Docs
Packages
FusionAuth v2.17.0, Mar 24 23
FusionAuth v2.17.0, Mar 24 23
fusionauth.FusionAuthApplication
Explore with Pulumi AI
# Application Resource
Example Usage
using System.Collections.Generic;
using Pulumi;
using Fusionauth = theogravity.Fusionauth;
return await Deployment.RunAsync(() =>
{
var forum = new Fusionauth.FusionAuthApplication("forum", new()
{
TenantId = fusionauth_tenant.Portal.Id,
AuthenticationTokenConfigurationEnabled = false,
FormConfiguration = new Fusionauth.Inputs.FusionAuthApplicationFormConfigurationArgs
{
AdminRegistrationFormId = fusionauth_form.Admin_registration.Id,
SelfServiceFormId = fusionauth_form.Self_service.Id,
},
JwtConfiguration = new Fusionauth.Inputs.FusionAuthApplicationJwtConfigurationArgs
{
AccessTokenId = fusionauth_key.Access_token.Id,
Enabled = true,
IdTokenKeyId = fusionauth_key.Id_token.Id,
RefreshTokenTtlMinutes = 43200,
TtlSeconds = 3600,
},
LambdaConfiguration = new Fusionauth.Inputs.FusionAuthApplicationLambdaConfigurationArgs
{
AccessTokenPopulateId = fusionauth_lambda.Token_populate.Id,
IdTokenPopulateId = fusionauth_lambda.Id_token_populate.Id,
},
LoginConfiguration = new Fusionauth.Inputs.FusionAuthApplicationLoginConfigurationArgs
{
AllowTokenRefresh = false,
GenerateRefreshTokens = false,
RequireAuthentication = true,
},
OauthConfiguration = new Fusionauth.Inputs.FusionAuthApplicationOauthConfigurationArgs
{
AuthorizedOriginUrls = new[]
{
"http://www.example.com/oauth-callback",
},
EnabledGrants = new[]
{
"authorization_code",
"implicit",
},
GenerateRefreshTokens = false,
LogoutBehavior = "AllApplications",
LogoutUrl = "http://www.example.com/logout",
RequireClientAuthentication = false,
},
RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationArgs
{
BirthDate = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationBirthDateArgs
{
Enabled = false,
Required = false,
},
ConfirmPassword = false,
Enabled = false,
FirstName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFirstNameArgs
{
Enabled = false,
Required = false,
},
FullName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationFullNameArgs
{
Enabled = false,
Required = false,
},
LastName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationLastNameArgs
{
Enabled = false,
Required = false,
},
LoginIdType = "",
MiddleName = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs
{
Enabled = false,
Required = false,
},
MobilePhone = new Fusionauth.Inputs.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs
{
Enabled = false,
Required = false,
},
Type = "",
},
PasswordlessConfigurationEnabled = false,
RegistrationDeletePolicy = new Fusionauth.Inputs.FusionAuthApplicationRegistrationDeletePolicyArgs
{
UnverifiedEnabled = true,
UnverifiedNumberOfDaysToRetain = 30,
},
});
});
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/theogravity/pulumi-fusionauth/sdk/v2/go/fusionauth"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := fusionauth.NewFusionAuthApplication(ctx, "forum", &fusionauth.FusionAuthApplicationArgs{
TenantId: pulumi.Any(fusionauth_tenant.Portal.Id),
AuthenticationTokenConfigurationEnabled: pulumi.Bool(false),
FormConfiguration: &fusionauth.FusionAuthApplicationFormConfigurationArgs{
AdminRegistrationFormId: pulumi.Any(fusionauth_form.Admin_registration.Id),
SelfServiceFormId: pulumi.Any(fusionauth_form.Self_service.Id),
},
JwtConfiguration: &fusionauth.FusionAuthApplicationJwtConfigurationArgs{
AccessTokenId: pulumi.Any(fusionauth_key.Access_token.Id),
Enabled: pulumi.Bool(true),
IdTokenKeyId: pulumi.Any(fusionauth_key.Id_token.Id),
RefreshTokenTtlMinutes: pulumi.Int(43200),
TtlSeconds: pulumi.Int(3600),
},
LambdaConfiguration: &fusionauth.FusionAuthApplicationLambdaConfigurationArgs{
AccessTokenPopulateId: pulumi.Any(fusionauth_lambda.Token_populate.Id),
IdTokenPopulateId: pulumi.Any(fusionauth_lambda.Id_token_populate.Id),
},
LoginConfiguration: &fusionauth.FusionAuthApplicationLoginConfigurationArgs{
AllowTokenRefresh: pulumi.Bool(false),
GenerateRefreshTokens: pulumi.Bool(false),
RequireAuthentication: pulumi.Bool(true),
},
OauthConfiguration: &fusionauth.FusionAuthApplicationOauthConfigurationArgs{
AuthorizedOriginUrls: pulumi.StringArray{
pulumi.String("http://www.example.com/oauth-callback"),
},
EnabledGrants: pulumi.StringArray{
pulumi.String("authorization_code"),
pulumi.String("implicit"),
},
GenerateRefreshTokens: pulumi.Bool(false),
LogoutBehavior: pulumi.String("AllApplications"),
LogoutUrl: pulumi.String("http://www.example.com/logout"),
RequireClientAuthentication: pulumi.Bool(false),
},
RegistrationConfiguration: &fusionauth.FusionAuthApplicationRegistrationConfigurationArgs{
BirthDate: &fusionauth.FusionAuthApplicationRegistrationConfigurationBirthDateArgs{
Enabled: pulumi.Bool(false),
Required: pulumi.Bool(false),
},
ConfirmPassword: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
FirstName: &fusionauth.FusionAuthApplicationRegistrationConfigurationFirstNameArgs{
Enabled: pulumi.Bool(false),
Required: pulumi.Bool(false),
},
FullName: &fusionauth.FusionAuthApplicationRegistrationConfigurationFullNameArgs{
Enabled: pulumi.Bool(false),
Required: pulumi.Bool(false),
},
LastName: &fusionauth.FusionAuthApplicationRegistrationConfigurationLastNameArgs{
Enabled: pulumi.Bool(false),
Required: pulumi.Bool(false),
},
LoginIdType: pulumi.String(""),
MiddleName: &fusionauth.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs{
Enabled: pulumi.Bool(false),
Required: pulumi.Bool(false),
},
MobilePhone: &fusionauth.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs{
Enabled: pulumi.Bool(false),
Required: pulumi.Bool(false),
},
Type: pulumi.String(""),
},
PasswordlessConfigurationEnabled: pulumi.Bool(false),
RegistrationDeletePolicy: &fusionauth.FusionAuthApplicationRegistrationDeletePolicyArgs{
UnverifiedEnabled: pulumi.Bool(true),
UnverifiedNumberOfDaysToRetain: pulumi.Int(30),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fusionauth.FusionAuthApplication;
import com.pulumi.fusionauth.FusionAuthApplicationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationFormConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationJwtConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationLambdaConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationLoginConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationOauthConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationBirthDateArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationFirstNameArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationFullNameArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationLastNameArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs;
import com.pulumi.fusionauth.inputs.FusionAuthApplicationRegistrationDeletePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var forum = new FusionAuthApplication("forum", FusionAuthApplicationArgs.builder()
.tenantId(fusionauth_tenant.portal().id())
.authenticationTokenConfigurationEnabled(false)
.formConfiguration(FusionAuthApplicationFormConfigurationArgs.builder()
.adminRegistrationFormId(fusionauth_form.admin_registration().id())
.selfServiceFormId(fusionauth_form.self_service().id())
.build())
.jwtConfiguration(FusionAuthApplicationJwtConfigurationArgs.builder()
.accessTokenId(fusionauth_key.access_token().id())
.enabled(true)
.idTokenKeyId(fusionauth_key.id_token().id())
.refreshTokenTtlMinutes(43200)
.ttlSeconds(3600)
.build())
.lambdaConfiguration(FusionAuthApplicationLambdaConfigurationArgs.builder()
.accessTokenPopulateId(fusionauth_lambda.token_populate().id())
.idTokenPopulateId(fusionauth_lambda.id_token_populate().id())
.build())
.loginConfiguration(FusionAuthApplicationLoginConfigurationArgs.builder()
.allowTokenRefresh(false)
.generateRefreshTokens(false)
.requireAuthentication(true)
.build())
.oauthConfiguration(FusionAuthApplicationOauthConfigurationArgs.builder()
.authorizedOriginUrls("http://www.example.com/oauth-callback")
.enabledGrants(
"authorization_code",
"implicit")
.generateRefreshTokens(false)
.logoutBehavior("AllApplications")
.logoutUrl("http://www.example.com/logout")
.requireClientAuthentication(false)
.build())
.registrationConfiguration(FusionAuthApplicationRegistrationConfigurationArgs.builder()
