fortimanager.ObjectUserOidc

fortimanager 1.16.0, Mar 7 26

Viewing docs for fortimanager 1.16.0
published on Saturday, Mar 7, 2026 by fortinetdev

fortinetdev/terraform-provider-fortimanager

Viewing docs for fortimanager 1.16.0
published on Saturday, Mar 7, 2026 by fortinetdev

fortinetdev/terraform-provider-fortimanager

Create ObjectUserOidc Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ObjectUserOidc(name: string, args?: ObjectUserOidcArgs, opts?: CustomResourceOptions);

@overload
def ObjectUserOidc(resource_name: str,
                   args: Optional[ObjectUserOidcArgs] = None,
                   opts: Optional[ResourceOptions] = None)

@overload
def ObjectUserOidc(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   adom: Optional[str] = None,
                   auth_method: Optional[str] = None,
                   auth_type: Optional[str] = None,
                   authorization_url: Optional[str] = None,
                   client_id: Optional[str] = None,
                   client_secret: Optional[str] = None,
                   clock_tolerance: Optional[float] = None,
                   discovery_url: Optional[str] = None,
                   display_name: Optional[str] = None,
                   domain_hint: Optional[str] = None,
                   group_attr_name: Optional[str] = None,
                   icon_url: Optional[str] = None,
                   issuer: Optional[str] = None,
                   jwks_uri: Optional[str] = None,
                   ldap_servers: Optional[Sequence[str]] = None,
                   name: Optional[str] = None,
                   object_user_oidc_id: Optional[str] = None,
                   private_keys: Optional[Sequence[str]] = None,
                   scopetype: Optional[str] = None,
                   token_url: Optional[str] = None,
                   type: Optional[str] = None,
                   user_attr_name: Optional[str] = None,
                   user_regex: Optional[str] = None,
                   verify_cert: Optional[str] = None,
                   verify_issuer: Optional[str] = None)

func NewObjectUserOidc(ctx *Context, name string, args *ObjectUserOidcArgs, opts ...ResourceOption) (*ObjectUserOidc, error)

public ObjectUserOidc(string name, ObjectUserOidcArgs? args = null, CustomResourceOptions? opts = null)

public ObjectUserOidc(String name, ObjectUserOidcArgs args)
public ObjectUserOidc(String name, ObjectUserOidcArgs args, CustomResourceOptions options)

type: fortimanager:ObjectUserOidc
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ObjectUserOidcArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ObjectUserOidcArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ObjectUserOidcArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ObjectUserOidcArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ObjectUserOidcArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var objectUserOidcResource = new Fortimanager.Index.ObjectUserOidc("objectUserOidcResource", new()
{
    Adom = "string",
    AuthMethod = "string",
    AuthType = "string",
    AuthorizationUrl = "string",
    ClientId = "string",
    ClientSecret = "string",
    ClockTolerance = 0,
    DiscoveryUrl = "string",
    DisplayName = "string",
    DomainHint = "string",
    GroupAttrName = "string",
    IconUrl = "string",
    Issuer = "string",
    JwksUri = "string",
    LdapServers = new[]
    {
        "string",
    },
    Name = "string",
    ObjectUserOidcId = "string",
    PrivateKeys = new[]
    {
        "string",
    },
    Scopetype = "string",
    TokenUrl = "string",
    Type = "string",
    UserAttrName = "string",
    UserRegex = "string",
    VerifyCert = "string",
    VerifyIssuer = "string",
});

example, err := fortimanager.NewObjectUserOidc(ctx, "objectUserOidcResource", &fortimanager.ObjectUserOidcArgs{
	Adom:             pulumi.String("string"),
	AuthMethod:       pulumi.String("string"),
	AuthType:         pulumi.String("string"),
	AuthorizationUrl: pulumi.String("string"),
	ClientId:         pulumi.String("string"),
	ClientSecret:     pulumi.String("string"),
	ClockTolerance:   pulumi.Float64(0),
	DiscoveryUrl:     pulumi.String("string"),
	DisplayName:      pulumi.String("string"),
	DomainHint:       pulumi.String("string"),
	GroupAttrName:    pulumi.String("string"),
	IconUrl:          pulumi.String("string"),
	Issuer:           pulumi.String("string"),
	JwksUri:          pulumi.String("string"),
	LdapServers: pulumi.StringArray{
		pulumi.String("string"),
	},
	Name:             pulumi.String("string"),
	ObjectUserOidcId: pulumi.String("string"),
	PrivateKeys: pulumi.StringArray{
		pulumi.String("string"),
	},
	Scopetype:    pulumi.String("string"),
	TokenUrl:     pulumi.String("string"),
	Type:         pulumi.String("string"),
	UserAttrName: pulumi.String("string"),
	UserRegex:    pulumi.String("string"),
	VerifyCert:   pulumi.String("string"),
	VerifyIssuer: pulumi.String("string"),
})

