FusionAuth

v0.9.7 published on Thursday, Jul 28, 2022 by Theo Gravity

FusionAuthApplication

# Application Resource

Applications API

Example Usage

using Pulumi;
using Fusionauth = theogravity.Fusionauth;

class MyStack : Stack
{
    public MyStack()
    {
        var forum = new Fusionauth.FusionAuthApplication("forum", new Fusionauth.FusionAuthApplicationArgs
        {
            TenantId = fusionauth_tenant.Portal.Id,
            AuthenticationTokenConfigurationEnabled = false,
            FormConfiguration = new Fusionauth.Inputs.FusionAuthApplicationFormConfigurationArgs
            {
                AdminRegistrationFormId = fusionauth_form.Admin_registration.Id,
                SelfServiceFormId = fusionauth_form.Self_service.Id,
            },
            JwtConfiguration = new Fusionauth.Inputs.FusionAuthApplicationJwtConfigurationArgs
            {
                AccessTokenId = fusionauth_key.Access_token.Id,
                Enabled = true,
                IdTokenKeyId = fusionauth_key.Id_token.Id,
                RefreshTokenTtlMinutes = 43200,
                TtlSeconds = 3600,
            },
            LambdaConfiguration = new Fusionauth.Inputs.FusionAuthApplicationLambdaConfigurationArgs
            {
                AccessTokenPopulateId = fusionauth_lambda.Token_populate.Id,
                IdTokenPopulateId = fusionauth_lambda.Id_token_populate.Id,
            },
            LoginConfiguration = new Fusionauth.Inputs.FusionAuthApplicationLoginConfigurationArgs
            {
                AllowTokenRefresh = false,
                GenerateRefreshTokens = false,
                RequireAuthentication = true,
            },
            OauthConfiguration = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationArgs
            {
                AuthorizedOriginUrls = 
                {
                    "http://www.example.com/oauth-callback",
                },
                EnabledGrants = 
                {
                    "authorization_code",
                    "implicit",
                },
                GenerateRefreshTokens = false,
                LogoutBehavior = "AllApplications",
                LogoutUrl = "http://www.example.com/logout",
                RequireClientAuthentication = false,
            },
            RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationArgs
            {
                BirthDate = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationBirthDateArgs
                {
                    Enabled = false,
                    Required = false,
                },
                ConfirmPassword = false,
                Enabled = false,
                FirstName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFirstNameArgs
                {
                    Enabled = false,
                    Required = false,
                },
                FullName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFullNameArgs
                {
                    Enabled = false,
                    Required = false,
                },
                LastName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationLastNameArgs
                {
                    Enabled = false,
                    Required = false,
                },
                LoginIdType = "",
                MiddleName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs
                {
                    Enabled = false,
                    Required = false,
                },
                MobilePhone = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs
                {
                    Enabled = false,
                    Required = false,
                },
                Type = "",
            },
            PasswordlessConfigurationEnabled = false,
            RegistrationDeletePolicy = new Fusionauth.Inputs.FusionAuthApplicationRegistrationDeletePolicyArgs
            {
                UnverifiedEnabled = true,
                UnverifiedNumberOfDaysToRetain = 30,
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-fusionauth/sdk/go/fusionauth"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/theogravity/pulumi-fusionauth/sdk/go/fusionauth"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fusionauth.NewFusionAuthApplication(ctx, "forum", &fusionauth.FusionAuthApplicationArgs{
			TenantId:                                pulumi.Any(fusionauth_tenant.Portal.Id),
			AuthenticationTokenConfigurationEnabled: pulumi.Bool(false),
			FormConfiguration: &FusionAuthApplicationFormConfigurationArgs{
				AdminRegistrationFormId: pulumi.Any(fusionauth_form.Admin_registration.Id),
				SelfServiceFormId:       pulumi.Any(fusionauth_form.Self_service.Id),
			},
			JwtConfiguration: &FusionAuthApplicationJwtConfigurationArgs{
				AccessTokenId:          pulumi.Any(fusionauth_key.Access_token.Id),
				Enabled:                pulumi.Bool(true),
				IdTokenKeyId:           pulumi.Any(fusionauth_key.Id_token.Id),
				RefreshTokenTtlMinutes: pulumi.Int(43200),
				TtlSeconds:             pulumi.Int(3600),
			},
			LambdaConfiguration: &FusionAuthApplicationLambdaConfigurationArgs{
				AccessTokenPopulateId: pulumi.Any(fusionauth_lambda.Token_populate.Id),
				IdTokenPopulateId:     pulumi.Any(fusionauth_lambda.Id_token_populate.Id),
			},
			LoginConfiguration: &FusionAuthApplicationLoginConfigurationArgs{
				AllowTokenRefresh:     pulumi.Bool(false),
				GenerateRefreshTokens: pulumi.Bool(false),
				RequireAuthentication: pulumi.Bool(true),
			},
			OauthConfiguration: &FusionAuthApplicationOauthConfigurationArgs{
				AuthorizedOriginUrls: pulumi.StringArray{
					pulumi.String("http://www.example.com/oauth-callback"),
				},
				EnabledGrants: pulumi.StringArray{
					pulumi.String("authorization_code"),
					pulumi.String("implicit"),
				},
				GenerateRefreshTokens:       pulumi.Bool(false),
				LogoutBehavior:              pulumi.String("AllApplications"),
				LogoutUrl:                   pulumi.String("http://www.example.com/logout"),
				RequireClientAuthentication: pulumi.Bool(false),
			},
			RegistrationConfiguration: &FusionAuthApplicationRegistrationConfigurationArgs{
				BirthDate: &FusionAuthApplicationRegistrationConfigurationBirthDateArgs{
					Enabled:  pulumi.Bool(false),
					Required: pulumi.Bool(false),
				},
				ConfirmPassword: pulumi.Bool(false),
				Enabled:         pulumi.Bool(false),
				FirstName: &FusionAuthApplicationRegistrationConfigurationFirstNameArgs{
					Enabled:  pulumi.Bool(false),
					Required: pulumi.Bool(false),
				},
				FullName: &FusionAuthApplicationRegistrationConfigurationFullNameArgs{
					Enabled:  pulumi.Bool(false),
					Required: pulumi.Bool(false),
				},
				LastName: &FusionAuthApplicationRegistrationConfigurationLastNameArgs{
					Enabled:  pulumi.Bool(false),
					Required: pulumi.Bool(false),
				},
				LoginIdType: pulumi.String(""),
				MiddleName: &FusionAuthApplicationRegistrationConfigurationMiddleNameArgs{
					Enabled:  pulumi.Bool(false),
					Required: pulumi.Bool(false),
				},
				MobilePhone: &FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs{
					Enabled:  pulumi.Bool(false),
					Required: pulumi.Bool(false),
				},
				Type: pulumi.String(""),
			},
			PasswordlessConfigurationEnabled: pulumi.Bool(false),
			RegistrationDeletePolicy: &FusionAuthApplicationRegistrationDeletePolicyArgs{
				UnverifiedEnabled:              pulumi.Bool(true),
				UnverifiedNumberOfDaysToRetain: pulumi.Int(30),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var forum = new FusionAuthApplication("forum", FusionAuthApplicationArgs.builder()        
            .tenantId(fusionauth_tenant.portal().id())
            .authenticationTokenConfigurationEnabled(false)
            .formConfiguration(FusionAuthApplicationFormConfigurationArgs.builder()
                .adminRegistrationFormId(fusionauth_form.admin_registration().id())
                .selfServiceFormId(fusionauth_form.self_service().id())
                .build())
            .jwtConfiguration(FusionAuthApplicationJwtConfigurationArgs.builder()
                .accessTokenId(fusionauth_key.access_token().id())
                .enabled(true)
                .idTokenKeyId(fusionauth_key.id_token().id())
                .refreshTokenTtlMinutes(43200)
                .ttlSeconds(3600)
                .build())
            .lambdaConfiguration(FusionAuthApplicationLambdaConfigurationArgs.builder()
                .accessTokenPopulateId(fusionauth_lambda.token_populate().id())
                .idTokenPopulateId(fusionauth_lambda.id_token_populate().id())
                .build())
            .loginConfiguration(FusionAuthApplicationLoginConfigurationArgs.builder()
                .allowTokenRefresh(false)
                .generateRefreshTokens(false)
                .requireAuthentication(true)
                .build())
            .oauthConfiguration(FusionAuthApplicationOauthConfigurationArgs.builder()
                .authorizedOriginUrls("http://www.example.com/oauth-callback")
                .enabledGrants(                
                    "authorization_code",
                    "implicit")
                .generateRefreshTokens(false)
                .logoutBehavior("AllApplications")
                .logoutUrl("http://www.example.com/logout")
                .requireClientAuthentication(false)
                .build())
            .registrationConfiguration(FusionAuthApplicationRegistrationConfigurationArgs.builder()
                .birthDate(FusionAuthApplicationRegistrationConfigurationBirthDateArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .confirmPassword(false)
                .enabled(false)
                .firstName(FusionAuthApplicationRegistrationConfigurationFirstNameArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .fullName(FusionAuthApplicationRegistrationConfigurationFullNameArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .lastName(FusionAuthApplicationRegistrationConfigurationLastNameArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .loginIdType("")
                .middleName(FusionAuthApplicationRegistrationConfigurationMiddleNameArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .mobilePhone(FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs.builder()
                    .enabled(false)
                    .required(false)
                    .build())
                .type("")
                .build())
            .passwordlessConfigurationEnabled(false)
            .registrationDeletePolicy(FusionAuthApplicationRegistrationDeletePolicyArgs.builder()
                .unverifiedEnabled(true)
                .unverifiedNumberOfDaysToRetain(30)
                .build())
            .build());