.birthDate(FusionAuthApplicationRegistrationConfigurationBirthDateArgs.builder()
.enabled(false)
.required(false)
.build())
.confirmPassword(false)
.enabled(false)
.firstName(FusionAuthApplicationRegistrationConfigurationFirstNameArgs.builder()
.enabled(false)
.required(false)
.build())
.fullName(FusionAuthApplicationRegistrationConfigurationFullNameArgs.builder()
.enabled(false)
.required(false)
.build())
.lastName(FusionAuthApplicationRegistrationConfigurationLastNameArgs.builder()
.enabled(false)
.required(false)
.build())
.loginIdType("")
.middleName(FusionAuthApplicationRegistrationConfigurationMiddleNameArgs.builder()
.enabled(false)
.required(false)
.build())
.mobilePhone(FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs.builder()
.enabled(false)
.required(false)
.build())
.type("")
.build())
.passwordlessConfigurationEnabled(false)
.registrationDeletePolicy(FusionAuthApplicationRegistrationDeletePolicyArgs.builder()
.unverifiedEnabled(true)
.unverifiedNumberOfDaysToRetain(30)
.build())
.build());
}
}
import pulumi
import theogravity_pulumi-fusionauth as fusionauth
forum = fusionauth.FusionAuthApplication("forum",
tenant_id=fusionauth_tenant["portal"]["id"],
authentication_token_configuration_enabled=False,
form_configuration=fusionauth.FusionAuthApplicationFormConfigurationArgs(
admin_registration_form_id=fusionauth_form["admin_registration"]["id"],
self_service_form_id=fusionauth_form["self_service"]["id"],
),
jwt_configuration=fusionauth.FusionAuthApplicationJwtConfigurationArgs(
access_token_id=fusionauth_key["access_token"]["id"],
enabled=True,
id_token_key_id=fusionauth_key["id_token"]["id"],
refresh_token_ttl_minutes=43200,
ttl_seconds=3600,
),
lambda_configuration=fusionauth.FusionAuthApplicationLambdaConfigurationArgs(
access_token_populate_id=fusionauth_lambda["token_populate"]["id"],
id_token_populate_id=fusionauth_lambda["id_token_populate"]["id"],
),
login_configuration=fusionauth.FusionAuthApplicationLoginConfigurationArgs(
allow_token_refresh=False,
generate_refresh_tokens=False,
require_authentication=True,
),
oauth_configuration=fusionauth.FusionAuthApplicationOauthConfigurationArgs(
authorized_origin_urls=["http://www.example.com/oauth-callback"],
enabled_grants=[
"authorization_code",
"implicit",
],
generate_refresh_tokens=False,
logout_behavior="AllApplications",
logout_url="http://www.example.com/logout",
require_client_authentication=False,
),
registration_configuration=fusionauth.FusionAuthApplicationRegistrationConfigurationArgs(
birth_date=fusionauth.FusionAuthApplicationRegistrationConfigurationBirthDateArgs(
enabled=False,
required=False,
),
confirm_password=False,
enabled=False,
first_name=fusionauth.FusionAuthApplicationRegistrationConfigurationFirstNameArgs(
enabled=False,
required=False,
),
full_name=fusionauth.FusionAuthApplicationRegistrationConfigurationFullNameArgs(
enabled=False,
required=False,
),
last_name=fusionauth.FusionAuthApplicationRegistrationConfigurationLastNameArgs(
enabled=False,
required=False,
),
login_id_type="",
middle_name=fusionauth.FusionAuthApplicationRegistrationConfigurationMiddleNameArgs(
enabled=False,
required=False,
),
mobile_phone=fusionauth.FusionAuthApplicationRegistrationConfigurationMobilePhoneArgs(
enabled=False,
required=False,
),
type="",
),
passwordless_configuration_enabled=False,
registration_delete_policy=fusionauth.FusionAuthApplicationRegistrationDeletePolicyArgs(
unverified_enabled=True,
unverified_number_of_days_to_retain=30,
))
import * as pulumi from "@pulumi/pulumi";
import * as fusionauth from "pulumi-fusionauth";
const forum = new fusionauth.FusionAuthApplication("forum", {
tenantId: fusionauth_tenant.portal.id,
authenticationTokenConfigurationEnabled: false,
formConfiguration: {
adminRegistrationFormId: fusionauth_form.admin_registration.id,
selfServiceFormId: fusionauth_form.self_service.id,
},
jwtConfiguration: {
accessTokenId: fusionauth_key.access_token.id,
enabled: true,
idTokenKeyId: fusionauth_key.id_token.id,
refreshTokenTtlMinutes: 43200,
ttlSeconds: 3600,
},
lambdaConfiguration: {
accessTokenPopulateId: fusionauth_lambda.token_populate.id,
idTokenPopulateId: fusionauth_lambda.id_token_populate.id,
},
loginConfiguration: {
allowTokenRefresh: false,
generateRefreshTokens: false,
requireAuthentication: true,
},
oauthConfiguration: {
authorizedOriginUrls: ["http://www.example.com/oauth-callback"],
enabledGrants: [
"authorization_code",
"implicit",
],
generateRefreshTokens: false,
logoutBehavior: "AllApplications",
logoutUrl: "http://www.example.com/logout",
requireClientAuthentication: false,
},
registrationConfiguration: {
birthDate: {
enabled: false,
required: false,
},
confirmPassword: false,
enabled: false,
firstName: {
enabled: false,
required: false,
},
fullName: {
enabled: false,
required: false,
},
lastName: {
enabled: false,
required: false,
},
loginIdType: "",
middleName: {
enabled: false,
required: false,
},
mobilePhone: {
enabled: false,
required: false,
},
type: "",
},
passwordlessConfigurationEnabled: false,
registrationDeletePolicy: {
unverifiedEnabled: true,
unverifiedNumberOfDaysToRetain: 30,
},
});
resources:
forum:
type: fusionauth:FusionAuthApplication
properties:
tenantId: ${fusionauth_tenant.portal.id}
authenticationTokenConfigurationEnabled: false
formConfiguration:
adminRegistrationFormId: ${fusionauth_form.admin_registration.id}
selfServiceFormId: ${fusionauth_form.self_service.id}
jwtConfiguration:
accessTokenId: ${fusionauth_key.access_token.id}
enabled: true
idTokenKeyId: ${fusionauth_key.id_token.id}
refreshTokenTtlMinutes: 43200
ttlSeconds: 3600
lambdaConfiguration:
accessTokenPopulateId: ${fusionauth_lambda.token_populate.id}
idTokenPopulateId: ${fusionauth_lambda.id_token_populate.id}
loginConfiguration:
allowTokenRefresh: false
generateRefreshTokens: false
requireAuthentication: true
oauthConfiguration:
authorizedOriginUrls:
- http://www.example.com/oauth-callback
enabledGrants:
- authorization_code
- implicit
generateRefreshTokens: false
logoutBehavior: AllApplications
logoutUrl: http://www.example.com/logout
requireClientAuthentication: false
registrationConfiguration:
birthDate:
enabled: false
required: false
confirmPassword: false
enabled: false
firstName:
enabled: false
required: false
fullName:
enabled: false
required: false
lastName:
enabled: false
required: false
loginIdType:
middleName:
enabled: false
required: false
mobilePhone:
enabled: false
required: false
type:
passwordlessConfigurationEnabled: false
registrationDeletePolicy:
unverifiedEnabled: true
unverifiedNumberOfDaysToRetain: 30
Create FusionAuthApplication Resource
new FusionAuthApplication(name: string, args: FusionAuthApplicationArgs, opts?: CustomResourceOptions);@overload
def FusionAuthApplication(resource_name: str,
opts: Optional[ResourceOptions] = None,
access_control_configuration: Optional[FusionAuthApplicationAccessControlConfigurationArgs] = None,
application_id: Optional[str] = None,
authentication_token_configuration_enabled: Optional[bool] = None,
clean_speak_configuration: Optional[FusionAuthApplicationCleanSpeakConfigurationArgs] = None,
data: Optional[Mapping[str, Any]] = None,
email_configuration: Optional[FusionAuthApplicationEmailConfigurationArgs] = None,
form_configuration: Optional[FusionAuthApplicationFormConfigurationArgs] = None,
jwt_configuration: Optional[FusionAuthApplicationJwtConfigurationArgs] = None,
lambda_configuration: Optional[FusionAuthApplicationLambdaConfigurationArgs] = None,
login_configuration: Optional[FusionAuthApplicationLoginConfigurationArgs] = None,
multi_factor_configuration: Optional[FusionAuthApplicationMultiFactorConfigurationArgs] = None,
name: Optional[str] = None,
oauth_configuration: Optional[FusionAuthApplicationOauthConfigurationArgs] = None,
passwordless_configuration_enabled: Optional[bool] = None,
registration_configuration: Optional[FusionAuthApplicationRegistrationConfigurationArgs] = None,
registration_delete_policy: Optional[FusionAuthApplicationRegistrationDeletePolicyArgs] = None,
samlv2_configuration: Optional[FusionAuthApplicationSamlv2ConfigurationArgs] = None,
tenant_id: Optional[str] = None,
theme_id: Optional[str] = None,
verification_email_template_id: Optional[str] = None,
verification_strategy: Optional[str] = None,
