Docs
Packages
FusionAuth v2.17.0, Mar 24 23
FusionAuth v2.17.0, Mar 24 23
fusionauth.FusionAuthIdpSamlV2IdpInitiated
Explore with Pulumi AI
Create FusionAuthIdpSamlV2IdpInitiated Resource
new FusionAuthIdpSamlV2IdpInitiated(name: string, args: FusionAuthIdpSamlV2IdpInitiatedArgs, opts?: CustomResourceOptions);@overload
def FusionAuthIdpSamlV2IdpInitiated(resource_name: str,
opts: Optional[ResourceOptions] = None,
application_configurations: Optional[Sequence[FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs]] = None,
debug: Optional[bool] = None,
email_claim: Optional[str] = None,
enabled: Optional[bool] = None,
idp_id: Optional[str] = None,
issuer: Optional[str] = None,
key_id: Optional[str] = None,
lambda_reconcile_id: Optional[str] = None,
linking_strategy: Optional[str] = None,
name: Optional[str] = None,
tenant_configurations: Optional[Sequence[FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs]] = None,
use_name_for_email: Optional[bool] = None)
@overload
def FusionAuthIdpSamlV2IdpInitiated(resource_name: str,
args: FusionAuthIdpSamlV2IdpInitiatedArgs,
opts: Optional[ResourceOptions] = None)func NewFusionAuthIdpSamlV2IdpInitiated(ctx *Context, name string, args FusionAuthIdpSamlV2IdpInitiatedArgs, opts ...ResourceOption) (*FusionAuthIdpSamlV2IdpInitiated, error)public FusionAuthIdpSamlV2IdpInitiated(string name, FusionAuthIdpSamlV2IdpInitiatedArgs args, CustomResourceOptions? opts = null)
public FusionAuthIdpSamlV2IdpInitiated(String name, FusionAuthIdpSamlV2IdpInitiatedArgs args)
public FusionAuthIdpSamlV2IdpInitiated(String name, FusionAuthIdpSamlV2IdpInitiatedArgs args, CustomResourceOptions options)
type: fusionauth:FusionAuthIdpSamlV2IdpInitiated
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FusionAuthIdpSamlV2IdpInitiatedArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FusionAuthIdpSamlV2IdpInitiatedArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FusionAuthIdpSamlV2IdpInitiatedArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FusionAuthIdpSamlV2IdpInitiatedArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FusionAuthIdpSamlV2IdpInitiatedArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
FusionAuthIdpSamlV2IdpInitiated Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The FusionAuthIdpSamlV2IdpInitiated resource accepts the following input properties:
- Issuer string
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- Key
Id string The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- Application
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Idp Saml V2Idp Initiated Application Configuration Args> The configuration for each Application that the identity provider is enabled for.
- Debug bool
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- Email
Claim string The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- Enabled bool
Determines if this provider is enabled. If it is false then it will be disabled globally.
- Idp
Id string The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- Lambda
Reconcile stringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- Linking
Strategy string The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- Name string
The name of this SAML v2 identity provider. This is only used for display purposes.
- Tenant
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Idp Saml V2Idp Initiated Tenant Configuration Args> The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- Use
Name boolFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- Issuer string
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- Key
Id string The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- Application
Configurations []FusionAuth Idp Saml V2Idp Initiated Application Configuration Args The configuration for each Application that the identity provider is enabled for.
- Debug bool
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- Email
Claim string The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- Enabled bool
Determines if this provider is enabled. If it is false then it will be disabled globally.
- Idp
Id string The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- Lambda
Reconcile stringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- Linking
Strategy string The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- Name string
The name of this SAML v2 identity provider. This is only used for display purposes.
- Tenant
Configurations []FusionAuth Idp Saml V2Idp Initiated Tenant Configuration Args The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- Use
Name boolFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- issuer String
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- key
Id String The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- application
Configurations List<FusionAuth Idp Saml V2Idp Initiated Application Configuration Args> The configuration for each Application that the identity provider is enabled for.
- debug Boolean
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- email
Claim String The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- enabled Boolean
Determines if this provider is enabled. If it is false then it will be disabled globally.
- idp
Id String The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- lambda
Reconcile StringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- linking
Strategy String The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- name String
The name of this SAML v2 identity provider. This is only used for display purposes.
