1. Packages
  2. FusionAuth
  3. API Docs
  4. FusionAuthIdpSamlV2IdpInitiated
FusionAuth v5.0.4 published on Tuesday, Jul 9, 2024 by Theo Gravity

fusionauth.FusionAuthIdpSamlV2IdpInitiated

Explore with Pulumi AI

fusionauth logo
FusionAuth v5.0.4 published on Tuesday, Jul 9, 2024 by Theo Gravity

    Create FusionAuthIdpSamlV2IdpInitiated Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new FusionAuthIdpSamlV2IdpInitiated(name: string, args: FusionAuthIdpSamlV2IdpInitiatedArgs, opts?: CustomResourceOptions);
    @overload
    def FusionAuthIdpSamlV2IdpInitiated(resource_name: str,
                                        args: FusionAuthIdpSamlV2IdpInitiatedArgs,
                                        opts: Optional[ResourceOptions] = None)
    
    @overload
    def FusionAuthIdpSamlV2IdpInitiated(resource_name: str,
                                        opts: Optional[ResourceOptions] = None,
                                        issuer: Optional[str] = None,
                                        key_id: Optional[str] = None,
                                        application_configurations: Optional[Sequence[FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs]] = None,
                                        debug: Optional[bool] = None,
                                        email_claim: Optional[str] = None,
                                        enabled: Optional[bool] = None,
                                        idp_id: Optional[str] = None,
                                        lambda_reconcile_id: Optional[str] = None,
                                        linking_strategy: Optional[str] = None,
                                        name: Optional[str] = None,
                                        tenant_configurations: Optional[Sequence[FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs]] = None,
                                        use_name_for_email: Optional[bool] = None)
    func NewFusionAuthIdpSamlV2IdpInitiated(ctx *Context, name string, args FusionAuthIdpSamlV2IdpInitiatedArgs, opts ...ResourceOption) (*FusionAuthIdpSamlV2IdpInitiated, error)
    public FusionAuthIdpSamlV2IdpInitiated(string name, FusionAuthIdpSamlV2IdpInitiatedArgs args, CustomResourceOptions? opts = null)
    public FusionAuthIdpSamlV2IdpInitiated(String name, FusionAuthIdpSamlV2IdpInitiatedArgs args)
    public FusionAuthIdpSamlV2IdpInitiated(String name, FusionAuthIdpSamlV2IdpInitiatedArgs args, CustomResourceOptions options)
    
    type: fusionauth:FusionAuthIdpSamlV2IdpInitiated
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args FusionAuthIdpSamlV2IdpInitiatedArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FusionAuthIdpSamlV2IdpInitiatedArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FusionAuthIdpSamlV2IdpInitiatedArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FusionAuthIdpSamlV2IdpInitiatedArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FusionAuthIdpSamlV2IdpInitiatedArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var fusionAuthIdpSamlV2IdpInitiatedResource = new Fusionauth.FusionAuthIdpSamlV2IdpInitiated("fusionAuthIdpSamlV2IdpInitiatedResource", new()
    {
        Issuer = "string",
        KeyId = "string",
        ApplicationConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs
            {
                ApplicationId = "string",
                CreateRegistration = false,
                Enabled = false,
            },
        },
        Debug = false,
        EmailClaim = "string",
        Enabled = false,
        IdpId = "string",
        LambdaReconcileId = "string",
        LinkingStrategy = "string",
        Name = "string",
        TenantConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs
            {
                LimitUserLinkCountEnabled = false,
                LimitUserLinkCountMaximumLinks = 0,
                TenantId = "string",
            },
        },
        UseNameForEmail = false,
    });
    