var objectUserOidcResource = new ObjectUserOidc("objectUserOidcResource", ObjectUserOidcArgs.builder()
    .adom("string")
    .authMethod("string")
    .authType("string")
    .authorizationUrl("string")
    .clientId("string")
    .clientSecret("string")
    .clockTolerance(0.0)
    .discoveryUrl("string")
    .displayName("string")
    .domainHint("string")
    .groupAttrName("string")
    .iconUrl("string")
    .issuer("string")
    .jwksUri("string")
    .ldapServers("string")
    .name("string")
    .objectUserOidcId("string")
    .privateKeys("string")
    .scopetype("string")
    .tokenUrl("string")
    .type("string")
    .userAttrName("string")
    .userRegex("string")
    .verifyCert("string")
    .verifyIssuer("string")
    .build());

object_user_oidc_resource = fortimanager.ObjectUserOidc("objectUserOidcResource",
    adom="string",
    auth_method="string",
    auth_type="string",
    authorization_url="string",
    client_id="string",
    client_secret="string",
    clock_tolerance=0,
    discovery_url="string",
    display_name="string",
    domain_hint="string",
    group_attr_name="string",
    icon_url="string",
    issuer="string",
    jwks_uri="string",
    ldap_servers=["string"],
    name="string",
    object_user_oidc_id="string",
    private_keys=["string"],
    scopetype="string",
    token_url="string",
    type="string",
    user_attr_name="string",
    user_regex="string",
    verify_cert="string",
    verify_issuer="string")

const objectUserOidcResource = new fortimanager.ObjectUserOidc("objectUserOidcResource", {
    adom: "string",
    authMethod: "string",
    authType: "string",
    authorizationUrl: "string",
    clientId: "string",
    clientSecret: "string",
    clockTolerance: 0,
    discoveryUrl: "string",
    displayName: "string",
    domainHint: "string",
    groupAttrName: "string",
    iconUrl: "string",
    issuer: "string",
    jwksUri: "string",
    ldapServers: ["string"],
    name: "string",
    objectUserOidcId: "string",
    privateKeys: ["string"],
    scopetype: "string",
    tokenUrl: "string",
    type: "string",
    userAttrName: "string",
    userRegex: "string",
    verifyCert: "string",
    verifyIssuer: "string",
});

type: fortimanager:ObjectUserOidc
properties:
    adom: string
    authMethod: string
    authType: string
    authorizationUrl: string
    clientId: string
    clientSecret: string
    clockTolerance: 0
    discoveryUrl: string
    displayName: string
    domainHint: string
    groupAttrName: string
    iconUrl: string
    issuer: string
    jwksUri: string
    ldapServers:
        - string
    name: string
    objectUserOidcId: string
    privateKeys:
        - string
    scopetype: string
    tokenUrl: string
    type: string
    userAttrName: string
    userRegex: string
    verifyCert: string
    verifyIssuer: string

ObjectUserOidc Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ObjectUserOidc resource accepts the following input properties:

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AuthMethod string: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
AuthType string: Auth-Type. Valid values: client-secret, private-key.
AuthorizationUrl string: Authorization-Url.
ClientId string: Client-Id.
ClientSecret string: Client-Secret.
ClockTolerance double: Clock-Tolerance.
DiscoveryUrl string: Discovery-Url.
DisplayName string: Display-Name.
DomainHint string: Domain-Hint.
GroupAttrName string: Group-Attr-Name.
IconUrl string: Icon-Url.
Issuer string: Issuer.
JwksUri string: Jwks-Uri.
LdapServers List<string>: Ldap-Server.
Name string: Name.
ObjectUserOidcId string: an identifier for the resource with format {{name}}.
PrivateKeys List<string>: Private-Key.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
TokenUrl string: Token-Url.
Type string: Type. Valid values: discovery, manual.
UserAttrName string: User-Attr-Name. Valid values: email, sub, preferred_username.
UserRegex string: User-Regex.
VerifyCert string: Verify-Cert. Valid values: disable, enable.
VerifyIssuer string: Verify-Issuer. Valid values: disable, enable.