- tenant
Configurations List<FusionAuth Idp Saml V2Idp Initiated Tenant Configuration Args> The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- use
Name BooleanFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- issuer string
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- key
Id string The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- application
Configurations FusionAuth Idp Saml V2Idp Initiated Application Configuration Args[] The configuration for each Application that the identity provider is enabled for.
- debug boolean
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- email
Claim string The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- enabled boolean
Determines if this provider is enabled. If it is false then it will be disabled globally.
- idp
Id string The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- lambda
Reconcile stringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- linking
Strategy string The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- name string
The name of this SAML v2 identity provider. This is only used for display purposes.
- tenant
Configurations FusionAuth Idp Saml V2Idp Initiated Tenant Configuration Args[] The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- use
Name booleanFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- issuer str
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- key_
id str The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- application_
configurations Sequence[FusionAuth Idp Saml V2Idp Initiated Application Configuration Args] The configuration for each Application that the identity provider is enabled for.
- debug bool
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- email_
claim str The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- enabled bool
Determines if this provider is enabled. If it is false then it will be disabled globally.
- idp_
id str The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- lambda_
reconcile_ strid The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- linking_
strategy str The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- name str
The name of this SAML v2 identity provider. This is only used for display purposes.
- tenant_
configurations Sequence[FusionAuth Idp Saml V2Idp Initiated Tenant Configuration Args] The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- use_
name_ boolfor_ email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- issuer String
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- key
Id String The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- application
Configurations List<Property Map> The configuration for each Application that the identity provider is enabled for.
- debug Boolean
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- email
Claim String The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- enabled Boolean
Determines if this provider is enabled. If it is false then it will be disabled globally.
- idp
Id String The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- lambda
Reconcile StringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- linking
Strategy String The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- name String
The name of this SAML v2 identity provider. This is only used for display purposes.
- tenant
Configurations List<Property Map> The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- use
Name BooleanFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
Outputs
All input properties are implicitly available as output properties. Additionally, the FusionAuthIdpSamlV2IdpInitiated resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing FusionAuthIdpSamlV2IdpInitiated Resource
Get an existing FusionAuthIdpSamlV2IdpInitiated resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FusionAuthIdpSamlV2IdpInitiatedState, opts?: CustomResourceOptions): FusionAuthIdpSamlV2IdpInitiated@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
application_configurations: Optional[Sequence[FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs]] = None,
debug: Optional[bool] = None,
email_claim: Optional[str] = None,
enabled: Optional[bool] = None,
idp_id: Optional[str] = None,
issuer: Optional[str] = None,
key_id: Optional[str] = None,
lambda_reconcile_id: Optional[str] = None,
linking_strategy: Optional[str] = None,
name: Optional[str] = None,
tenant_configurations: Optional[Sequence[FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs]] = None,
use_name_for_email: Optional[bool] = None) -> FusionAuthIdpSamlV2IdpInitiatedfunc GetFusionAuthIdpSamlV2IdpInitiated(ctx *Context, name string, id IDInput, state *FusionAuthIdpSamlV2IdpInitiatedState, opts ...ResourceOption) (*FusionAuthIdpSamlV2IdpInitiated, error)public static FusionAuthIdpSamlV2IdpInitiated Get(string name, Input<string> id, FusionAuthIdpSamlV2IdpInitiatedState? state, CustomResourceOptions? opts = null)public static FusionAuthIdpSamlV2IdpInitiated get(String name, Output<String> id, FusionAuthIdpSamlV2IdpInitiatedState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Application
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Idp Saml V2Idp Initiated Application Configuration Args> The configuration for each Application that the identity provider is enabled for.
- Debug bool
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- Email
Claim string The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- Enabled bool
Determines if this provider is enabled. If it is false then it will be disabled globally.
- Idp
Id string The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- Issuer string
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- Key
Id string The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- Lambda
Reconcile stringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- Linking
Strategy string The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- Name string
The name of this SAML v2 identity provider. This is only used for display purposes.
- Tenant
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Idp Saml V2Idp Initiated Tenant Configuration Args> The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- Use
Name boolFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- Application
Configurations []FusionAuth Idp Saml V2Idp Initiated Application Configuration Args The configuration for each Application that the identity provider is enabled for.
