderConfigArgs]] = None,
            name: Optional[str] = None,
            scim_configs: Optional[Sequence[AccessIdentityProviderScimConfigArgs]] = None,
            type: Optional[str] = None,
            zone_id: Optional[str] = None) -> AccessIdentityProvider
    func GetAccessIdentityProvider(ctx *Context, name string, id IDInput, state *AccessIdentityProviderState, opts ...ResourceOption) (*AccessIdentityProvider, error)
    public static AccessIdentityProvider Get(string name, Input<string> id, AccessIdentityProviderState? state, CustomResourceOptions? opts = null)
    public static AccessIdentityProvider get(String name, Output<String> id, AccessIdentityProviderState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccountId string

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    Configs List<AccessIdentityProviderConfig>

    Provider configuration from the developer documentation.

    Name string

    Friendly name of the Access Identity Provider configuration.

    ScimConfigs List<AccessIdentityProviderScimConfig>

    Configuration for SCIM settings for a given IDP.

    Type string

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    ZoneId string

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    AccountId string

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    Configs []AccessIdentityProviderConfigArgs

    Provider configuration from the developer documentation.

    Name string

    Friendly name of the Access Identity Provider configuration.

    ScimConfigs []AccessIdentityProviderScimConfigArgs

    Configuration for SCIM settings for a given IDP.

    Type string

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    ZoneId string

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    accountId String

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    configs List<AccessIdentityProviderConfig>

    Provider configuration from the developer documentation.

    name String

    Friendly name of the Access Identity Provider configuration.

    scimConfigs List<AccessIdentityProviderScimConfig>

    Configuration for SCIM settings for a given IDP.

    type String

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    zoneId String

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    accountId string

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    configs AccessIdentityProviderConfig[]

    Provider configuration from the developer documentation.

    name string

    Friendly name of the Access Identity Provider configuration.

    scimConfigs AccessIdentityProviderScimConfig[]

    Configuration for SCIM settings for a given IDP.

    type string

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    zoneId string

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    account_id str

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    configs Sequence[AccessIdentityProviderConfigArgs]

    Provider configuration from the developer documentation.

    name str

    Friendly name of the Access Identity Provider configuration.

    scim_configs Sequence[AccessIdentityProviderScimConfigArgs]

    Configuration for SCIM settings for a given IDP.

    type str

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    zone_id str

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    accountId String

    The account identifier to target for the resource. Conflicts with zone_id. Modifying this attribute will force creation of a new resource.

    configs List<Property Map>

    Provider configuration from the developer documentation.

    name String

    Friendly name of the Access Identity Provider configuration.

    scimConfigs List<Property Map>

    Configuration for SCIM settings for a given IDP.

    type String

    The provider type to use. Available values: azureAD, centrify, facebook, github, google, google-apps, linkedin, oidc, okta, onelogin, onetimepin, pingone, saml, yandex.

    zoneId String

    The zone identifier to target for the resource. Conflicts with account_id. Modifying this attribute will force creation of a new resource.

    Supporting Types

    AccessIdentityProviderConfig, AccessIdentityProviderConfigArgs

    apiToken String
    appsDomain String
    attributes List<String>
    authUrl String
    authorizationServerId String
    centrifyAccount String
    centrifyAppId String
    certsUrl String
    claims List<String>
    clientId String
    clientSecret String
    conditionalAccessEnabled Boolean
    directoryId String
    emailAttributeName String
    emailClaimName String
    idpPublicCert String
    issuerUrl String
    oktaAccount String
    oneloginAccount String
    pingEnvId String
    pkceEnabled Boolean
    redirectUrl String
    scopes List<String>
    signRequest Boolean
    ssoTargetUrl String
    supportGroups Boolean
    tokenUrl String
    apiToken String
    appsDomain String
    attributes List<String>
    authUrl String
    authorizationServerId String
    centrifyAccount String
    centrifyAppId String
    certsUrl String
    claims List<String>
    clientId String
    clientSecret String
    conditionalAccessEnabled Boolean
    directoryId String
    emailAttributeName String
    emailClaimName String
    idpPublicCert String
    issuerUrl String
    oktaAccount String
    oneloginAccount String
    pingEnvId String
    pkceEnabled Boolean
    redirectUrl String
    scopes List<String>
    signRequest Boolean
    ssoTargetUrl String
    supportGroups Boolean
    tokenUrl String

    AccessIdentityProviderScimConfig, AccessIdentityProviderScimConfigArgs

    Import

     $ pulumi import cloudflare:index/accessIdentityProvider:AccessIdentityProvider example <account_id>/<identity_provider_id>
    

    Package Details

    Repository
    Cloudflare pulumi/pulumi-cloudflare
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the cloudflare Terraform Provider.

    cloudflare logo
    Cloudflare v5.11.0 published on Wednesday, Sep 20, 2023 by Pulumi