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AuthMethod string: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
AuthType string: Auth-Type. Valid values: client-secret, private-key.
AuthorizationUrl string: Authorization-Url.
ClientId string: Client-Id.
ClientSecret string: Client-Secret.
ClockTolerance float64: Clock-Tolerance.
DiscoveryUrl string: Discovery-Url.
DisplayName string: Display-Name.
DomainHint string: Domain-Hint.
GroupAttrName string: Group-Attr-Name.
IconUrl string: Icon-Url.
Issuer string: Issuer.
JwksUri string: Jwks-Uri.
LdapServers []string: Ldap-Server.
Name string: Name.
ObjectUserOidcId string: an identifier for the resource with format {{name}}.
PrivateKeys []string: Private-Key.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
TokenUrl string: Token-Url.
Type string: Type. Valid values: discovery, manual.
UserAttrName string: User-Attr-Name. Valid values: email, sub, preferred_username.
UserRegex string: User-Regex.
VerifyCert string: Verify-Cert. Valid values: disable, enable.
VerifyIssuer string: Verify-Issuer. Valid values: disable, enable.

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authMethod String: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
authType String: Auth-Type. Valid values: client-secret, private-key.
authorizationUrl String: Authorization-Url.
clientId String: Client-Id.
clientSecret String: Client-Secret.
clockTolerance Double: Clock-Tolerance.
discoveryUrl String: Discovery-Url.
displayName String: Display-Name.
domainHint String: Domain-Hint.
groupAttrName String: Group-Attr-Name.
iconUrl String: Icon-Url.
issuer String: Issuer.
jwksUri String: Jwks-Uri.
ldapServers List<String>: Ldap-Server.
name String: Name.
objectUserOidcId String: an identifier for the resource with format {{name}}.
privateKeys List<String>: Private-Key.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
tokenUrl String: Token-Url.
type String: Type. Valid values: discovery, manual.
userAttrName String: User-Attr-Name. Valid values: email, sub, preferred_username.
userRegex String: User-Regex.
verifyCert String: Verify-Cert. Valid values: disable, enable.
verifyIssuer String: Verify-Issuer. Valid values: disable, enable.

adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authMethod string: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
authType string: Auth-Type. Valid values: client-secret, private-key.
authorizationUrl string: Authorization-Url.
clientId string: Client-Id.
clientSecret string: Client-Secret.
clockTolerance number: Clock-Tolerance.
discoveryUrl string: Discovery-Url.
displayName string: Display-Name.
domainHint string: Domain-Hint.
groupAttrName string: Group-Attr-Name.
iconUrl string: Icon-Url.
issuer string: Issuer.
jwksUri string: Jwks-Uri.
ldapServers string[]: Ldap-Server.
name string: Name.
objectUserOidcId string: an identifier for the resource with format {{name}}.
privateKeys string[]: Private-Key.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
tokenUrl string: Token-Url.
type string: Type. Valid values: discovery, manual.
userAttrName string: User-Attr-Name. Valid values: email, sub, preferred_username.
userRegex string: User-Regex.
verifyCert string: Verify-Cert. Valid values: disable, enable.
verifyIssuer string: Verify-Issuer. Valid values: disable, enable.

adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
auth_method str: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
auth_type str: Auth-Type. Valid values: client-secret, private-key.
authorization_url str: Authorization-Url.
client_id str: Client-Id.
client_secret str: Client-Secret.
clock_tolerance float: Clock-Tolerance.
discovery_url str: Discovery-Url.
display_name str: Display-Name.
domain_hint str: Domain-Hint.
group_attr_name str: Group-Attr-Name.
icon_url str: Icon-Url.
issuer str: Issuer.
jwks_uri str: Jwks-Uri.
ldap_servers Sequence[str]: Ldap-Server.
name str: Name.
object_user_oidc_id str: an identifier for the resource with format {{name}}.
private_keys Sequence[str]: Private-Key.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
token_url str: Token-Url.
type str: Type. Valid values: discovery, manual.
user_attr_name str: User-Attr-Name. Valid values: email, sub, preferred_username.
user_regex str: User-Regex.
verify_cert str: Verify-Cert. Valid values: disable, enable.
verify_issuer str: Verify-Issuer. Valid values: disable, enable.

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authMethod String: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
authType String: Auth-Type. Valid values: client-secret, private-key.
authorizationUrl String: Authorization-Url.
clientId String: Client-Id.
clientSecret String: Client-Secret.
clockTolerance Number: Clock-Tolerance.
discoveryUrl String: Discovery-Url.
displayName String: Display-Name.
domainHint String: Domain-Hint.
groupAttrName String: Group-Attr-Name.
iconUrl String: Icon-Url.
issuer String: Issuer.
jwksUri String: Jwks-Uri.
ldapServers List<String>: Ldap-Server.
name String: Name.
objectUserOidcId String: an identifier for the resource with format {{name}}.
privateKeys List<String>: Private-Key.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
tokenUrl String: Token-Url.
type String: Type. Valid values: discovery, manual.
userAttrName String: User-Attr-Name. Valid values: email, sub, preferred_username.
userRegex String: User-Regex.
verifyCert String: Verify-Cert. Valid values: disable, enable.
verifyIssuer String: Verify-Issuer. Valid values: disable, enable.