verify_registration: Optional[bool] = None)
@overload
def FusionAuthApplication(resource_name: str,
args: FusionAuthApplicationArgs,
opts: Optional[ResourceOptions] = None)func NewFusionAuthApplication(ctx *Context, name string, args FusionAuthApplicationArgs, opts ...ResourceOption) (*FusionAuthApplication, error)public FusionAuthApplication(string name, FusionAuthApplicationArgs args, CustomResourceOptions? opts = null)
public FusionAuthApplication(String name, FusionAuthApplicationArgs args)
public FusionAuthApplication(String name, FusionAuthApplicationArgs args, CustomResourceOptions options)
type: fusionauth:FusionAuthApplication
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FusionAuthApplicationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FusionAuthApplicationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FusionAuthApplicationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FusionAuthApplicationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FusionAuthApplicationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
FusionAuthApplication Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The FusionAuthApplication resource accepts the following input properties:
- Tenant
Id string - Access
Control theogravity.Configuration Fusionauth. Inputs. Fusion Auth Application Access Control Configuration Args - Application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- Authentication
Token boolConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- Clean
Speak theogravity.Configuration Fusionauth. Inputs. Fusion Auth Application Clean Speak Configuration Args - Data Dictionary<string, object>
An object that can hold any information about the Application that should be persisted.
- Email
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Email Configuration Args - Form
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Form Configuration Args - Jwt
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Jwt Configuration Args - Lambda
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Lambda Configuration Args - Login
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Login Configuration Args - Multi
Factor theogravity.Configuration Fusionauth. Inputs. Fusion Auth Application Multi Factor Configuration Args - Name string
The name of the Application.
- Oauth
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Oauth Configuration Args - Passwordless
Configuration boolEnabled Determines if passwordless login is enabled for this application.
- Registration
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Registration Configuration Args - Registration
Delete theogravity.Policy Fusionauth. Inputs. Fusion Auth Application Registration Delete Policy Args - Samlv2Configuration
theogravity.
Fusionauth. Inputs. Fusion Auth Application Samlv2Configuration Args - Theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- Verification
Email stringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- Verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- Verify
Registration bool Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- Tenant
Id string - Access
Control FusionConfiguration Auth Application Access Control Configuration Args - Application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- Authentication
Token boolConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- Clean
Speak FusionConfiguration Auth Application Clean Speak Configuration Args - Data map[string]interface{}
An object that can hold any information about the Application that should be persisted.
- Email
Configuration FusionAuth Application Email Configuration Args - Form
Configuration FusionAuth Application Form Configuration Args - Jwt
Configuration FusionAuth Application Jwt Configuration Args - Lambda
Configuration FusionAuth Application Lambda Configuration Args - Login
Configuration FusionAuth Application Login Configuration Args - Multi
Factor FusionConfiguration Auth Application Multi Factor Configuration Args - Name string
The name of the Application.
- Oauth
Configuration FusionAuth Application Oauth Configuration Args - Passwordless
Configuration boolEnabled Determines if passwordless login is enabled for this application.
- Registration
Configuration FusionAuth Application Registration Configuration Args - Registration
Delete FusionPolicy Auth Application Registration Delete Policy Args - Samlv2Configuration
Fusion
Auth Application Samlv2Configuration Args - Theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- Verification
Email stringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- Verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- Verify
Registration bool Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- tenant
Id String - access
Control FusionConfiguration Auth Application Access Control Configuration Args - application
Id String The Id of the CleanSpeak application that usernames are sent to for moderation.
- authentication
Token BooleanConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- clean
Speak FusionConfiguration Auth Application Clean Speak Configuration Args - data Map<String,Object>
An object that can hold any information about the Application that should be persisted.
- email
Configuration FusionAuth Application Email Configuration Args - form
Configuration FusionAuth Application Form Configuration Args - jwt
Configuration FusionAuth Application Jwt Configuration Args - lambda
Configuration FusionAuth Application Lambda Configuration Args - login
Configuration FusionAuth Application Login Configuration Args - multi
Factor FusionConfiguration Auth Application Multi Factor Configuration Args - name String
The name of the Application.
- oauth
Configuration FusionAuth Application Oauth Configuration Args - passwordless
Configuration BooleanEnabled Determines if passwordless login is enabled for this application.
- registration
Configuration FusionAuth Application Registration Configuration Args - registration
Delete FusionPolicy Auth Application Registration Delete Policy Args - samlv2Configuration
Fusion
Auth Application Samlv2Configuration Args - theme
Id String The unique Id of the theme to be used to style the login page and other end user templates.
- verification
Email StringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- verification
Strategy String The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- verify
Registration Boolean Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- tenant
Id string - access
Control FusionConfiguration Auth Application Access Control Configuration Args - application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- authentication
Token booleanConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- clean
Speak FusionConfiguration Auth Application Clean Speak Configuration Args - data {[key: string]: any}
An object that can hold any information about the Application that should be persisted.
- email
Configuration FusionAuth Application Email Configuration Args - form
Configuration FusionAuth Application Form Configuration Args - jwt
Configuration FusionAuth Application Jwt Configuration Args - lambda
Configuration FusionAuth Application Lambda Configuration Args - login
Configuration FusionAuth Application Login Configuration Args - multi
Factor FusionConfiguration Auth Application Multi Factor Configuration Args - name string
The name of the Application.
- oauth
Configuration FusionAuth Application Oauth Configuration Args - passwordless
Configuration booleanEnabled Determines if passwordless login is enabled for this application.
- registration
Configuration FusionAuth Application Registration Configuration Args - registration
Delete FusionPolicy Auth Application Registration Delete Policy Args - samlv2Configuration
Fusion
Auth Application Samlv2Configuration Args - theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- verification
Email stringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- verify
Registration boolean Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- tenant_
id str - access_
control_ Fusionconfiguration Auth Application Access Control Configuration Args - application_
id str The Id of the CleanSpeak application that usernames are sent to for moderation.