    }
}
import pulumi
import theogravity_pulumi-fusionauth as fusionauth

forum = fusionauth.FusionAuthApplication("forum",
    tenant_id=fusionauth_tenant["portal"]["id"],
    authentication_token_configuration_enabled=False,
    form_configuration=fusionauth.FusionAuthApplicationFormConfigurationArgs(
        admin_registration_form_id=fusionauth_form["admin_registration"]["id"],
        self_service_form_id=fusionauth_form["self_service"]["id"],
    ),
    jwt_configuration=fusionauth.FusionAuthApplicationJwtConfigurationArgs(
        access_token_id=fusionauth_key["access_token"]["id"],
        enabled=True,
        id_token_key_id=fusionauth_key["id_token"]["id"],
        refresh_token_ttl_minutes=43200,
        ttl_seconds=3600,
    ),
    lambda_configuration=fusionauth.FusionAuthApplicationLambdaConfigurationArgs(
        access_token_populate_id=fusionauth_lambda["token_populate"]["id"],
        id_token_populate_id=fusionauth_lambda["id_token_populate"]["id"],
    ),
    login_configuration=fusionauth.FusionAuthApplicationLoginConfigurationArgs(
        allow_token_refresh=False,
        generate_refresh_tokens=False,
        require_authentication=True,
    ),
    oauth_configuration=fusionauth.FusionAuthApplicationOauthConfigurationArgs(
        authorized_origin_urls=["http://www.example.com/oauth-callback"],
        enabled_grants=[
            "authorization_code",
            "implicit",
        ],
        generate_refresh_tokens=False,
        logout_behavior="AllApplications",
        logout_url="http://www.example.com/logout",
        require_client_authentication=False,
    ),
    registration_configuration=fusionauth.FusionAuthApplicationRegistrationConfigurationArgs(
        birth_date=fusionauth.FusionAuthApplicationRegistrationConfigurationBirthDateArgs(
            enabled=False,
            required=False,
        ),
        confirm_password=False,
        enabled=False,
        first_name=fusionauth.FusionAuthApplicationRegistrationConfigurationFirstNameArgs(
            enabled=False,
            required=False,
        ),
        full_name=fusionauth.FusionAuthApplicationRegistrationConfigurationFullNameArgs(
            enabled=False,
            required=False,
        ),
        last_name=fusionauth.FusionAuthApplicationRegistrationConfigurationLastNameArgs(
            enabled=False,
            required=False,
        ),
        login_id_type="",
        middle_name=fusionauth.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs(
            enabled=False,
            required=False,
        ),
        mobile_phone=fusionauth.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs(
            enabled=False,
            required=False,
        ),
        type="",
    ),
    passwordless_configuration_enabled=False,
    registration_delete_policy=fusionauth.FusionAuthApplicationRegistrationDeletePolicyArgs(
        unverified_enabled=True,
        unverified_number_of_days_to_retain=30,
    ))
import * as pulumi from "@pulumi/pulumi";
import * as pulumi_fusionauth from "pulumi-fusionauth";

const forum = new fusionauth.FusionAuthApplication("forum", {
    tenantId: fusionauth_tenant.portal.id,
    authenticationTokenConfigurationEnabled: false,
    formConfiguration: {
        adminRegistrationFormId: fusionauth_form.admin_registration.id,
        selfServiceFormId: fusionauth_form.self_service.id,
    },
    jwtConfiguration: {
        accessTokenId: fusionauth_key.access_token.id,
        enabled: true,
        idTokenKeyId: fusionauth_key.id_token.id,
        refreshTokenTtlMinutes: 43200,
        ttlSeconds: 3600,
    },
    lambdaConfiguration: {
        accessTokenPopulateId: fusionauth_lambda.token_populate.id,
        idTokenPopulateId: fusionauth_lambda.id_token_populate.id,
    },
    loginConfiguration: {
        allowTokenRefresh: false,
        generateRefreshTokens: false,
        requireAuthentication: true,
    },
    oauthConfiguration: {
        authorizedOriginUrls: ["http://www.example.com/oauth-callback"],
        enabledGrants: [
            "authorization_code",
            "implicit",
        ],
        generateRefreshTokens: false,
        logoutBehavior: "AllApplications",
        logoutUrl: "http://www.example.com/logout",
        requireClientAuthentication: false,
    },
    registrationConfiguration: {
        birthDate: {
            enabled: false,
            required: false,
        },
        confirmPassword: false,
        enabled: false,
        firstName: {
            enabled: false,
            required: false,
        },
        fullName: {
            enabled: false,
            required: false,
        },
        lastName: {
            enabled: false,
            required: false,
        },
        loginIdType: "",
        middleName: {
            enabled: false,
            required: false,
        },
        mobilePhone: {
            enabled: false,
            required: false,
        },
        type: "",
    },
    passwordlessConfigurationEnabled: false,
    registrationDeletePolicy: {
        unverifiedEnabled: true,
        unverifiedNumberOfDaysToRetain: 30,
    },
});
resources:
  forum:
    type: fusionauth:FusionAuthApplication
    properties:
      tenantId: ${fusionauth_tenant.portal.id}
      authenticationTokenConfigurationEnabled: false
      formConfiguration:
        adminRegistrationFormId: ${fusionauth_form.admin_registration.id}
        selfServiceFormId: ${fusionauth_form.self_service.id}
      jwtConfiguration:
        accessTokenId: ${fusionauth_key.access_token.id}
        enabled: true
        idTokenKeyId: ${fusionauth_key.id_token.id}
        refreshTokenTtlMinutes: 43200
        ttlSeconds: 3600
      lambdaConfiguration:
        accessTokenPopulateId: ${fusionauth_lambda.token_populate.id}
        idTokenPopulateId: ${fusionauth_lambda.id_token_populate.id}
      loginConfiguration:
        allowTokenRefresh: false
        generateRefreshTokens: false
        requireAuthentication: true
      oauthConfiguration:
        authorizedOriginUrls:
          - http://www.example.com/oauth-callback
        enabledGrants:
          - authorization_code
          - implicit
        generateRefreshTokens: false
        logoutBehavior: AllApplications
        logoutUrl: http://www.example.com/logout
        requireClientAuthentication: false
      registrationConfiguration:
        birthDate:
          enabled: false
          required: false
        confirmPassword: false
        enabled: false
        firstName:
          enabled: false
          required: false
        fullName:
          enabled: false
          required: false
        lastName:
          enabled: false
          required: false
        loginIdType:
        middleName:
          enabled: false
          required: false
        mobilePhone:
          enabled: false
          required: false
        type:
      passwordlessConfigurationEnabled: false
      registrationDeletePolicy:
        unverifiedEnabled: true
        unverifiedNumberOfDaysToRetain: 30