Outputs

All input properties are implicitly available as output properties. Additionally, the ObjectUserOidc resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ObjectUserOidc Resource

Get an existing ObjectUserOidc resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ObjectUserOidcState, opts?: CustomResourceOptions): ObjectUserOidc

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        adom: Optional[str] = None,
        auth_method: Optional[str] = None,
        auth_type: Optional[str] = None,
        authorization_url: Optional[str] = None,
        client_id: Optional[str] = None,
        client_secret: Optional[str] = None,
        clock_tolerance: Optional[float] = None,
        discovery_url: Optional[str] = None,
        display_name: Optional[str] = None,
        domain_hint: Optional[str] = None,
        group_attr_name: Optional[str] = None,
        icon_url: Optional[str] = None,
        issuer: Optional[str] = None,
        jwks_uri: Optional[str] = None,
        ldap_servers: Optional[Sequence[str]] = None,
        name: Optional[str] = None,
        object_user_oidc_id: Optional[str] = None,
        private_keys: Optional[Sequence[str]] = None,
        scopetype: Optional[str] = None,
        token_url: Optional[str] = None,
        type: Optional[str] = None,
        user_attr_name: Optional[str] = None,
        user_regex: Optional[str] = None,
        verify_cert: Optional[str] = None,
        verify_issuer: Optional[str] = None) -> ObjectUserOidc

func GetObjectUserOidc(ctx *Context, name string, id IDInput, state *ObjectUserOidcState, opts ...ResourceOption) (*ObjectUserOidc, error)

public static ObjectUserOidc Get(string name, Input<string> id, ObjectUserOidcState? state, CustomResourceOptions? opts = null)

public static ObjectUserOidc get(String name, Output<String> id, ObjectUserOidcState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:ObjectUserOidc    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AuthMethod string: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
AuthType string: Auth-Type. Valid values: client-secret, private-key.
AuthorizationUrl string: Authorization-Url.
ClientId string: Client-Id.
ClientSecret string: Client-Secret.
ClockTolerance double: Clock-Tolerance.
DiscoveryUrl string: Discovery-Url.
DisplayName string: Display-Name.
DomainHint string: Domain-Hint.
GroupAttrName string: Group-Attr-Name.
IconUrl string: Icon-Url.
Issuer string: Issuer.
JwksUri string: Jwks-Uri.
LdapServers List<string>: Ldap-Server.
Name string: Name.
ObjectUserOidcId string: an identifier for the resource with format {{name}}.
PrivateKeys List<string>: Private-Key.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
TokenUrl string: Token-Url.
Type string: Type. Valid values: discovery, manual.
UserAttrName string: User-Attr-Name. Valid values: email, sub, preferred_username.
UserRegex string: User-Regex.
VerifyCert string: Verify-Cert. Valid values: disable, enable.
VerifyIssuer string: Verify-Issuer. Valid values: disable, enable.

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AuthMethod string: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
AuthType string: Auth-Type. Valid values: client-secret, private-key.
AuthorizationUrl string: Authorization-Url.
ClientId string: Client-Id.
ClientSecret string: Client-Secret.
ClockTolerance float64: Clock-Tolerance.
DiscoveryUrl string: Discovery-Url.
DisplayName string: Display-Name.
DomainHint string: Domain-Hint.
GroupAttrName string: Group-Attr-Name.
IconUrl string: Icon-Url.
Issuer string: Issuer.
JwksUri string: Jwks-Uri.
LdapServers []string: Ldap-Server.
Name string: Name.
ObjectUserOidcId string: an identifier for the resource with format {{name}}.
PrivateKeys []string: Private-Key.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
TokenUrl string: Token-Url.
Type string: Type. Valid values: discovery, manual.
UserAttrName string: User-Attr-Name. Valid values: email, sub, preferred_username.
UserRegex string: User-Regex.
VerifyCert string: Verify-Cert. Valid values: disable, enable.
VerifyIssuer string: Verify-Issuer. Valid values: disable, enable.