- authentication_
token_ boolconfiguration_ enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- clean_
speak_ Fusionconfiguration Auth Application Clean Speak Configuration Args - data Mapping[str, Any]
An object that can hold any information about the Application that should be persisted.
- email_
configuration FusionAuth Application Email Configuration Args - form_
configuration FusionAuth Application Form Configuration Args - jwt_
configuration FusionAuth Application Jwt Configuration Args - lambda_
configuration FusionAuth Application Lambda Configuration Args - login_
configuration FusionAuth Application Login Configuration Args - multi_
factor_ Fusionconfiguration Auth Application Multi Factor Configuration Args - name str
The name of the Application.
- oauth_
configuration FusionAuth Application Oauth Configuration Args - passwordless_
configuration_ boolenabled Determines if passwordless login is enabled for this application.
- registration_
configuration FusionAuth Application Registration Configuration Args - registration_
delete_ Fusionpolicy Auth Application Registration Delete Policy Args - samlv2_
configuration FusionAuth Application Samlv2Configuration Args - theme_
id str The unique Id of the theme to be used to style the login page and other end user templates.
- verification_
email_ strtemplate_ id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- verification_
strategy str The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- verify_
registration bool Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- tenant
Id String - access
Control Property MapConfiguration - application
Id String The Id of the CleanSpeak application that usernames are sent to for moderation.
- authentication
Token BooleanConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- clean
Speak Property MapConfiguration - data Map<Any>
An object that can hold any information about the Application that should be persisted.
- email
Configuration Property Map - form
Configuration Property Map - jwt
Configuration Property Map - lambda
Configuration Property Map - login
Configuration Property Map - multi
Factor Property MapConfiguration - name String
The name of the Application.
- oauth
Configuration Property Map - passwordless
Configuration BooleanEnabled Determines if passwordless login is enabled for this application.
- registration
Configuration Property Map - registration
Delete Property MapPolicy - samlv2Configuration Property Map
- theme
Id String The unique Id of the theme to be used to style the login page and other end user templates.
- verification
Email StringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- verification
Strategy String The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- verify
Registration Boolean Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
Outputs
All input properties are implicitly available as output properties. Additionally, the FusionAuthApplication resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing FusionAuthApplication Resource
Get an existing FusionAuthApplication resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FusionAuthApplicationState, opts?: CustomResourceOptions): FusionAuthApplication@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_control_configuration: Optional[FusionAuthApplicationAccessControlConfigurationArgs] = None,
application_id: Optional[str] = None,
authentication_token_configuration_enabled: Optional[bool] = None,
clean_speak_configuration: Optional[FusionAuthApplicationCleanSpeakConfigurationArgs] = None,
data: Optional[Mapping[str, Any]] = None,
email_configuration: Optional[FusionAuthApplicationEmailConfigurationArgs] = None,
form_configuration: Optional[FusionAuthApplicationFormConfigurationArgs] = None,
jwt_configuration: Optional[FusionAuthApplicationJwtConfigurationArgs] = None,
lambda_configuration: Optional[FusionAuthApplicationLambdaConfigurationArgs] = None,
login_configuration: Optional[FusionAuthApplicationLoginConfigurationArgs] = None,
multi_factor_configuration: Optional[FusionAuthApplicationMultiFactorConfigurationArgs] = None,
name: Optional[str] = None,
oauth_configuration: Optional[FusionAuthApplicationOauthConfigurationArgs] = None,
passwordless_configuration_enabled: Optional[bool] = None,
registration_configuration: Optional[FusionAuthApplicationRegistrationConfigurationArgs] = None,
registration_delete_policy: Optional[FusionAuthApplicationRegistrationDeletePolicyArgs] = None,
samlv2_configuration: Optional[FusionAuthApplicationSamlv2ConfigurationArgs] = None,
tenant_id: Optional[str] = None,
theme_id: Optional[str] = None,
verification_email_template_id: Optional[str] = None,
verification_strategy: Optional[str] = None,
verify_registration: Optional[bool] = None) -> FusionAuthApplicationfunc GetFusionAuthApplication(ctx *Context, name string, id IDInput, state *FusionAuthApplicationState, opts ...ResourceOption) (*FusionAuthApplication, error)public static FusionAuthApplication Get(string name, Input<string> id, FusionAuthApplicationState? state, CustomResourceOptions? opts = null)public static FusionAuthApplication get(String name, Output<String> id, FusionAuthApplicationState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access
Control theogravity.Configuration Fusionauth. Inputs. Fusion Auth Application Access Control Configuration Args - Application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- Authentication
Token boolConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- Clean
Speak theogravity.Configuration Fusionauth. Inputs. Fusion Auth Application Clean Speak Configuration Args - Data Dictionary<string, object>
An object that can hold any information about the Application that should be persisted.
- Email
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Email Configuration Args - Form
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Form Configuration Args - Jwt
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Jwt Configuration Args - Lambda
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Lambda Configuration Args - Login
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Login Configuration Args - Multi
Factor theogravity.Configuration Fusionauth. Inputs. Fusion Auth Application Multi Factor Configuration Args - Name string
The name of the Application.
- Oauth
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Oauth Configuration Args - Passwordless
Configuration boolEnabled Determines if passwordless login is enabled for this application.
- Registration
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Application Registration Configuration Args - Registration
Delete theogravity.Policy Fusionauth. Inputs. Fusion Auth Application Registration Delete Policy Args - Samlv2Configuration
theogravity.
Fusionauth. Inputs. Fusion Auth Application Samlv2Configuration Args - Tenant
Id string - Theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- Verification
Email stringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- Verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- Verify
Registration bool Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- Access
Control FusionConfiguration Auth Application Access Control Configuration Args - Application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- Authentication
Token boolConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- Clean
Speak FusionConfiguration Auth Application Clean Speak Configuration Args - Data map[string]interface{}
An object that can hold any information about the Application that should be persisted.
- Email
Configuration FusionAuth Application Email Configuration Args - Form
Configuration FusionAuth Application Form Configuration Args - Jwt
Configuration FusionAuth Application Jwt Configuration Args - Lambda
Configuration FusionAuth Application Lambda Configuration Args - Login
Configuration FusionAuth Application Login Configuration Args - Multi
Factor FusionConfiguration Auth Application Multi Factor Configuration Args - Name string
The name of the Application.
- Oauth
Configuration FusionAuth Application Oauth Configuration Args - Passwordless
Configuration boolEnabled Determines if passwordless login is enabled for this application.
- Registration
Configuration FusionAuth Application Registration Configuration Args - Registration
Delete FusionPolicy Auth Application Registration Delete Policy Args - Samlv2Configuration
Fusion
Auth Application Samlv2Configuration Args - Tenant
Id string - Theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- Verification
Email stringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- Verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- Verify
Registration bool Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- access
Control FusionConfiguration Auth Application Access Control Configuration Args - application
Id String The Id of the CleanSpeak application that usernames are sent to for moderation.
- authentication
Token BooleanConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- clean
Speak FusionConfiguration Auth Application Clean Speak Configuration Args - data Map<String,Object>
An object that can hold any information about the Application that should be persisted.
- email
Configuration FusionAuth Application Email Configuration Args - form
Configuration FusionAuth Application Form Configuration Args - jwt
Configuration FusionAuth Application Jwt Configuration Args - lambda
Configuration FusionAuth Application Lambda Configuration Args - login
Configuration FusionAuth Application Login Configuration Args - multi
Factor FusionConfiguration Auth Application Multi Factor Configuration Args - name String
The name of the Application.
- oauth
Configuration FusionAuth Application Oauth Configuration Args - passwordless
Configuration BooleanEnabled Determines if passwordless login is enabled for this application.