Create a FusionAuthApplication Resource

new FusionAuthApplication(name: string, args: FusionAuthApplicationArgs, opts?: CustomResourceOptions);
@overload
def FusionAuthApplication(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          access_control_configuration: Optional[FusionAuthApplicationAccessControlConfigurationArgs] = None,
                          application_id: Optional[str] = None,
                          authentication_token_configuration_enabled: Optional[bool] = None,
                          clean_speak_configuration: Optional[FusionAuthApplicationCleanSpeakConfigurationArgs] = None,
                          data: Optional[Mapping[str, Any]] = None,
                          email_configuration: Optional[FusionAuthApplicationEmailConfigurationArgs] = None,
                          form_configuration: Optional[FusionAuthApplicationFormConfigurationArgs] = None,
                          jwt_configuration: Optional[FusionAuthApplicationJwtConfigurationArgs] = None,
                          lambda_configuration: Optional[FusionAuthApplicationLambdaConfigurationArgs] = None,
                          login_configuration: Optional[FusionAuthApplicationLoginConfigurationArgs] = None,
                          multi_factor_configuration: Optional[FusionAuthApplicationMultiFactorConfigurationArgs] = None,
                          name: Optional[str] = None,
                          oauth_configuration: Optional[FusionAuthApplicationOauthConfigurationArgs] = None,
                          passwordless_configuration_enabled: Optional[bool] = None,
                          registration_configuration: Optional[FusionAuthApplicationRegistrationConfigurationArgs] = None,
                          registration_delete_policy: Optional[FusionAuthApplicationRegistrationDeletePolicyArgs] = None,
                          samlv2_configuration: Optional[FusionAuthApplicationSamlv2ConfigurationArgs] = None,
                          tenant_id: Optional[str] = None,
                          theme_id: Optional[str] = None,
                          verification_email_template_id: Optional[str] = None,
                          verify_registration: Optional[bool] = None,
                          webhook_ids: Optional[Sequence[str]] = None)
@overload
def FusionAuthApplication(resource_name: str,
                          args: FusionAuthApplicationArgs,
                          opts: Optional[ResourceOptions] = None)
func NewFusionAuthApplication(ctx *Context, name string, args FusionAuthApplicationArgs, opts ...ResourceOption) (*FusionAuthApplication, error)
public FusionAuthApplication(string name, FusionAuthApplicationArgs args, CustomResourceOptions? opts = null)
public FusionAuthApplication(String name, FusionAuthApplicationArgs args)
public FusionAuthApplication(String name, FusionAuthApplicationArgs args, CustomResourceOptions options)
type: fusionauth:FusionAuthApplication
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args FusionAuthApplicationArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args FusionAuthApplicationArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args FusionAuthApplicationArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args FusionAuthApplicationArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args FusionAuthApplicationArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

FusionAuthApplication Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The FusionAuthApplication resource accepts the following input properties:

TenantId string
AccessControlConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationAccessControlConfigurationArgs
ApplicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

AuthenticationTokenConfigurationEnabled bool

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

CleanSpeakConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationCleanSpeakConfigurationArgs
Data Dictionary<string, object>

An object that can hold any information about the Application that should be persisted.

EmailConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationEmailConfigurationArgs
FormConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationFormConfigurationArgs
JwtConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationJwtConfigurationArgs
LambdaConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationLambdaConfigurationArgs
LoginConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationLoginConfigurationArgs
MultiFactorConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationMultiFactorConfigurationArgs
Name string

The name of the Application.

OauthConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationArgs
PasswordlessConfigurationEnabled bool

Determines if passwordless login is enabled for this application.

RegistrationConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationArgs
RegistrationDeletePolicy theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationDeletePolicyArgs
Samlv2Configuration theogravity.Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationArgs
ThemeId string

The unique Id of the theme to be used to style the login page and other end user templates.

VerificationEmailTemplateId string

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

VerifyRegistration bool

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

WebhookIds List<string>

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

TenantId string
AccessControlConfiguration FusionAuthApplicationAccessControlConfigurationArgs
ApplicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

AuthenticationTokenConfigurationEnabled bool

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

CleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfigurationArgs
Data map[string]interface{}

An object that can hold any information about the Application that should be persisted.

EmailConfiguration FusionAuthApplicationEmailConfigurationArgs
FormConfiguration FusionAuthApplicationFormConfigurationArgs
JwtConfiguration FusionAuthApplicationJwtConfigurationArgs
LambdaConfiguration FusionAuthApplicationLambdaConfigurationArgs
LoginConfiguration FusionAuthApplicationLoginConfigurationArgs
MultiFactorConfiguration FusionAuthApplicationMultiFactorConfigurationArgs
Name string

The name of the Application.

OauthConfiguration FusionAuthApplicationOauthConfigurationArgs
PasswordlessConfigurationEnabled bool

Determines if passwordless login is enabled for this application.

RegistrationConfiguration FusionAuthApplicationRegistrationConfigurationArgs
RegistrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicyArgs
Samlv2Configuration FusionAuthApplicationSamlv2ConfigurationArgs
ThemeId string

The unique Id of the theme to be used to style the login page and other end user templates.