    example, err := fusionauth.NewFusionAuthIdpSamlV2IdpInitiated(ctx, "fusionAuthIdpSamlV2IdpInitiatedResource", &fusionauth.FusionAuthIdpSamlV2IdpInitiatedArgs{
    	Issuer: pulumi.String("string"),
    	KeyId:  pulumi.String("string"),
    	ApplicationConfigurations: fusionauth.FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArray{
    		&fusionauth.FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs{
    			ApplicationId:      pulumi.String("string"),
    			CreateRegistration: pulumi.Bool(false),
    			Enabled:            pulumi.Bool(false),
    		},
    	},
    	Debug:             pulumi.Bool(false),
    	EmailClaim:        pulumi.String("string"),
    	Enabled:           pulumi.Bool(false),
    	IdpId:             pulumi.String("string"),
    	LambdaReconcileId: pulumi.String("string"),
    	LinkingStrategy:   pulumi.String("string"),
    	Name:              pulumi.String("string"),
    	TenantConfigurations: fusionauth.FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArray{
    		&fusionauth.FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs{
    			LimitUserLinkCountEnabled:      pulumi.Bool(false),
    			LimitUserLinkCountMaximumLinks: pulumi.Int(0),
    			TenantId:                       pulumi.String("string"),
    		},
    	},
    	UseNameForEmail: pulumi.Bool(false),
    })
    
    var fusionAuthIdpSamlV2IdpInitiatedResource = new FusionAuthIdpSamlV2IdpInitiated("fusionAuthIdpSamlV2IdpInitiatedResource", FusionAuthIdpSamlV2IdpInitiatedArgs.builder()
        .issuer("string")
        .keyId("string")
        .applicationConfigurations(FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs.builder()
            .applicationId("string")
            .createRegistration(false)
            .enabled(false)
            .build())
        .debug(false)
        .emailClaim("string")
        .enabled(false)
        .idpId("string")
        .lambdaReconcileId("string")
        .linkingStrategy("string")
        .name("string")
        .tenantConfigurations(FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs.builder()
            .limitUserLinkCountEnabled(false)
            .limitUserLinkCountMaximumLinks(0)
            .tenantId("string")
            .build())
        .useNameForEmail(false)
        .build());
    
    fusion_auth_idp_saml_v2_idp_initiated_resource = fusionauth.FusionAuthIdpSamlV2IdpInitiated("fusionAuthIdpSamlV2IdpInitiatedResource",
        issuer="string",
        key_id="string",
        application_configurations=[fusionauth.FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs(
            application_id="string",
            create_registration=False,
            enabled=False,
        )],
        debug=False,
        email_claim="string",
        enabled=False,
        idp_id="string",
        lambda_reconcile_id="string",
        linking_strategy="string",
        name="string",
        tenant_configurations=[fusionauth.FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs(
            limit_user_link_count_enabled=False,
            limit_user_link_count_maximum_links=0,
            tenant_id="string",
        )],
        use_name_for_email=False)
    
    const fusionAuthIdpSamlV2IdpInitiatedResource = new fusionauth.FusionAuthIdpSamlV2IdpInitiated("fusionAuthIdpSamlV2IdpInitiatedResource", {
        issuer: "string",
        keyId: "string",
        applicationConfigurations: [{
            applicationId: "string",
            createRegistration: false,
            enabled: false,
        }],
        debug: false,
        emailClaim: "string",
        enabled: false,
        idpId: "string",
        lambdaReconcileId: "string",
        linkingStrategy: "string",
        name: "string",
        tenantConfigurations: [{
            limitUserLinkCountEnabled: false,
            limitUserLinkCountMaximumLinks: 0,
            tenantId: "string",
        }],
        useNameForEmail: false,
    });
    
    type: fusionauth:FusionAuthIdpSamlV2IdpInitiated
    properties:
        applicationConfigurations:
            - applicationId: string
              createRegistration: false
              enabled: false
        debug: false
        emailClaim: string
        enabled: false
        idpId: string
        issuer: string
        keyId: string
        lambdaReconcileId: string
        linkingStrategy: string
        name: string
        tenantConfigurations:
            - limitUserLinkCountEnabled: false
              limitUserLinkCountMaximumLinks: 0
              tenantId: string
        useNameForEmail: false
    

    FusionAuthIdpSamlV2IdpInitiated Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The FusionAuthIdpSamlV2IdpInitiated resource accepts the following input properties:

    Issuer string
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    KeyId string
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    ApplicationConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthIdpSamlV2IdpInitiatedApplicationConfiguration>
    The configuration for each Application that the identity provider is enabled for.
    Debug bool
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    EmailClaim string
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    Enabled bool
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    IdpId string
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    LambdaReconcileId string
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    LinkingStrategy string
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    Name string
    The name of this SAML v2 identity provider. This is only used for display purposes.
    TenantConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthIdpSamlV2IdpInitiatedTenantConfiguration>
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    UseNameForEmail bool
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    Issuer string
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    KeyId string
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    ApplicationConfigurations []FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs
    The configuration for each Application that the identity provider is enabled for.
    Debug bool
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    EmailClaim string
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    Enabled bool
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    IdpId string
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    LambdaReconcileId string
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    LinkingStrategy string
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    Name string
    The name of this SAML v2 identity provider. This is only used for display purposes.
    TenantConfigurations []FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    UseNameForEmail bool
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    issuer String
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    keyId String
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    applicationConfigurations List<FusionAuthIdpSamlV2IdpInitiatedApplicationConfiguration>
    The configuration for each Application that the identity provider is enabled for.
    debug Boolean
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    emailClaim String
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    enabled Boolean
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    idpId String
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    lambdaReconcileId String
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    linkingStrategy String
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    name String
    The name of this SAML v2 identity provider. This is only used for display purposes.
    tenantConfigurations List<FusionAuthIdpSamlV2IdpInitiatedTenantConfiguration>
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    useNameForEmail Boolean
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    issuer string
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    keyId string
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    applicationConfigurations FusionAuthIdpSamlV2IdpInitiatedApplicationConfiguration[]
    The configuration for each Application that the identity provider is enabled for.
    debug boolean
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    emailClaim string
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    enabled boolean
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    idpId string
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    lambdaReconcileId string
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    linkingStrategy string
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    name string
    The name of this SAML v2 identity provider. This is only used for display purposes.
    tenantConfigurations FusionAuthIdpSamlV2IdpInitiatedTenantConfiguration[]
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    useNameForEmail boolean
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    issuer str
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    key_id str
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    application_configurations Sequence[FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs]
    The configuration for each Application that the identity provider is enabled for.
    debug bool
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    email_claim str
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    enabled bool
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    idp_id str
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    lambda_reconcile_id str
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    linking_strategy str
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    name str
    The name of this SAML v2 identity provider. This is only used for display purposes.
    tenant_configurations Sequence[FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs]
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    use_name_for_email bool
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    issuer String
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    keyId String
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    applicationConfigurations List<Property Map>
    The configuration for each Application that the identity provider is enabled for.
    debug Boolean
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    emailClaim String
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    enabled Boolean
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    idpId String
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    lambdaReconcileId String
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    linkingStrategy String
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    name String
    The name of this SAML v2 identity provider. This is only used for display purposes.
    tenantConfigurations List<Property Map>
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    useNameForEmail Boolean
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the FusionAuthIdpSamlV2IdpInitiated resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing FusionAuthIdpSamlV2IdpInitiated Resource