- registration
Configuration FusionAuth Application Registration Configuration Args - registration
Delete FusionPolicy Auth Application Registration Delete Policy Args - samlv2Configuration
Fusion
Auth Application Samlv2Configuration Args - tenant
Id String - theme
Id String The unique Id of the theme to be used to style the login page and other end user templates.
- verification
Email StringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- verification
Strategy String The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- verify
Registration Boolean Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- access
Control FusionConfiguration Auth Application Access Control Configuration Args - application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- authentication
Token booleanConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- clean
Speak FusionConfiguration Auth Application Clean Speak Configuration Args - data {[key: string]: any}
An object that can hold any information about the Application that should be persisted.
- email
Configuration FusionAuth Application Email Configuration Args - form
Configuration FusionAuth Application Form Configuration Args - jwt
Configuration FusionAuth Application Jwt Configuration Args - lambda
Configuration FusionAuth Application Lambda Configuration Args - login
Configuration FusionAuth Application Login Configuration Args - multi
Factor FusionConfiguration Auth Application Multi Factor Configuration Args - name string
The name of the Application.
- oauth
Configuration FusionAuth Application Oauth Configuration Args - passwordless
Configuration booleanEnabled Determines if passwordless login is enabled for this application.
- registration
Configuration FusionAuth Application Registration Configuration Args - registration
Delete FusionPolicy Auth Application Registration Delete Policy Args - samlv2Configuration
Fusion
Auth Application Samlv2Configuration Args - tenant
Id string - theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- verification
Email stringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- verify
Registration boolean Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- access_
control_ Fusionconfiguration Auth Application Access Control Configuration Args - application_
id str The Id of the CleanSpeak application that usernames are sent to for moderation.
- authentication_
token_ boolconfiguration_ enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- clean_
speak_ Fusionconfiguration Auth Application Clean Speak Configuration Args - data Mapping[str, Any]
An object that can hold any information about the Application that should be persisted.
- email_
configuration FusionAuth Application Email Configuration Args - form_
configuration FusionAuth Application Form Configuration Args - jwt_
configuration FusionAuth Application Jwt Configuration Args - lambda_
configuration FusionAuth Application Lambda Configuration Args - login_
configuration FusionAuth Application Login Configuration Args - multi_
factor_ Fusionconfiguration Auth Application Multi Factor Configuration Args - name str
The name of the Application.
- oauth_
configuration FusionAuth Application Oauth Configuration Args - passwordless_
configuration_ boolenabled Determines if passwordless login is enabled for this application.
- registration_
configuration FusionAuth Application Registration Configuration Args - registration_
delete_ Fusionpolicy Auth Application Registration Delete Policy Args - samlv2_
configuration FusionAuth Application Samlv2Configuration Args - tenant_
id str - theme_
id str The unique Id of the theme to be used to style the login page and other end user templates.
- verification_
email_ strtemplate_ id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- verification_
strategy str The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- verify_
registration bool Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
- access
Control Property MapConfiguration - application
Id String The Id of the CleanSpeak application that usernames are sent to for moderation.
- authentication
Token BooleanConfiguration Enabled Determines if Users can have Authentication Tokens associated with this Application. This feature may not be enabled for the FusionAuth application.
- clean
Speak Property MapConfiguration - data Map<Any>
An object that can hold any information about the Application that should be persisted.
- email
Configuration Property Map - form
Configuration Property Map - jwt
Configuration Property Map - lambda
Configuration Property Map - login
Configuration Property Map - multi
Factor Property MapConfiguration - name String
The name of the Application.
- oauth
Configuration Property Map - passwordless
Configuration BooleanEnabled Determines if passwordless login is enabled for this application.
- registration
Configuration Property Map - registration
Delete Property MapPolicy - samlv2Configuration Property Map
- tenant
Id String - theme
Id String The unique Id of the theme to be used to style the login page and other end user templates.
- verification
Email StringTemplate Id The Id of the Email Template that is used to send the Registration Verification emails to users. If the verifyRegistration field is true this field is required.
- verification
Strategy String The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField- verify
Registration Boolean Whether or not registrations to this Application may be verified. When this is set to true the verificationEmailTemplateId parameter is also required.
Supporting Types
FusionAuthApplicationAccessControlConfiguration
- Ui
Ip stringAccess Control List Id The Id of the IP Access Control List limiting access to this application.
- Ui
Ip stringAccess Control List Id The Id of the IP Access Control List limiting access to this application.
- ui
Ip StringAccess Control List Id The Id of the IP Access Control List limiting access to this application.
- ui
Ip stringAccess Control List Id The Id of the IP Access Control List limiting access to this application.
- ui_
ip_ straccess_ control_ list_ id The Id of the IP Access Control List limiting access to this application.
- ui
Ip StringAccess Control List Id The Id of the IP Access Control List limiting access to this application.
FusionAuthApplicationCleanSpeakConfiguration
- Application
Ids List<string> An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
- Username
Moderation theogravity.Fusionauth. Inputs. Fusion Auth Application Clean Speak Configuration Username Moderation
- Application
Ids []string An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
- Username
Moderation FusionAuth Application Clean Speak Configuration Username Moderation
- application
Ids List<String> An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
- username
Moderation FusionAuth Application Clean Speak Configuration Username Moderation
- application
Ids string[] An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
- username
Moderation FusionAuth Application Clean Speak Configuration Username Moderation
- application_
ids Sequence[str] An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
- username_
moderation FusionAuth Application Clean Speak Configuration Username Moderation
- application
Ids List<String> An array of UUIDs that map to the CleanSpeak applications for this Application. It is possible that a single Application in FusionAuth might have multiple Applications in CleanSpeak. For example, a FusionAuth Application for a game might have one CleanSpeak Application for usernames and another Application for chat.
- username
Moderation Property Map
FusionAuthApplicationCleanSpeakConfigurationUsernameModeration
- Application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- Application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- application
Id String The Id of the CleanSpeak application that usernames are sent to for moderation.
- enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- application
Id string The Id of the CleanSpeak application that usernames are sent to for moderation.
- enabled boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- application_
id str The Id of the CleanSpeak application that usernames are sent to for moderation.
- enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- application
Id String The Id of the CleanSpeak application that usernames are sent to for moderation.
- enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
FusionAuthApplicationEmailConfiguration
- Email
Update stringTemplate Id The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Email
Verification stringTemplate Id The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Email
Verified stringTemplate Id The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Forgot
Password stringTemplate Id The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Login
Id stringIn Use On Create Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Login
Id stringIn Use On Update Template Id The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Login
New stringDevice Template Id The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Login
Suspicious stringTemplate Id The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Password
Reset stringSuccess Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Password
Update stringTemplate Id The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Passwordless
Email stringTemplate Id The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Set
Password stringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Two
Factor stringMethod Add Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Two
Factor stringMethod Remove Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Email
Update stringTemplate Id The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Email
Verification stringTemplate Id The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Email
Verified stringTemplate Id The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Forgot
Password stringTemplate Id The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Login
Id stringIn Use On Create Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Login
Id stringIn Use On Update Template Id The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Login
New stringDevice Template Id The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Login
Suspicious stringTemplate Id The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Password
Reset stringSuccess Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Password
Update stringTemplate Id The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Passwordless
Email stringTemplate Id The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Set
Password stringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Two
Factor stringMethod Add Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- Two
Factor stringMethod Remove Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Update StringTemplate Id The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Verification StringTemplate Id The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Verified StringTemplate Id The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- forgot
Password StringTemplate Id The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Id StringIn Use On Create Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Id StringIn Use On Update Template Id The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
New StringDevice Template Id The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Suspicious StringTemplate Id The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- password
Reset StringSuccess Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- password
Update StringTemplate Id The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- passwordless
Email StringTemplate Id The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- set
Password StringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- two
Factor StringMethod Add Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- two
Factor StringMethod Remove Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Update stringTemplate Id The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Verification stringTemplate Id The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Verified stringTemplate Id The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- forgot
Password stringTemplate Id The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Id stringIn Use On Create Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Id stringIn Use On Update Template Id The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
New stringDevice Template Id The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Suspicious stringTemplate Id The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- password
Reset stringSuccess Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- password
Update stringTemplate Id The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- passwordless
Email stringTemplate Id The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- set
Password stringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- two
Factor stringMethod Add Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- two
Factor stringMethod Remove Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email_
update_ strtemplate_ id The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email_
verification_ strtemplate_ id The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email_
verified_ strtemplate_ id The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- forgot_
password_ strtemplate_ id The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login_
id_ strin_ use_ on_ create_ template_ id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login_
id_ strin_ use_ on_ update_ template_ id The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login_
new_ strdevice_ template_ id The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login_
suspicious_ strtemplate_ id The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- password_
reset_ strsuccess_ template_ id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- password_
update_ strtemplate_ id The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- passwordless_
email_ strtemplate_ id The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- set_
password_ stremail_ template_ id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- two_
factor_ strmethod_ add_ template_ id The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- two_
factor_ strmethod_ remove_ template_ id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Update StringTemplate Id The Id of the Email Template used to send emails to users when their email address is updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Verification StringTemplate Id The Id of the Email Template used to send emails to users to verify that their email address is valid. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- email
Verified StringTemplate Id The Id of the Email Template used to verify user emails. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- forgot
Password StringTemplate Id The Id of the Email Template that is used when a user is sent a forgot password email. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Id StringIn Use On Create Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Id StringIn Use On Update Template Id The Id of the Email Template used to send emails to users when another user attempts to update an existing account to use their login Id. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
New StringDevice Template Id The Id of the Email Template used to send emails to users when they log in on a new device. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- login
Suspicious StringTemplate Id The Id of the Email Template used to send emails to users when a suspicious login occurs. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- password
Reset StringSuccess Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been reset. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- password
Update StringTemplate Id The Id of the Email Template used to send emails to users when their password has been updated. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- passwordless
Email StringTemplate Id The Id of the Passwordless Email Template, sent to users when they start a passwordless login. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- set
Password StringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- two
Factor StringMethod Add Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
- two
Factor StringMethod Remove Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account. When configured, this value will take precedence over the same configuration from the Tenant when an application context is known.
FusionAuthApplicationFormConfiguration
- Admin
Registration stringForm Id The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
- Self
Service stringForm Id The unique Id of the form to to enable authenticated users to manage their profile on the account page.
- Admin
Registration stringForm Id The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
- Self
Service stringForm Id The unique Id of the form to to enable authenticated users to manage their profile on the account page.
- admin
Registration StringForm Id The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
- self
Service StringForm Id The unique Id of the form to to enable authenticated users to manage their profile on the account page.
- admin
Registration stringForm Id The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
- self
Service stringForm Id The unique Id of the form to to enable authenticated users to manage their profile on the account page.
- admin_
registration_ strform_ id The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
- self_
service_ strform_ id The unique Id of the form to to enable authenticated users to manage their profile on the account page.
- admin
Registration StringForm Id The unique Id of the form to use for the Add and Edit User Registration form when used in the FusionAuth admin UI.
- self
Service StringForm Id The unique Id of the form to to enable authenticated users to manage their profile on the account page.
FusionAuthApplicationJwtConfiguration
- Access
Token stringId The Id of the signing key used to sign the access token.
- Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- Id
Token stringKey Id The Id of the signing key used to sign the Id token.
- Refresh
Token intTtl Minutes The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
- Ttl
Seconds int The length of time in seconds the JWT will live before it is expired and no longer valid.
- Access
Token stringId The Id of the signing key used to sign the access token.
- Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- Id
Token stringKey Id The Id of the signing key used to sign the Id token.
- Refresh
Token intTtl Minutes The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
- Ttl
Seconds int The length of time in seconds the JWT will live before it is expired and no longer valid.
- access
Token StringId The Id of the signing key used to sign the access token.
- enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- id
Token StringKey Id The Id of the signing key used to sign the Id token.
- refresh
Token IntegerTtl Minutes The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
- ttl
Seconds Integer The length of time in seconds the JWT will live before it is expired and no longer valid.
- access
Token stringId The Id of the signing key used to sign the access token.
- enabled boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- id
Token stringKey Id The Id of the signing key used to sign the Id token.
- refresh
Token numberTtl Minutes The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
- ttl
Seconds number The length of time in seconds the JWT will live before it is expired and no longer valid.
- access_
token_ strid The Id of the signing key used to sign the access token.
- enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- id_
token_ strkey_ id The Id of the signing key used to sign the Id token.
- refresh_
token_ intttl_ minutes The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
- ttl_
seconds int The length of time in seconds the JWT will live before it is expired and no longer valid.
- access
Token StringId The Id of the signing key used to sign the access token.
- enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- id
Token StringKey Id The Id of the signing key used to sign the Id token.
- refresh
Token NumberTtl Minutes The length of time in minutes the JWT refresh token will live before it is expired and is not able to be exchanged for a JWT.
- ttl
Seconds Number The length of time in seconds the JWT will live before it is expired and no longer valid.
FusionAuthApplicationLambdaConfiguration
- Access
Token stringPopulate Id The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
- Id
Token stringPopulate Id The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
- Samlv2Populate
Id string The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
- Access
Token stringPopulate Id The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
- Id
Token stringPopulate Id The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
- Samlv2Populate
Id string The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
- access
Token StringPopulate Id The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
- id
Token StringPopulate Id The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
- samlv2Populate
Id String The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
- access
Token stringPopulate Id The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
- id
Token stringPopulate Id The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
- samlv2Populate
Id string The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
- access_
token_ strpopulate_ id The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
- id_
token_ strpopulate_ id The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
- samlv2_
populate_ strid The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
- access
Token StringPopulate Id The Id of the Lambda that will be invoked when an access token is generated for this application. This will be utilized during OAuth2 and OpenID Connect authentication requests as well as when an access token is generated for the Login API.
- id
Token StringPopulate Id The Id of the Lambda that will be invoked when an Id token is generated for this application during an OpenID Connect authentication request.
- samlv2Populate
Id String The Id of the Lambda that will be invoked when a a SAML response is generated during a SAML authentication request.
FusionAuthApplicationLoginConfiguration
- Allow
Token boolRefresh Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
- Generate
Refresh boolTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- Require
Authentication bool Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
- Allow
Token boolRefresh Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
- Generate
Refresh boolTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- Require
Authentication bool Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
- allow
Token BooleanRefresh Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
- generate
Refresh BooleanTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- require
Authentication Boolean Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
- allow
Token booleanRefresh Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
- generate
Refresh booleanTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- require
Authentication boolean Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
- allow_
token_ boolrefresh Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
- generate_
refresh_ booltokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- require_
authentication bool Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
- allow
Token BooleanRefresh Indicates if a JWT may be refreshed using a Refresh Token for this application. This configuration is separate from issuing new Refresh Tokens which is controlled by the generateRefreshTokens parameter. This configuration indicates specifically if an existing Refresh Token may be used to request a new JWT using the Refresh API.
- generate
Refresh BooleanTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- require
Authentication Boolean Indicates if the Login API should require an API key. If you set this value to false and your FusionAuth API is on a public network, anyone may attempt to use the Login API.
FusionAuthApplicationMultiFactorConfiguration
- Email
Template stringId The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
- Sms
Template stringId The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- Email
Template stringId The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
- Sms
Template stringId The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- email
Template StringId The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
- sms
Template StringId The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- email
Template stringId The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
- sms
Template stringId The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- email_
template_ strid The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
- sms_
template_ strid The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- email
Template StringId The Id of the email template that is used when notifying a user to complete a multi-factor authentication request.
- sms
Template StringId The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
FusionAuthApplicationOauthConfiguration
- List<string>
An array of URLs that are the authorized origins for FusionAuth OAuth.
- List<string>
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- Client
Authentication stringPolicy Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
- Client
Secret string The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
- Debug bool
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- Device
Verification stringUrl The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
- Enabled
Grants List<string> The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
- Generate
Refresh boolTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- Logout
Behavior string Behavior when /oauth2/logout is called.