VerificationEmailTemplateId string

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

VerifyRegistration bool

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

WebhookIds []string

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

tenantId String
accessControlConfiguration FusionAuthApplicationAccessControlConfigurationArgs
applicationId String

The Id of the CleanSpeak application that usernames are sent to for moderation.

authenticationTokenConfigurationEnabled Boolean

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

cleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfigurationArgs
data Map<String,Object>

An object that can hold any information about the Application that should be persisted.

emailConfiguration FusionAuthApplicationEmailConfigurationArgs
formConfiguration FusionAuthApplicationFormConfigurationArgs
jwtConfiguration FusionAuthApplicationJwtConfigurationArgs
lambdaConfiguration FusionAuthApplicationLambdaConfigurationArgs
loginConfiguration FusionAuthApplicationLoginConfigurationArgs
multiFactorConfiguration FusionAuthApplicationMultiFactorConfigurationArgs
name String

The name of the Application.

oauthConfiguration FusionAuthApplicationOauthConfigurationArgs
passwordlessConfigurationEnabled Boolean

Determines if passwordless login is enabled for this application.

registrationConfiguration FusionAuthApplicationRegistrationConfigurationArgs
registrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicyArgs
samlv2Configuration FusionAuthApplicationSamlv2ConfigurationArgs
themeId String

The unique Id of the theme to be used to style the login page and other end user templates.

verificationEmailTemplateId String

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

verifyRegistration Boolean

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

webhookIds List<String>

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

tenantId string
accessControlConfiguration FusionAuthApplicationAccessControlConfigurationArgs
applicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

authenticationTokenConfigurationEnabled boolean

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

cleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfigurationArgs
data {[key: string]: any}

An object that can hold any information about the Application that should be persisted.

emailConfiguration FusionAuthApplicationEmailConfigurationArgs
formConfiguration FusionAuthApplicationFormConfigurationArgs
jwtConfiguration FusionAuthApplicationJwtConfigurationArgs
lambdaConfiguration FusionAuthApplicationLambdaConfigurationArgs
loginConfiguration FusionAuthApplicationLoginConfigurationArgs
multiFactorConfiguration FusionAuthApplicationMultiFactorConfigurationArgs
name string

The name of the Application.

oauthConfiguration FusionAuthApplicationOauthConfigurationArgs
passwordlessConfigurationEnabled boolean

Determines if passwordless login is enabled for this application.

registrationConfiguration FusionAuthApplicationRegistrationConfigurationArgs
registrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicyArgs
samlv2Configuration FusionAuthApplicationSamlv2ConfigurationArgs
themeId string

The unique Id of the theme to be used to style the login page and other end user templates.

verificationEmailTemplateId string

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

verifyRegistration boolean

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

webhookIds string[]

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

tenant_id str
access_control_configuration FusionAuthApplicationAccessControlConfigurationArgs
application_id str

The Id of the CleanSpeak application that usernames are sent to for moderation.

authentication_token_configuration_enabled bool

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

clean_speak_configuration FusionAuthApplicationCleanSpeakConfigurationArgs
data Mapping[str, Any]

An object that can hold any information about the Application that should be persisted.

email_configuration FusionAuthApplicationEmailConfigurationArgs
form_configuration FusionAuthApplicationFormConfigurationArgs
jwt_configuration FusionAuthApplicationJwtConfigurationArgs
lambda_configuration FusionAuthApplicationLambdaConfigurationArgs
login_configuration FusionAuthApplicationLoginConfigurationArgs
multi_factor_configuration FusionAuthApplicationMultiFactorConfigurationArgs
name str

The name of the Application.

oauth_configuration FusionAuthApplicationOauthConfigurationArgs
passwordless_configuration_enabled bool

Determines if passwordless login is enabled for this application.

registration_configuration FusionAuthApplicationRegistrationConfigurationArgs
registration_delete_policy FusionAuthApplicationRegistrationDeletePolicyArgs
samlv2_configuration FusionAuthApplicationSamlv2ConfigurationArgs
theme_id str

The unique Id of the theme to be used to style the login page and other end user templates.

verification_email_template_id str

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

verify_registration bool

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

webhook_ids Sequence[str]

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

tenantId String
accessControlConfiguration Property Map
applicationId String

The Id of the CleanSpeak application that usernames are sent to for moderation.

authenticationTokenConfigurationEnabled Boolean

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

cleanSpeakConfiguration Property Map
data Map<Any>

An object that can hold any information about the Application that should be persisted.

emailConfiguration Property Map
formConfiguration Property Map
jwtConfiguration Property Map
lambdaConfiguration Property Map
loginConfiguration Property Map
multiFactorConfiguration Property Map
name String

The name of the Application.

oauthConfiguration Property Map
passwordlessConfigurationEnabled Boolean

Determines if passwordless login is enabled for this application.

registrationConfiguration Property Map
registrationDeletePolicy Property Map
samlv2Configuration Property Map
themeId String

The unique Id of the theme to be used to style the login page and other end user templates.

verificationEmailTemplateId String

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

verifyRegistration Boolean

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

webhookIds List<String>

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

Outputs

All input properties are implicitly available as output properties. Additionally, the FusionAuthApplication resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up an Existing FusionAuthApplication Resource

Get an existing FusionAuthApplication resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FusionAuthApplicationState, opts?: CustomResourceOptions): FusionAuthApplication
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_control_configuration: Optional[FusionAuthApplicationAccessControlConfigurationArgs] = None,
        application_id: Optional[str] = None,
        authentication_token_configuration_enabled: Optional[bool] = None,
        clean_speak_configuration: Optional[FusionAuthApplicationCleanSpeakConfigurationArgs] = None,
        data: Optional[Mapping[str, Any]] = None,
        email_configuration: Optional[FusionAuthApplicationEmailConfigurationArgs] = None,
        form_configuration: Optional[FusionAuthApplicationFormConfigurationArgs] = None,
        jwt_configuration: Optional[FusionAuthApplicationJwtConfigurationArgs] = None,
        lambda_configuration: Optional[FusionAuthApplicationLambdaConfigurationArgs] = None,
        login_configuration: Optional[FusionAuthApplicationLoginConfigurationArgs] = None,
        multi_factor_configuration: Optional[FusionAuthApplicationMultiFactorConfigurationArgs] = None,
        name: Optional[str] = None,
        oauth_configuration: Optional[FusionAuthApplicationOauthConfigurationArgs] = None,
        passwordless_configuration_enabled: Optional[bool] = None,
        registration_configuration: Optional[FusionAuthApplicationRegistrationConfigurationArgs] = None,
        registration_delete_policy: Optional[FusionAuthApplicationRegistrationDeletePolicyArgs] = None,
        samlv2_configuration: Optional[FusionAuthApplicationSamlv2ConfigurationArgs] = None,
        tenant_id: Optional[str] = None,
        theme_id: Optional[str] = None,
        verification_email_template_id: Optional[str] = None,
        verify_registration: Optional[bool] = None,
        webhook_ids: Optional[Sequence[str]] = None) -> FusionAuthApplication
func GetFusionAuthApplication(ctx *Context, name string, id IDInput, state *FusionAuthApplicationState, opts ...ResourceOption) (*FusionAuthApplication, error)
public static FusionAuthApplication Get(string name, Input<string> id, FusionAuthApplicationState? state, CustomResourceOptions? opts = null)
public static FusionAuthApplication get(String name, Output<String> id, FusionAuthApplicationState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccessControlConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationAccessControlConfigurationArgs
ApplicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

AuthenticationTokenConfigurationEnabled bool

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

CleanSpeakConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationCleanSpeakConfigurationArgs
Data Dictionary<string, object>

An object that can hold any information about the Application that should be persisted.

EmailConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationEmailConfigurationArgs
FormConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationFormConfigurationArgs
JwtConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationJwtConfigurationArgs
LambdaConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationLambdaConfigurationArgs
LoginConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationLoginConfigurationArgs
MultiFactorConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationMultiFactorConfigurationArgs
Name string

The name of the Application.

OauthConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationArgs
PasswordlessConfigurationEnabled bool

Determines if passwordless login is enabled for this application.

RegistrationConfiguration theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationArgs
RegistrationDeletePolicy theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationDeletePolicyArgs
Samlv2Configuration theogravity.Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationArgs
TenantId string
ThemeId string

The unique Id of the theme to be used to style the login page and other end user templates.

VerificationEmailTemplateId string

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

VerifyRegistration bool

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

WebhookIds List<string>

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

AccessControlConfiguration FusionAuthApplicationAccessControlConfigurationArgs
ApplicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

AuthenticationTokenConfigurationEnabled bool

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

CleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfigurationArgs
Data map[string]interface{}

An object that can hold any information about the Application that should be persisted.