    Get an existing FusionAuthIdpSamlV2IdpInitiated resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FusionAuthIdpSamlV2IdpInitiatedState, opts?: CustomResourceOptions): FusionAuthIdpSamlV2IdpInitiated
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            application_configurations: Optional[Sequence[FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs]] = None,
            debug: Optional[bool] = None,
            email_claim: Optional[str] = None,
            enabled: Optional[bool] = None,
            idp_id: Optional[str] = None,
            issuer: Optional[str] = None,
            key_id: Optional[str] = None,
            lambda_reconcile_id: Optional[str] = None,
            linking_strategy: Optional[str] = None,
            name: Optional[str] = None,
            tenant_configurations: Optional[Sequence[FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs]] = None,
            use_name_for_email: Optional[bool] = None) -> FusionAuthIdpSamlV2IdpInitiated
    func GetFusionAuthIdpSamlV2IdpInitiated(ctx *Context, name string, id IDInput, state *FusionAuthIdpSamlV2IdpInitiatedState, opts ...ResourceOption) (*FusionAuthIdpSamlV2IdpInitiated, error)
    public static FusionAuthIdpSamlV2IdpInitiated Get(string name, Input<string> id, FusionAuthIdpSamlV2IdpInitiatedState? state, CustomResourceOptions? opts = null)
    public static FusionAuthIdpSamlV2IdpInitiated get(String name, Output<String> id, FusionAuthIdpSamlV2IdpInitiatedState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ApplicationConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthIdpSamlV2IdpInitiatedApplicationConfiguration>
    The configuration for each Application that the identity provider is enabled for.
    Debug bool
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    EmailClaim string
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    Enabled bool
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    IdpId string
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    Issuer string
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    KeyId string
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    LambdaReconcileId string
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    LinkingStrategy string
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    Name string
    The name of this SAML v2 identity provider. This is only used for display purposes.
    TenantConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthIdpSamlV2IdpInitiatedTenantConfiguration>
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    UseNameForEmail bool
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    ApplicationConfigurations []FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs
    The configuration for each Application that the identity provider is enabled for.
    Debug bool
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    EmailClaim string
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    Enabled bool
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    IdpId string
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    Issuer string
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    KeyId string
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    LambdaReconcileId string
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    LinkingStrategy string
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    Name string
    The name of this SAML v2 identity provider. This is only used for display purposes.
    TenantConfigurations []FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    UseNameForEmail bool
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    applicationConfigurations List<FusionAuthIdpSamlV2IdpInitiatedApplicationConfiguration>
    The configuration for each Application that the identity provider is enabled for.
    debug Boolean
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    emailClaim String
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    enabled Boolean
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    idpId String
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    issuer String
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    keyId String
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    lambdaReconcileId String
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    linkingStrategy String
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    name String
    The name of this SAML v2 identity provider. This is only used for display purposes.
    tenantConfigurations List<FusionAuthIdpSamlV2IdpInitiatedTenantConfiguration>
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    useNameForEmail Boolean
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    applicationConfigurations FusionAuthIdpSamlV2IdpInitiatedApplicationConfiguration[]
    The configuration for each Application that the identity provider is enabled for.
    debug boolean
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    emailClaim string
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    enabled boolean
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    idpId string
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    issuer string
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    keyId string
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    lambdaReconcileId string
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    linkingStrategy string
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    name string
    The name of this SAML v2 identity provider. This is only used for display purposes.
    tenantConfigurations FusionAuthIdpSamlV2IdpInitiatedTenantConfiguration[]
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    useNameForEmail boolean
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    application_configurations Sequence[FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs]
    The configuration for each Application that the identity provider is enabled for.
    debug bool
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    email_claim str
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    enabled bool
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    idp_id str
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    issuer str
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    key_id str
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    lambda_reconcile_id str
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    linking_strategy str
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    name str
    The name of this SAML v2 identity provider. This is only used for display purposes.
    tenant_configurations Sequence[FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs]
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    use_name_for_email bool
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.
    applicationConfigurations List<Property Map>
    The configuration for each Application that the identity provider is enabled for.
    debug Boolean
    Determines if debug is enabled for this provider. When enabled, each time this provider is invoked to reconcile a login an Event Log will be created.
    emailClaim String
    The name of the email claim (Attribute in the Assertion element) in the SAML response that FusionAuth uses to uniquely identity the user. If this is not set, the use_name_for_email flag must be true.
    enabled Boolean
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    idpId String
    The ID to use for the new identity provider. If not specified a secure random UUID will be generated.
    issuer String
    The EntityId (unique identifier) of the SAML v2 identity provider. This value should be provided to you. Prior to 1.27.1 this value was required to be a URL.
    keyId String
    The id of the key stored in Key Master that is used to verify the SAML response sent back to FusionAuth from the identity provider. This key must be a verification only key or certificate (meaning that it only has a public key component).
    lambdaReconcileId String
    The id of a SAML reconcile lambda that is applied when the identity provider sends back a successful SAML response.
    linkingStrategy String
    The linking strategy to use when creating the link between the {idp_display_name} Identity Provider and the user.
    name String
    The name of this SAML v2 identity provider. This is only used for display purposes.
    tenantConfigurations List<Property Map>
    The configuration for each Tenant that limits the number of links a user may have for a particular identity provider.
    useNameForEmail Boolean
    Whether or not FusionAuth will use the NameID element value as the email address of the user for reconciliation processing. If this is false, then the email_claim property must be set.