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authMethod String: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
authType String: Auth-Type. Valid values: client-secret, private-key.
authorizationUrl String: Authorization-Url.
clientId String: Client-Id.
clientSecret String: Client-Secret.
clockTolerance Double: Clock-Tolerance.
discoveryUrl String: Discovery-Url.
displayName String: Display-Name.
domainHint String: Domain-Hint.
groupAttrName String: Group-Attr-Name.
iconUrl String: Icon-Url.
issuer String: Issuer.
jwksUri String: Jwks-Uri.
ldapServers List<String>: Ldap-Server.
name String: Name.
objectUserOidcId String: an identifier for the resource with format {{name}}.
privateKeys List<String>: Private-Key.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
tokenUrl String: Token-Url.
type String: Type. Valid values: discovery, manual.
userAttrName String: User-Attr-Name. Valid values: email, sub, preferred_username.
userRegex String: User-Regex.
verifyCert String: Verify-Cert. Valid values: disable, enable.
verifyIssuer String: Verify-Issuer. Valid values: disable, enable.

adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authMethod string: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
authType string: Auth-Type. Valid values: client-secret, private-key.
authorizationUrl string: Authorization-Url.
clientId string: Client-Id.
clientSecret string: Client-Secret.
clockTolerance number: Clock-Tolerance.
discoveryUrl string: Discovery-Url.
displayName string: Display-Name.
domainHint string: Domain-Hint.
groupAttrName string: Group-Attr-Name.
iconUrl string: Icon-Url.
issuer string: Issuer.
jwksUri string: Jwks-Uri.
ldapServers string[]: Ldap-Server.
name string: Name.
objectUserOidcId string: an identifier for the resource with format {{name}}.
privateKeys string[]: Private-Key.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
tokenUrl string: Token-Url.
type string: Type. Valid values: discovery, manual.
userAttrName string: User-Attr-Name. Valid values: email, sub, preferred_username.
userRegex string: User-Regex.
verifyCert string: Verify-Cert. Valid values: disable, enable.
verifyIssuer string: Verify-Issuer. Valid values: disable, enable.

adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
auth_method str: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
auth_type str: Auth-Type. Valid values: client-secret, private-key.
authorization_url str: Authorization-Url.
client_id str: Client-Id.
client_secret str: Client-Secret.
clock_tolerance float: Clock-Tolerance.
discovery_url str: Discovery-Url.
display_name str: Display-Name.
domain_hint str: Domain-Hint.
group_attr_name str: Group-Attr-Name.
icon_url str: Icon-Url.
issuer str: Issuer.
jwks_uri str: Jwks-Uri.
ldap_servers Sequence[str]: Ldap-Server.
name str: Name.
object_user_oidc_id str: an identifier for the resource with format {{name}}.
private_keys Sequence[str]: Private-Key.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
token_url str: Token-Url.
type str: Type. Valid values: discovery, manual.
user_attr_name str: User-Attr-Name. Valid values: email, sub, preferred_username.
user_regex str: User-Regex.
verify_cert str: Verify-Cert. Valid values: disable, enable.
verify_issuer str: Verify-Issuer. Valid values: disable, enable.

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
authMethod String: Auth-Method. Valid values: client_secret_basic, client_secret_post, private_key_jwt.
authType String: Auth-Type. Valid values: client-secret, private-key.
authorizationUrl String: Authorization-Url.
clientId String: Client-Id.
clientSecret String: Client-Secret.
clockTolerance Number: Clock-Tolerance.
discoveryUrl String: Discovery-Url.
displayName String: Display-Name.
domainHint String: Domain-Hint.
groupAttrName String: Group-Attr-Name.
iconUrl String: Icon-Url.
issuer String: Issuer.
jwksUri String: Jwks-Uri.
ldapServers List<String>: Ldap-Server.
name String: Name.
objectUserOidcId String: an identifier for the resource with format {{name}}.
privateKeys List<String>: Private-Key.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
tokenUrl String: Token-Url.
type String: Type. Valid values: discovery, manual.
userAttrName String: User-Attr-Name. Valid values: email, sub, preferred_username.
userRegex String: User-Regex.
verifyCert String: Verify-Cert. Valid values: disable, enable.
verifyIssuer String: Verify-Issuer. Valid values: disable, enable.

Import

ObjectUser Oidc can be imported using any of these accepted formats:

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/objectUserOidc:ObjectUserOidc labelname {{name}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

Viewing docs for fortimanager 1.16.0
published on Saturday, Mar 7, 2026 by fortinetdev

Schema (JSON)

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectUserOidc

On this page

On this page

Create ObjectUserOidc Resource

Constructor syntax

Parameters

Constructor example

ObjectUserOidc Resource Properties

Inputs

Outputs

Look up Existing ObjectUserOidc Resource

Import

Package Details

On this page

On this page