EmailConfiguration FusionAuthApplicationEmailConfigurationArgs
FormConfiguration FusionAuthApplicationFormConfigurationArgs
JwtConfiguration FusionAuthApplicationJwtConfigurationArgs
LambdaConfiguration FusionAuthApplicationLambdaConfigurationArgs
LoginConfiguration FusionAuthApplicationLoginConfigurationArgs
MultiFactorConfiguration FusionAuthApplicationMultiFactorConfigurationArgs
Name string

The name of the Application.

OauthConfiguration FusionAuthApplicationOauthConfigurationArgs
PasswordlessConfigurationEnabled bool

Determines if passwordless login is enabled for this application.

RegistrationConfiguration FusionAuthApplicationRegistrationConfigurationArgs
RegistrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicyArgs
Samlv2Configuration FusionAuthApplicationSamlv2ConfigurationArgs
TenantId string
ThemeId string

The unique Id of the theme to be used to style the login page and other end user templates.

VerificationEmailTemplateId string

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

VerifyRegistration bool

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

WebhookIds []string

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

accessControlConfiguration FusionAuthApplicationAccessControlConfigurationArgs
applicationId String

The Id of the CleanSpeak application that usernames are sent to for moderation.

authenticationTokenConfigurationEnabled Boolean

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

cleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfigurationArgs
data Map<String,Object>

An object that can hold any information about the Application that should be persisted.

emailConfiguration FusionAuthApplicationEmailConfigurationArgs
formConfiguration FusionAuthApplicationFormConfigurationArgs
jwtConfiguration FusionAuthApplicationJwtConfigurationArgs
lambdaConfiguration FusionAuthApplicationLambdaConfigurationArgs
loginConfiguration FusionAuthApplicationLoginConfigurationArgs
multiFactorConfiguration FusionAuthApplicationMultiFactorConfigurationArgs
name String

The name of the Application.

oauthConfiguration FusionAuthApplicationOauthConfigurationArgs
passwordlessConfigurationEnabled Boolean

Determines if passwordless login is enabled for this application.

registrationConfiguration FusionAuthApplicationRegistrationConfigurationArgs
registrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicyArgs
samlv2Configuration FusionAuthApplicationSamlv2ConfigurationArgs
tenantId String
themeId String

The unique Id of the theme to be used to style the login page and other end user templates.

verificationEmailTemplateId String

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

verifyRegistration Boolean

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

webhookIds List<String>

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

accessControlConfiguration FusionAuthApplicationAccessControlConfigurationArgs
applicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

authenticationTokenConfigurationEnabled boolean

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

cleanSpeakConfiguration FusionAuthApplicationCleanSpeakConfigurationArgs
data {[key: string]: any}

An object that can hold any information about the Application that should be persisted.

emailConfiguration FusionAuthApplicationEmailConfigurationArgs
formConfiguration FusionAuthApplicationFormConfigurationArgs
jwtConfiguration FusionAuthApplicationJwtConfigurationArgs
lambdaConfiguration FusionAuthApplicationLambdaConfigurationArgs
loginConfiguration FusionAuthApplicationLoginConfigurationArgs
multiFactorConfiguration FusionAuthApplicationMultiFactorConfigurationArgs
name string

The name of the Application.

oauthConfiguration FusionAuthApplicationOauthConfigurationArgs
passwordlessConfigurationEnabled boolean

Determines if passwordless login is enabled for this application.

registrationConfiguration FusionAuthApplicationRegistrationConfigurationArgs
registrationDeletePolicy FusionAuthApplicationRegistrationDeletePolicyArgs
samlv2Configuration FusionAuthApplicationSamlv2ConfigurationArgs
tenantId string
themeId string

The unique Id of the theme to be used to style the login page and other end user templates.

verificationEmailTemplateId string

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

verifyRegistration boolean

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

webhookIds string[]

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

access_control_configuration FusionAuthApplicationAccessControlConfigurationArgs
application_id str

The Id of the CleanSpeak application that usernames are sent to for moderation.

authentication_token_configuration_enabled bool

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

clean_speak_configuration FusionAuthApplicationCleanSpeakConfigurationArgs
data Mapping[str, Any]

An object that can hold any information about the Application that should be persisted.

email_configuration FusionAuthApplicationEmailConfigurationArgs
form_configuration FusionAuthApplicationFormConfigurationArgs
jwt_configuration FusionAuthApplicationJwtConfigurationArgs
lambda_configuration FusionAuthApplicationLambdaConfigurationArgs
login_configuration FusionAuthApplicationLoginConfigurationArgs
multi_factor_configuration FusionAuthApplicationMultiFactorConfigurationArgs
name str

The name of the Application.

oauth_configuration FusionAuthApplicationOauthConfigurationArgs
passwordless_configuration_enabled bool

Determines if passwordless login is enabled for this application.

registration_configuration FusionAuthApplicationRegistrationConfigurationArgs
registration_delete_policy FusionAuthApplicationRegistrationDeletePolicyArgs
samlv2_configuration FusionAuthApplicationSamlv2ConfigurationArgs
tenant_id str
theme_id str

The unique Id of the theme to be used to style the login page and other end user templates.

verification_email_template_id str

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

verify_registration bool

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

webhook_ids Sequence[str]

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

accessControlConfiguration Property Map
applicationId String

The Id of the CleanSpeak application that usernames are sent to for moderation.

authenticationTokenConfigurationEnabled Boolean

Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.

cleanSpeakConfiguration Property Map
data Map<Any>

An object that can hold any information about the Application that should be persisted.

emailConfiguration Property Map
formConfiguration Property Map
jwtConfiguration Property Map
lambdaConfiguration Property Map
loginConfiguration Property Map
multiFactorConfiguration Property Map
name String

The name of the Application.

oauthConfiguration Property Map
passwordlessConfigurationEnabled Boolean

Determines if passwordless login is enabled for this application.

registrationConfiguration Property Map
registrationDeletePolicy Property Map
samlv2Configuration Property Map
tenantId String
themeId String

The unique Id of the theme to be used to style the login page and other end user templates.

verificationEmailTemplateId String

The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.

verifyRegistration Boolean

Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.

webhookIds List<String>

An array of Webhook Ids. For Webhooks that are not already configured for All Applications, specifying an Id on this request will indicate the associated Webhook should handle events for this application.

Supporting Types

FusionAuthApplicationAccessControlConfiguration

UiIpAccessControlListId string

The Id of the IP Access Control List limiting access to this application.

UiIpAccessControlListId string

The Id of the IP Access Control List limiting access to this application.

uiIpAccessControlListId String

The Id of the IP Access Control List limiting access to this application.

uiIpAccessControlListId string

The Id of the IP Access Control List limiting access to this application.

ui_ip_access_control_list_id str

The Id of the IP Access Control List limiting access to this application.

uiIpAccessControlListId String

The Id of the IP Access Control List limiting access to this application.

FusionAuthApplicationCleanSpeakConfiguration

ApplicationIds List<string>

An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.

UsernameModeration theogravity.Fusionauth.Inputs.FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
ApplicationIds []string

An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.