    Supporting Types

    FusionAuthIdpSamlV2IdpInitiatedApplicationConfiguration, FusionAuthIdpSamlV2IdpInitiatedApplicationConfigurationArgs

    ApplicationId string
    CreateRegistration bool
    Determines if a UserRegistration is created for the User automatically or not. If a user doesn’t exist in FusionAuth and logs in through an identity provider, this boolean controls whether or not FusionAuth creates a registration for the User in the Application they are logging into.
    Enabled bool
    Determines if this identity provider is enabled for the Application specified by the applicationId key.
    ApplicationId string
    CreateRegistration bool
    Determines if a UserRegistration is created for the User automatically or not. If a user doesn’t exist in FusionAuth and logs in through an identity provider, this boolean controls whether or not FusionAuth creates a registration for the User in the Application they are logging into.
    Enabled bool
    Determines if this identity provider is enabled for the Application specified by the applicationId key.
    applicationId String
    createRegistration Boolean
    Determines if a UserRegistration is created for the User automatically or not. If a user doesn’t exist in FusionAuth and logs in through an identity provider, this boolean controls whether or not FusionAuth creates a registration for the User in the Application they are logging into.
    enabled Boolean
    Determines if this identity provider is enabled for the Application specified by the applicationId key.
    applicationId string
    createRegistration boolean
    Determines if a UserRegistration is created for the User automatically or not. If a user doesn’t exist in FusionAuth and logs in through an identity provider, this boolean controls whether or not FusionAuth creates a registration for the User in the Application they are logging into.
    enabled boolean
    Determines if this identity provider is enabled for the Application specified by the applicationId key.
    application_id str
    create_registration bool
    Determines if a UserRegistration is created for the User automatically or not. If a user doesn’t exist in FusionAuth and logs in through an identity provider, this boolean controls whether or not FusionAuth creates a registration for the User in the Application they are logging into.
    enabled bool
    Determines if this identity provider is enabled for the Application specified by the applicationId key.
    applicationId String
    createRegistration Boolean
    Determines if a UserRegistration is created for the User automatically or not. If a user doesn’t exist in FusionAuth and logs in through an identity provider, this boolean controls whether or not FusionAuth creates a registration for the User in the Application they are logging into.
    enabled Boolean
    Determines if this identity provider is enabled for the Application specified by the applicationId key.

    FusionAuthIdpSamlV2IdpInitiatedTenantConfiguration, FusionAuthIdpSamlV2IdpInitiatedTenantConfigurationArgs

    LimitUserLinkCountEnabled bool
    When enabled, the number of identity provider links a user may create is enforced by maximumLinks
    LimitUserLinkCountMaximumLinks int
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    TenantId string
    LimitUserLinkCountEnabled bool
    When enabled, the number of identity provider links a user may create is enforced by maximumLinks
    LimitUserLinkCountMaximumLinks int
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    TenantId string
    limitUserLinkCountEnabled Boolean
    When enabled, the number of identity provider links a user may create is enforced by maximumLinks
    limitUserLinkCountMaximumLinks Integer
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    tenantId String
    limitUserLinkCountEnabled boolean
    When enabled, the number of identity provider links a user may create is enforced by maximumLinks
    limitUserLinkCountMaximumLinks number
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    tenantId string
    limit_user_link_count_enabled bool
    When enabled, the number of identity provider links a user may create is enforced by maximumLinks
    limit_user_link_count_maximum_links int
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    tenant_id str
    limitUserLinkCountEnabled Boolean
    When enabled, the number of identity provider links a user may create is enforced by maximumLinks
    limitUserLinkCountMaximumLinks Number
    Determines if this provider is enabled. If it is false then it will be disabled globally.
    tenantId String

    Package Details

    Repository
    fusionauth theogravity/pulumi-fusionauth
    License
    MIT
    Notes
    This Pulumi package is based on the fusionauth Terraform Provider.
    fusionauth logo
    FusionAuth v5.0.4 published on Tuesday, Jul 9, 2024 by Theo Gravity