- Logout
Url string The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- Proof
Key stringFor Code Exchange Policy Determines the PKCE requirements when using the authorization code grant.
- Require
Client boolAuthentication Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.
In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.
- Require
Registration bool When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
- []string
An array of URLs that are the authorized origins for FusionAuth OAuth.
- []string
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- Client
Authentication stringPolicy Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
- Client
Secret string The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
- Debug bool
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- Device
Verification stringUrl The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
- Enabled
Grants []string The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
- Generate
Refresh boolTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- Logout
Behavior string Behavior when /oauth2/logout is called.
- Logout
Url string The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- Proof
Key stringFor Code Exchange Policy Determines the PKCE requirements when using the authorization code grant.
- Require
Client boolAuthentication Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.
In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.
- Require
Registration bool When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
- List<String>
An array of URLs that are the authorized origins for FusionAuth OAuth.
- List<String>
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- client
Authentication StringPolicy Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
- client
Secret String The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
- debug Boolean
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- device
Verification StringUrl The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
- enabled
Grants List<String> The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
- generate
Refresh BooleanTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- logout
Behavior String Behavior when /oauth2/logout is called.
- logout
Url String The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- proof
Key StringFor Code Exchange Policy Determines the PKCE requirements when using the authorization code grant.
- require
Client BooleanAuthentication Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.
In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.
- require
Registration Boolean When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
- string[]
An array of URLs that are the authorized origins for FusionAuth OAuth.
- string[]
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- client
Authentication stringPolicy Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
- client
Secret string The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
- debug boolean
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- device
Verification stringUrl The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
- enabled
Grants string[] The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
- generate
Refresh booleanTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- logout
Behavior string Behavior when /oauth2/logout is called.
- logout
Url string The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- proof
Key stringFor Code Exchange Policy Determines the PKCE requirements when using the authorization code grant.
- require
Client booleanAuthentication Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.
In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.
- require
Registration boolean When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
- Sequence[str]
An array of URLs that are the authorized origins for FusionAuth OAuth.
- Sequence[str]
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- client_
authentication_ strpolicy Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
- client_
secret str The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
- debug bool
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- device_
verification_ strurl The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
- enabled_
grants Sequence[str] The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
- generate_
refresh_ booltokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- logout_
behavior str Behavior when /oauth2/logout is called.
- logout_
url str The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- proof_
key_ strfor_ code_ exchange_ policy Determines the PKCE requirements when using the authorization code grant.
- require_
client_ boolauthentication Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.
In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.
- require_
registration bool When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
- List<String>
An array of URLs that are the authorized origins for FusionAuth OAuth.
- List<String>
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- client
Authentication StringPolicy Determines the client authentication requirements for the OAuth 2.0 Token endpoint.
- client
Secret String The OAuth 2.0 client secret. If you leave this blank during a POST, a secure secret will be generated for you. If you leave this blank during PUT, the previous value will be maintained. For both POST and PUT you can provide a value and it will be stored.
- debug Boolean
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- device
Verification StringUrl The device verification URL to be used with the Device Code grant type, this field is required when device_code is enabled.
- enabled
Grants List<String> The enabled grants for this application. In order to utilize a particular grant with the OAuth 2.0 endpoints you must have enabled the grant.
- generate
Refresh BooleanTokens Determines if the OAuth 2.0 Token endpoint will generate a refresh token when the offline_access scope is requested.
- logout
Behavior String Behavior when /oauth2/logout is called.
- logout
Url String The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- proof
Key StringFor Code Exchange Policy Determines the PKCE requirements when using the authorization code grant.
- require
Client BooleanAuthentication Determines if the OAuth 2.0 Token endpoint requires client authentication. If this is enabled, the client must provide client credentials when using the Token endpoint. The client_id and client_secret may be provided using a Basic Authorization HTTP header, or by sending these parameters in the request body using POST data.
In version 1.28.0 and beyond, client authentication can be managed via oauth_configuration.client_authentication_policy.
- require
Registration Boolean When enabled the user will be required to be registered, or complete registration before redirecting to the configured callback in the authorization code grant or the implicit grant. This configuration does not currently apply to any other grant.
FusionAuthApplicationRegistrationConfiguration
- Birth
Date theogravity.Fusionauth. Inputs. Fusion Auth Application Registration Configuration Birth Date - Confirm
Password bool - Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- First
Name theogravity.Fusionauth. Inputs. Fusion Auth Application Registration Configuration First Name - Form
Id string The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
- Full
Name theogravity.Fusionauth. Inputs. Fusion Auth Application Registration Configuration Full Name - Last
Name theogravity.Fusionauth. Inputs. Fusion Auth Application Registration Configuration Last Name - Login
Id stringType The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
- Middle
Name theogravity.Fusionauth. Inputs. Fusion Auth Application Registration Configuration Middle Name - Mobile
Phone theogravity.Fusionauth. Inputs. Fusion Auth Application Registration Configuration Mobile Phone - Type string
The type of registration flow.
- Birth
Date FusionAuth Application Registration Configuration Birth Date - Confirm
Password bool - Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- First
Name FusionAuth Application Registration Configuration First Name - Form
Id string The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
- Full
Name FusionAuth Application Registration Configuration Full Name - Last
Name FusionAuth Application Registration Configuration Last Name - Login
Id stringType The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
- Middle
Name FusionAuth Application Registration Configuration Middle Name - Mobile
Phone FusionAuth Application Registration Configuration Mobile Phone - Type string
The type of registration flow.
- birth
Date FusionAuth Application Registration Configuration Birth Date - confirm
Password Boolean - enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- first
Name FusionAuth Application Registration Configuration First Name - form
Id String The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
- full
Name FusionAuth Application Registration Configuration Full Name - last
Name FusionAuth Application Registration Configuration Last Name - login
Id StringType The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
- middle
Name FusionAuth Application Registration Configuration Middle Name - mobile
Phone FusionAuth Application Registration Configuration Mobile Phone - type String
The type of registration flow.
- birth
Date FusionAuth Application Registration Configuration Birth Date - confirm
Password boolean - enabled boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- first
Name FusionAuth Application Registration Configuration First Name - form
Id string The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
- full
Name FusionAuth Application Registration Configuration Full Name - last
Name FusionAuth Application Registration Configuration Last Name - login
Id stringType The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
- middle
Name FusionAuth Application Registration Configuration Middle Name - mobile
Phone FusionAuth Application Registration Configuration Mobile Phone - type string
The type of registration flow.
- birth_
date FusionAuth Application Registration Configuration Birth Date - confirm_
password bool - enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- first_
name FusionAuth Application Registration Configuration First Name - form_
id str The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
- full_
name FusionAuth Application Registration Configuration Full Name - last_
name FusionAuth Application Registration Configuration Last Name - login_
id_ strtype The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
- middle_
name FusionAuth Application Registration Configuration Middle Name - mobile_
phone FusionAuth Application Registration Configuration Mobile Phone - type str
The type of registration flow.
- birth
Date Property Map - confirm
Password Boolean - enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- first
Name Property Map - form
Id String The Id of an associated Form when using advanced registration configuration type. This field is required when application.registrationConfiguration.type is set to advanced.
- full
Name Property Map - last
Name Property Map - login
Id StringType The unique login Id that will be collected during registration, this value can be email or username. Leaving the default value of email is preferred because an email address is globally unique.
- middle
Name Property Map - mobile
Phone Property Map - type String
The type of registration flow.