UsernameModeration FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
applicationIds List<String>

An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.

usernameModeration FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
applicationIds string[]

An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.

usernameModeration FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
application_ids Sequence[str]

An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.

username_moderation FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
applicationIds List<String>

An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.

usernameModeration Property Map

FusionAuthApplicationCleanSpeakConfigurationUsernameModeration

ApplicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

ApplicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

applicationId String

The Id of the CleanSpeak application that usernames are sent to for moderation.

enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

applicationId string

The Id of the CleanSpeak application that usernames are sent to for moderation.

enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

application_id str

The Id of the CleanSpeak application that usernames are sent to for moderation.

enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

applicationId String

The Id of the CleanSpeak application that usernames are sent to for moderation.

enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

FusionAuthApplicationEmailConfiguration

EmailUpdateTemplateId string

The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

EmailVerificationTemplateId string

The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

EmailVerifiedTemplateId string

The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

ForgotPasswordTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

LoginIdInUseOnCreateTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

LoginIdInUseOnUpdateTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

LoginNewDeviceTemplateId string

The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

LoginSuspiciousTemplateId string

The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

PasswordResetSuccessTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

PasswordUpdateTemplateId string

The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

PasswordlessEmailTemplateId string

The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

SetPasswordEmailTemplateId string

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

TwoFactorMethodAddTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

TwoFactorMethodRemoveTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

EmailUpdateTemplateId string

The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

EmailVerificationTemplateId string

The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

EmailVerifiedTemplateId string

The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

ForgotPasswordTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

LoginIdInUseOnCreateTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

LoginIdInUseOnUpdateTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

LoginNewDeviceTemplateId string

The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

LoginSuspiciousTemplateId string

The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

PasswordResetSuccessTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

PasswordUpdateTemplateId string

The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

PasswordlessEmailTemplateId string

The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

SetPasswordEmailTemplateId string

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

TwoFactorMethodAddTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

TwoFactorMethodRemoveTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailUpdateTemplateId String

The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailVerificationTemplateId String

The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailVerifiedTemplateId String

The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

forgotPasswordTemplateId String

The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginIdInUseOnCreateTemplateId String

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginIdInUseOnUpdateTemplateId String

The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginNewDeviceTemplateId String

The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginSuspiciousTemplateId String

The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordResetSuccessTemplateId String

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordUpdateTemplateId String

The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordlessEmailTemplateId String

The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

setPasswordEmailTemplateId String

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

twoFactorMethodAddTemplateId String

The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

twoFactorMethodRemoveTemplateId String

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailUpdateTemplateId string

The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailVerificationTemplateId string

The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailVerifiedTemplateId string

The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

forgotPasswordTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginIdInUseOnCreateTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginIdInUseOnUpdateTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginNewDeviceTemplateId string

The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginSuspiciousTemplateId string

The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordResetSuccessTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordUpdateTemplateId string

The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordlessEmailTemplateId string

The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

setPasswordEmailTemplateId string

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

twoFactorMethodAddTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

twoFactorMethodRemoveTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

email_update_template_id str

The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

email_verification_template_id str

The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

email_verified_template_id str

The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

forgot_password_template_id str

The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

login_id_in_use_on_create_template_id str

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

login_id_in_use_on_update_template_id str

The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

login_new_device_template_id str

The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

login_suspicious_template_id str

The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

password_reset_success_template_id str

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

password_update_template_id str

The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordless_email_template_id str

The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

set_password_email_template_id str

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

two_factor_method_add_template_id str

The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

two_factor_method_remove_template_id str

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailUpdateTemplateId String

The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailVerificationTemplateId String

The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

emailVerifiedTemplateId String

The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

forgotPasswordTemplateId String

The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginIdInUseOnCreateTemplateId String

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginIdInUseOnUpdateTemplateId String

The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginNewDeviceTemplateId String

The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

loginSuspiciousTemplateId String

The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordResetSuccessTemplateId String

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordUpdateTemplateId String

The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

passwordlessEmailTemplateId String

The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

setPasswordEmailTemplateId String

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

twoFactorMethodAddTemplateId String

The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

twoFactorMethodRemoveTemplateId String

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.

FusionAuthApplicationFormConfiguration

AdminRegistrationFormId string

The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.

SelfServiceFormId string

The unique Id of the form to to enable authenticated users to manage their profile on the account page.

AdminRegistrationFormId string

The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.

SelfServiceFormId string

The unique Id of the form to to enable authenticated users to manage their profile on the account page.

adminRegistrationFormId String

The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.

selfServiceFormId String

The unique Id of the form to to enable authenticated users to manage their profile on the account page.

adminRegistrationFormId string

The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.

selfServiceFormId string

The unique Id of the form to to enable authenticated users to manage their profile on the account page.

admin_registration_form_id str

The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.

self_service_form_id str

The unique Id of the form to to enable authenticated users to manage their profile on the account page.

adminRegistrationFormId String

The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.

selfServiceFormId String

The unique Id of the form to to enable authenticated users to manage their profile on the account page.

FusionAuthApplicationJwtConfiguration

AccessTokenId string

The Id of the signing key used to sign the access token.

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

IdTokenKeyId string

The Id of the signing key used to sign the Id token.

RefreshTokenTtlMinutes int

The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.

TtlSeconds int

The length of time in seconds the JWT will live before it is expired and no longer valid.

AccessTokenId string

The Id of the signing key used to sign the access token.

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

IdTokenKeyId string

The Id of the signing key used to sign the Id token.

RefreshTokenTtlMinutes int

The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.

TtlSeconds int

The length of time in seconds the JWT will live before it is expired and no longer valid.

accessTokenId String

The Id of the signing key used to sign the access token.

enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

idTokenKeyId String

The Id of the signing key used to sign the Id token.

refreshTokenTtlMinutes Integer

The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.

ttlSeconds Integer

The length of time in seconds the JWT will live before it is expired and no longer valid.

accessTokenId string

The Id of the signing key used to sign the access token.

enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

idTokenKeyId string

The Id of the signing key used to sign the Id token.

refreshTokenTtlMinutes number

The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.

ttlSeconds number

The length of time in seconds the JWT will live before it is expired and no longer valid.

access_token_id str

The Id of the signing key used to sign the access token.

enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

id_token_key_id str

The Id of the signing key used to sign the Id token.

refresh_token_ttl_minutes int

The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.

ttl_seconds int

The length of time in seconds the JWT will live before it is expired and no longer valid.

accessTokenId String

The Id of the signing key used to sign the access token.

enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

idTokenKeyId String

The Id of the signing key used to sign the Id token.

refreshTokenTtlMinutes Number

The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.

ttlSeconds Number

The length of time in seconds the JWT will live before it is expired and no longer valid.

FusionAuthApplicationLambdaConfiguration

AccessTokenPopulateId string

The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.

IdTokenPopulateId string

The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.

Samlv2PopulateId string

The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.

AccessTokenPopulateId string

The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.

IdTokenPopulateId string

The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.

Samlv2PopulateId string

The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.

accessTokenPopulateId String

The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.

idTokenPopulateId String

The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.

samlv2PopulateId String

The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.

accessTokenPopulateId string

The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.

idTokenPopulateId string

The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.

samlv2PopulateId string

The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.

access_token_populate_id str

The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.

id_token_populate_id str

The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.

samlv2_populate_id str

The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.

accessTokenPopulateId String

The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.

idTokenPopulateId String

The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.

samlv2PopulateId String

The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.

FusionAuthApplicationLoginConfiguration

AllowTokenRefresh bool

Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.

GenerateRefreshTokens bool

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

RequireAuthentication bool

Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.

AllowTokenRefresh bool

Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.

GenerateRefreshTokens bool

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

RequireAuthentication bool

Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.

allowTokenRefresh Boolean

Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.

generateRefreshTokens Boolean

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

requireAuthentication Boolean

Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.

allowTokenRefresh boolean

Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.

generateRefreshTokens boolean

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

requireAuthentication boolean

Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.

allow_token_refresh bool

Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.

generate_refresh_tokens bool

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

require_authentication bool

Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.

allowTokenRefresh Boolean

Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.

generateRefreshTokens Boolean

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

requireAuthentication Boolean

Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.