- Debug bool
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- Email
Claim string The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- Enabled bool
Determines if this provider is enabled. If it is false then it will be disabled globally.
- Idp
Id string The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- Issuer string
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- Key
Id string The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- Lambda
Reconcile stringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- Linking
Strategy string The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- Name string
The name of this SAML v2 identity provider. This is only used for display purposes.
- Tenant
Configurations []FusionAuth Idp Saml V2Idp Initiated Tenant Configuration Args The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- Use
Name boolFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- application
Configurations List<FusionAuth Idp Saml V2Idp Initiated Application Configuration Args> The configuration for each Application that the identity provider is enabled for.
- debug Boolean
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- email
Claim String The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- enabled Boolean
Determines if this provider is enabled. If it is false then it will be disabled globally.
- idp
Id String The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- issuer String
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- key
Id String The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- lambda
Reconcile StringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- linking
Strategy String The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- name String
The name of this SAML v2 identity provider. This is only used for display purposes.
- tenant
Configurations List<FusionAuth Idp Saml V2Idp Initiated Tenant Configuration Args> The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- use
Name BooleanFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- application
Configurations FusionAuth Idp Saml V2Idp Initiated Application Configuration Args[] The configuration for each Application that the identity provider is enabled for.
- debug boolean
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- email
Claim string The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- enabled boolean
Determines if this provider is enabled. If it is false then it will be disabled globally.
- idp
Id string The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- issuer string
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- key
Id string The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- lambda
Reconcile stringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- linking
Strategy string The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- name string
The name of this SAML v2 identity provider. This is only used for display purposes.
- tenant
Configurations FusionAuth Idp Saml V2Idp Initiated Tenant Configuration Args[] The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- use
Name booleanFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- application_
configurations Sequence[FusionAuth Idp Saml V2Idp Initiated Application Configuration Args] The configuration for each Application that the identity provider is enabled for.
- debug bool
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- email_
claim str The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- enabled bool
Determines if this provider is enabled. If it is false then it will be disabled globally.
- idp_
id str The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- issuer str
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- key_
id str The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- lambda_
reconcile_ strid The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- linking_
strategy str The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- name str
The name of this SAML v2 identity provider. This is only used for display purposes.
- tenant_
configurations Sequence[FusionAuth Idp Saml V2Idp Initiated Tenant Configuration Args] The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- use_
name_ boolfor_ email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
- application
Configurations List<Property Map> The configuration for each Application that the identity provider is enabled for.
- debug Boolean
Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
- email
Claim String The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the
use_name_for_emailflag must be true.- enabled Boolean
Determines if this provider is enabled. If it is false then it will be disabled globally.
- idp
Id String The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
- issuer String
The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
- key
Id String The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
- lambda
Reconcile StringId The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
- linking
Strategy String The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
- name String
The name of this SAML v2 identity provider. This is only used for display purposes.
- tenant
Configurations List<Property Map> The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
- use
Name BooleanFor Email Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the
email_claimproperty must be set.
Supporting Types
FusionAuthIdpSamlV2IdpInitiatedApplicationConfiguration
- Application
Id string - Create
Registration bool - Enabled bool
- Application
Id string - Create
Registration bool - Enabled bool
- application
Id String - create
Registration Boolean - enabled Boolean
- application
Id string - create
Registration boolean - enabled boolean
- application_
id str - create_
registration bool - enabled bool
- application
Id String - create
Registration Boolean - enabled Boolean
FusionAuthIdpSamlV2IdpInitiatedTenantConfiguration
- Limit
User boolLink Count Enabled - Limit
User intLink Count Maximum Links - Tenant
Id string
- Limit
User boolLink Count Enabled - Limit
User intLink Count Maximum Links - Tenant
Id string
- limit
User BooleanLink Count Enabled - limit
User IntegerLink Count Maximum Links - tenant
Id String
- limit
User booleanLink Count Enabled - limit
User numberLink Count Maximum Links - tenant
Id string
- limit
User BooleanLink Count Enabled - limit
User NumberLink Count Maximum Links - tenant
Id String
Package Details
- Repository
- fusionauth theogravity/pulumi-fusionauth
- License
- MIT
- Notes
This Pulumi package is based on the
fusionauthTerraform Provider.