FusionAuthApplicationRegistrationConfigurationBirthDate
FusionAuthApplicationRegistrationConfigurationFirstName
FusionAuthApplicationRegistrationConfigurationFullName
FusionAuthApplicationRegistrationConfigurationLastName
FusionAuthApplicationRegistrationConfigurationMiddleName
FusionAuthApplicationRegistrationConfigurationMobilePhone
FusionAuthApplicationRegistrationDeletePolicy
- Unverified
Enabled bool Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
- Unverified
Number intOf Days To Retain The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
- Unverified
Enabled bool Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
- Unverified
Number intOf Days To Retain The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
- unverified
Enabled Boolean Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
- unverified
Number IntegerOf Days To Retain The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
- unverified
Enabled boolean Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
- unverified
Number numberOf Days To Retain The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
- unverified_
enabled bool Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
- unverified_
number_ intof_ days_ to_ retain The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
- unverified
Enabled Boolean Indicates that users without a verified registration for this application will have their registration permanently deleted after application.registrationDeletePolicy.unverified.numberOfDaysToRetain days.
- unverified
Number NumberOf Days To Retain The number of days from registration a user’s registration will be retained before being deleted for not completing registration verification. This field is required when application.registrationDeletePolicy.enabled is set to true. Value must be greater than 0.
FusionAuthApplicationSamlv2Configuration
- List<string>
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- Issuer string
The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
- Audience string
The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
- Callback
Url string The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.
In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.
- Debug bool
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- Default
Verification stringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- Key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- Logout
theogravity.
Fusionauth. Inputs. Fusion Auth Application Samlv2Configuration Logout - Logout
Url string The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- Required
Signed boolRequests If set to true, will force verification through the key store.
- Xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- Xml
Signature stringLocation The location to place the XML signature when signing a successful SAML response.
- []string
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- Issuer string
The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
- Audience string
The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
- Callback
Url string The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.
In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.
- Debug bool
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- Default
Verification stringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- Key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- Logout
Fusion
Auth Application Samlv2Configuration Logout - Logout
Url string The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- Required
Signed boolRequests If set to true, will force verification through the key store.
- Xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- Xml
Signature stringLocation The location to place the XML signature when signing a successful SAML response.
- List<String>
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- issuer String
The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
- audience String
The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
- callback
Url String The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.
In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.
- debug Boolean
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- default
Verification StringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- key
Id String The unique Id of the Key used to sign the SAML Single Logout response.
- logout
Fusion
Auth Application Samlv2Configuration Logout - logout
Url String The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- required
Signed BooleanRequests If set to true, will force verification through the key store.
- xml
Signature StringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- xml
Signature StringLocation The location to place the XML signature when signing a successful SAML response.
- string[]
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- issuer string
The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
- audience string
The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
- callback
Url string The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.
In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.
- debug boolean
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- default
Verification stringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- enabled boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- logout
Fusion
Auth Application Samlv2Configuration Logout - logout
Url string The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- required
Signed booleanRequests If set to true, will force verification through the key store.
- xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- xml
Signature stringLocation The location to place the XML signature when signing a successful SAML response.
- Sequence[str]
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- issuer str
The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
- audience str
The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
- callback_
url str The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.
In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.
- debug bool
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- default_
verification_ strkey_ id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- key_
id str The unique Id of the Key used to sign the SAML Single Logout response.
- logout
Fusion
Auth Application Samlv2Configuration Logout - logout_
url str The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- required_
signed_ boolrequests If set to true, will force verification through the key store.
- xml_
signature_ strcanonicalization_ method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- xml_
signature_ strlocation The location to place the XML signature when signing a successful SAML response.
- List<String>
An array of URLs that are the authorized redirect URLs for FusionAuth OAuth.
- issuer String
The issuer that identifies the service provider and allows FusionAuth to load the correct Application and SAML configuration. If you don’t know the issuer, you can often times put in anything here and FusionAuth will display an error message with the issuer from the service provider when you test the SAML login.
- audience String
The audience for the SAML response sent to back to the service provider from FusionAuth. Some service providers require different audience values than the issuer and this configuration option lets you change the audience in the response.
- callback
Url String The URL of the callback (sometimes called the Assertion Consumer Service or ACS). This is where FusionAuth sends the browser after the user logs in via SAML.
In version 1.20.0 and beyond, Callback URLs can be managed via authorized_redirect_urls.
- debug Boolean
Whether or not FusionAuth will log SAML debug messages to the event log. This is useful for debugging purposes.
- default
Verification StringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- key
Id String The unique Id of the Key used to sign the SAML Single Logout response.
- logout Property Map
- logout
Url String The URL that the browser is taken to after the user logs out of the SAML service provider. Often service providers need this URL in order to correctly hook up single-logout. Note that FusionAuth does not support the SAML single-logout profile because most service providers to not support it properly.
- required
Signed BooleanRequests If set to true, will force verification through the key store.
- xml
Signature StringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- xml
Signature StringLocation The location to place the XML signature when signing a successful SAML response.
FusionAuthApplicationSamlv2ConfigurationLogout
- Behavior string
This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
- Default
Verification stringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- Key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- Require
Signed boolRequests Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
- Single
Logout theogravity.Fusionauth. Inputs. Fusion Auth Application Samlv2Configuration Logout Single Logout - Xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- Behavior string
This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
- Default
Verification stringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- Key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- Require
Signed boolRequests Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
- Single
Logout FusionAuth Application Samlv2Configuration Logout Single Logout - Xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- behavior String
This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
- default
Verification StringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- key
Id String The unique Id of the Key used to sign the SAML Single Logout response.
- require
Signed BooleanRequests Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
- single
Logout FusionAuth Application Samlv2Configuration Logout Single Logout - xml
Signature StringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- behavior string
This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
- default
Verification stringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- require
Signed booleanRequests Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
- single
Logout FusionAuth Application Samlv2Configuration Logout Single Logout - xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- behavior str
This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
- default_
verification_ strkey_ id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- key_
id str The unique Id of the Key used to sign the SAML Single Logout response.
- require_
signed_ boolrequests Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
- single_
logout FusionAuth Application Samlv2Configuration Logout Single Logout - xml_
signature_ strcanonicalization_ method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- behavior String
This configuration is functionally equivalent to the Logout Behavior found in the OAuth2 configuration.
- default
Verification StringKey Id The unique Id of the Key used to verify the signature if the public key cannot be determined by the KeyInfo element when using POST bindings, or the key used to verify the signature when using HTTP Redirect bindings.
- key
Id String The unique Id of the Key used to sign the SAML Single Logout response.
- require
Signed BooleanRequests Set this parameter equal to true to require the SAML v2 Service Provider to sign the Logout request. When this value is true all Logout requests missing a signature will be rejected.
- single
Logout Property Map - xml
Signature StringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
FusionAuthApplicationSamlv2ConfigurationLogoutSingleLogout
- Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- Key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- Url string
The URL at which you want to receive the LogoutRequest from FusionAuth.
- Xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- Enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- Key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- Url string
The URL at which you want to receive the LogoutRequest from FusionAuth.
- Xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- key
Id String The unique Id of the Key used to sign the SAML Single Logout response.
- url String
The URL at which you want to receive the LogoutRequest from FusionAuth.
- xml
Signature StringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- enabled boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- key
Id string The unique Id of the Key used to sign the SAML Single Logout response.
- url string
The URL at which you want to receive the LogoutRequest from FusionAuth.
- xml
Signature stringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- enabled bool
Whether or not SAML Single Logout for this SAML IdP is enabled.
- key_
id str The unique Id of the Key used to sign the SAML Single Logout response.
- url str
The URL at which you want to receive the LogoutRequest from FusionAuth.
- xml_
signature_ strcanonicalization_ method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
- enabled Boolean
Whether or not SAML Single Logout for this SAML IdP is enabled.
- key
Id String The unique Id of the Key used to sign the SAML Single Logout response.
- url String
The URL at which you want to receive the LogoutRequest from FusionAuth.
- xml
Signature StringCanonicalization Method The XML signature canonicalization method used when digesting and signing the SAML response. Unfortunately, many service providers do not correctly implement the XML signature specifications and force a specific canonicalization method. This setting allows you to change the canonicalization method to match the service provider. Often, service providers don’t even document their required method. You might need to contact enterprise support at the service provider to figure out what method they use.
Package Details
- Repository
- fusionauth theogravity/pulumi-fusionauth
- License
- MIT
- Notes
This Pulumi package is based on the
fusionauthTerraform Provider.