FusionAuthApplicationMultiFactorConfiguration

EmailTemplateId string

The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.

SmsTemplateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

EmailTemplateId string

The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.

SmsTemplateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

emailTemplateId String

The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.

smsTemplateId String

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

emailTemplateId string

The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.

smsTemplateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

email_template_id str

The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.

sms_template_id str

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

emailTemplateId String

The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.

smsTemplateId String

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

FusionAuthApplicationOauthConfiguration

AuthorizedOriginUrls List<string>

An array of URLs that are the authorized origins for FusionAuth OAuth.

AuthorizedRedirectUrls List<string>

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

ClientAuthenticationPolicy string

Determines the client authentication requirements for the OAuth 2.0 Token endpoint.

ClientSecret string

The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.

Debug bool

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

DeviceVerificationUrl string

The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.

EnabledGrants List<string>

The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.

GenerateRefreshTokens bool

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

LogoutBehavior string

Behavior when /oauth2/logout is called.

LogoutUrl string

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

ProofKeyForCodeExchangePolicy string

Determines the PKCE requirements when using the authorization code grant.

RequireClientAuthentication bool

Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

Deprecated:

In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

RequireRegistration bool

When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.

AuthorizedOriginUrls []string

An array of URLs that are the authorized origins for FusionAuth OAuth.

AuthorizedRedirectUrls []string

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

ClientAuthenticationPolicy string

Determines the client authentication requirements for the OAuth 2.0 Token endpoint.

ClientSecret string

The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.

Debug bool

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

DeviceVerificationUrl string

The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.

EnabledGrants []string

The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.

GenerateRefreshTokens bool

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

LogoutBehavior string

Behavior when /oauth2/logout is called.

LogoutUrl string

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

ProofKeyForCodeExchangePolicy string

Determines the PKCE requirements when using the authorization code grant.

RequireClientAuthentication bool

Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

Deprecated:

In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

RequireRegistration bool

When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.

authorizedOriginUrls List<String>

An array of URLs that are the authorized origins for FusionAuth OAuth.

authorizedRedirectUrls List<String>

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

clientAuthenticationPolicy String

Determines the client authentication requirements for the OAuth 2.0 Token endpoint.

clientSecret String

The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.

debug Boolean

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

deviceVerificationUrl String

The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.

enabledGrants List<String>

The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.

generateRefreshTokens Boolean

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

logoutBehavior String

Behavior when /oauth2/logout is called.

logoutUrl String

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

proofKeyForCodeExchangePolicy String

Determines the PKCE requirements when using the authorization code grant.

requireClientAuthentication Boolean

Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

Deprecated:

In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

requireRegistration Boolean

When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.

authorizedOriginUrls string[]

An array of URLs that are the authorized origins for FusionAuth OAuth.

authorizedRedirectUrls string[]

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

clientAuthenticationPolicy string

Determines the client authentication requirements for the OAuth 2.0 Token endpoint.

clientSecret string

The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.

debug boolean

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

deviceVerificationUrl string

The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.

enabledGrants string[]

The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.

generateRefreshTokens boolean

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

logoutBehavior string

Behavior when /oauth2/logout is called.

logoutUrl string

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

proofKeyForCodeExchangePolicy string

Determines the PKCE requirements when using the authorization code grant.

requireClientAuthentication boolean

Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

Deprecated:

In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

requireRegistration boolean

When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.

authorized_origin_urls Sequence[str]

An array of URLs that are the authorized origins for FusionAuth OAuth.

authorized_redirect_urls Sequence[str]

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

client_authentication_policy str

Determines the client authentication requirements for the OAuth 2.0 Token endpoint.

client_secret str

The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.

debug bool

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

device_verification_url str

The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.

enabled_grants Sequence[str]

The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.

generate_refresh_tokens bool

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

logout_behavior str

Behavior when /oauth2/logout is called.

logout_url str

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

proof_key_for_code_exchange_policy str

Determines the PKCE requirements when using the authorization code grant.

require_client_authentication bool

Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

Deprecated:

In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

require_registration bool

When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.

authorizedOriginUrls List<String>

An array of URLs that are the authorized origins for FusionAuth OAuth.

authorizedRedirectUrls List<String>

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

clientAuthenticationPolicy String

Determines the client authentication requirements for the OAuth 2.0 Token endpoint.

clientSecret String

The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.

debug Boolean

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

deviceVerificationUrl String

The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.

enabledGrants List<String>

The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.

generateRefreshTokens Boolean

Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.

logoutBehavior String

Behavior when /oauth2/logout is called.

logoutUrl String

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

proofKeyForCodeExchangePolicy String

Determines the PKCE requirements when using the authorization code grant.

requireClientAuthentication Boolean

Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.

Deprecated:

In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.

requireRegistration Boolean

When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.

FusionAuthApplicationRegistrationConfiguration

BirthDate theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationBirthDate
ConfirmPassword bool
Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

FirstName theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFirstName
FormId string

The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.

FullName theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFullName
LastName theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationLastName
LoginIdType string

The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.

MiddleName theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMiddleName
MobilePhone theogravity.Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMobilePhone
Type string

The type of registration flow.

BirthDate FusionAuthApplicationRegistrationConfigurationBirthDate
ConfirmPassword bool
Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

FirstName FusionAuthApplicationRegistrationConfigurationFirstName
FormId string

The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.

FullName FusionAuthApplicationRegistrationConfigurationFullName
LastName FusionAuthApplicationRegistrationConfigurationLastName
LoginIdType string

The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.

MiddleName FusionAuthApplicationRegistrationConfigurationMiddleName
MobilePhone FusionAuthApplicationRegistrationConfigurationMobilePhone
Type string

The type of registration flow.

birthDate FusionAuthApplicationRegistrationConfigurationBirthDate
confirmPassword Boolean
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

firstName FusionAuthApplicationRegistrationConfigurationFirstName
formId String

The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.

fullName FusionAuthApplicationRegistrationConfigurationFullName
lastName FusionAuthApplicationRegistrationConfigurationLastName
loginIdType String

The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.

middleName FusionAuthApplicationRegistrationConfigurationMiddleName
mobilePhone FusionAuthApplicationRegistrationConfigurationMobilePhone
type String

The type of registration flow.

birthDate FusionAuthApplicationRegistrationConfigurationBirthDate
confirmPassword boolean
enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

firstName FusionAuthApplicationRegistrationConfigurationFirstName
formId string

The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.

fullName FusionAuthApplicationRegistrationConfigurationFullName
lastName FusionAuthApplicationRegistrationConfigurationLastName
loginIdType string

The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.

middleName FusionAuthApplicationRegistrationConfigurationMiddleName
mobilePhone FusionAuthApplicationRegistrationConfigurationMobilePhone
type string

The type of registration flow.

birth_date FusionAuthApplicationRegistrationConfigurationBirthDate
confirm_password bool
enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

first_name FusionAuthApplicationRegistrationConfigurationFirstName
form_id str

The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.

full_name FusionAuthApplicationRegistrationConfigurationFullName
last_name FusionAuthApplicationRegistrationConfigurationLastName
login_id_type str

The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.

middle_name FusionAuthApplicationRegistrationConfigurationMiddleName
mobile_phone FusionAuthApplicationRegistrationConfigurationMobilePhone
type str

The type of registration flow.

birthDate Property Map
confirmPassword Boolean
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

firstName Property Map
formId String

The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.

fullName Property Map
lastName Property Map
loginIdType String

The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.

middleName Property Map
mobilePhone Property Map
type String

The type of registration flow.

FusionAuthApplicationRegistrationConfigurationBirthDate

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean
enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required boolean
enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean

FusionAuthApplicationRegistrationConfigurationFirstName

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean
enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required boolean
enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean

FusionAuthApplicationRegistrationConfigurationFullName

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean
enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required boolean
enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean

FusionAuthApplicationRegistrationConfigurationLastName

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean
enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required boolean
enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean

FusionAuthApplicationRegistrationConfigurationMiddleName

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean
enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required boolean
enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean

FusionAuthApplicationRegistrationConfigurationMobilePhone

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

Required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean
enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required boolean
enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

required bool
enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

required Boolean

FusionAuthApplicationRegistrationDeletePolicy

UnverifiedEnabled bool

Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.

UnverifiedNumberOfDaysToRetain int

The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.

UnverifiedEnabled bool

Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.

UnverifiedNumberOfDaysToRetain int

The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.

unverifiedEnabled Boolean

Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.

unverifiedNumberOfDaysToRetain Integer

The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.

unverifiedEnabled boolean

Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.

unverifiedNumberOfDaysToRetain number

The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.

unverified_enabled bool

Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.

unverified_number_of_days_to_retain int

The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.

unverifiedEnabled Boolean

Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.

unverifiedNumberOfDaysToRetain Number

The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.

FusionAuthApplicationSamlv2Configuration

AuthorizedRedirectUrls List<string>

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

Issuer string

The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.

Audience string

The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.

CallbackUrl string

The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

Deprecated:

In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

Debug bool

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

DefaultVerificationKeyId string

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

KeyId string

The unique Id of the Key used to sign the SAML Single Logout response.

Logout theogravity.Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationLogout
LogoutUrl string

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

RequiredSignedRequests bool

If set to true, will force verification through the key store.

XmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

XmlSignatureLocation string

The location to place the XML signature when signing a successful SAML response.

AuthorizedRedirectUrls []string

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

Issuer string

The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.

Audience string

The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.

CallbackUrl string

The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

Deprecated:

In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

Debug bool

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

DefaultVerificationKeyId string

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

KeyId string

The unique Id of the Key used to sign the SAML Single Logout response.

Logout FusionAuthApplicationSamlv2ConfigurationLogout
LogoutUrl string

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

RequiredSignedRequests bool

If set to true, will force verification through the key store.

XmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

XmlSignatureLocation string

The location to place the XML signature when signing a successful SAML response.

authorizedRedirectUrls List<String>

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

issuer String

The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.

audience String

The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.

callbackUrl String

The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

Deprecated:

In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

debug Boolean

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

defaultVerificationKeyId String

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

keyId String

The unique Id of the Key used to sign the SAML Single Logout response.

logout FusionAuthApplicationSamlv2ConfigurationLogout
logoutUrl String

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

requiredSignedRequests Boolean

If set to true, will force verification through the key store.

xmlSignatureCanonicalizationMethod String

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

xmlSignatureLocation String

The location to place the XML signature when signing a successful SAML response.

authorizedRedirectUrls string[]

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

issuer string

The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.

audience string

The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.

callbackUrl string

The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

Deprecated:

In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

debug boolean

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

defaultVerificationKeyId string

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

keyId string

The unique Id of the Key used to sign the SAML Single Logout response.

logout FusionAuthApplicationSamlv2ConfigurationLogout
logoutUrl string

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

requiredSignedRequests boolean

If set to true, will force verification through the key store.

xmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

xmlSignatureLocation string

The location to place the XML signature when signing a successful SAML response.

authorized_redirect_urls Sequence[str]

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

issuer str

The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.

audience str

The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.

callback_url str

The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

Deprecated:

In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

debug bool

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

default_verification_key_id str

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

key_id str

The unique Id of the Key used to sign the SAML Single Logout response.

logout FusionAuthApplicationSamlv2ConfigurationLogout
logout_url str

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

required_signed_requests bool

If set to true, will force verification through the key store.

xml_signature_canonicalization_method str

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

xml_signature_location str

The location to place the XML signature when signing a successful SAML response.

authorizedRedirectUrls List<String>

An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.

issuer String

The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.

audience String

The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.

callbackUrl String

The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.

Deprecated:

In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.

debug Boolean

Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.

defaultVerificationKeyId String

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

keyId String

The unique Id of the Key used to sign the SAML Single Logout response.

logout Property Map
logoutUrl String

The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.

requiredSignedRequests Boolean

If set to true, will force verification through the key store.

xmlSignatureCanonicalizationMethod String

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

xmlSignatureLocation String

The location to place the XML signature when signing a successful SAML response.

FusionAuthApplicationSamlv2ConfigurationLogout

Behavior string

This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.

DefaultVerificationKeyId string

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

KeyId string

The unique Id of the Key used to sign the SAML Single Logout response.

RequireSignedRequests bool

Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.

SingleLogout theogravity.Fusionauth.Inputs.FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
XmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

Behavior string

This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.

DefaultVerificationKeyId string

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

KeyId string

The unique Id of the Key used to sign the SAML Single Logout response.

RequireSignedRequests bool

Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.

SingleLogout FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
XmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

behavior String

This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.

defaultVerificationKeyId String

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

keyId String

The unique Id of the Key used to sign the SAML Single Logout response.

requireSignedRequests Boolean

Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.

singleLogout FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
xmlSignatureCanonicalizationMethod String

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

behavior string

This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.

defaultVerificationKeyId string

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

keyId string

The unique Id of the Key used to sign the SAML Single Logout response.

requireSignedRequests boolean

Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.

singleLogout FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
xmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

behavior str

This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.

default_verification_key_id str

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

key_id str

The unique Id of the Key used to sign the SAML Single Logout response.

require_signed_requests bool

Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.

single_logout FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
xml_signature_canonicalization_method str

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

behavior String

This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.

defaultVerificationKeyId String

The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.

keyId String

The unique Id of the Key used to sign the SAML Single Logout response.

requireSignedRequests Boolean

Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.

singleLogout Property Map
xmlSignatureCanonicalizationMethod String

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

KeyId string

The unique Id of the Key used to sign the SAML Single Logout response.

Url string

The URL at which you want to receive the LogoutRequest from FusionAuth.

XmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

Enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

KeyId string

The unique Id of the Key used to sign the SAML Single Logout response.

Url string

The URL at which you want to receive the LogoutRequest from FusionAuth.

XmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

keyId String

The unique Id of the Key used to sign the SAML Single Logout response.

url String

The URL at which you want to receive the LogoutRequest from FusionAuth.

xmlSignatureCanonicalizationMethod String

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

enabled boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

keyId string

The unique Id of the Key used to sign the SAML Single Logout response.

url string

The URL at which you want to receive the LogoutRequest from FusionAuth.

xmlSignatureCanonicalizationMethod string

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

enabled bool

Whether or not SAML Single Logout for this SAML IdP is enabled.

key_id str

The unique Id of the Key used to sign the SAML Single Logout response.

url str

The URL at which you want to receive the LogoutRequest from FusionAuth.

xml_signature_canonicalization_method str

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

enabled Boolean

Whether or not SAML Single Logout for this SAML IdP is enabled.

keyId String

The unique Id of the Key used to sign the SAML Single Logout response.

url String

The URL at which you want to receive the LogoutRequest from FusionAuth.

xmlSignatureCanonicalizationMethod String

The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.

Package Details

Repository
https://github.com/theogravity/pulumi-fusionauth
License
MIT
Notes

This Pulumi package is based on the fusionauth Terraform Provider.