fusionauth.FusionAuthTenant
Explore with Pulumi AI
# Tenant Resource
A FusionAuth Tenant is a named object that represents a discrete namespace for Users, Applications and Groups. A user is unique by email address or username within a tenant.
Tenants may be useful to support a multi-tenant application where you wish to use a single instance of FusionAuth but require the ability to have duplicate users across the tenants in your own application. In this scenario a user may exist multiple times with the same email address and different passwords across tenants.
Tenants may also be useful in a test or staging environment to allow multiple users to call APIs and create and modify users without possibility of collision.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fusionauth from "pulumi-fusionauth";
const example = new fusionauth.FusionAuthTenant("example", {
connectorPolicies: [{
connectorId: "b57b3d0f-f7a4-4831-a838-549717362ea8",
domains: ["*"],
migrate: false,
}],
emailConfiguration: {
forgotPasswordEmailTemplateId: fusionauth_email.ForgotPassword_Example.id,
host: "smtp.sendgrid.net",
password: "password",
passwordlessEmailTemplateId: fusionauth_email.PasswordlessLogin_Example.id,
port: 587,
security: "TLS",
setPasswordEmailTemplateId: fusionauth_email.SetupPassword_Example.id,
username: "username",
verifyEmail: true,
verifyEmailWhenChanged: true,
additionalHeaders: {
HeaderName1: "HeaderValue1",
HeaderName2: "HeaderValue2",
},
},
eventConfigurations: [
{
enabled: false,
event: "jwt.public-key.update",
transactionType: "None",
},
{
enabled: false,
event: "jwt.refresh-token.revoke",
transactionType: "None",
},
{
enabled: false,
event: "jwt.refresh",
transactionType: "None",
},
{
enabled: false,
event: "group.create",
transactionType: "None",
},
{
enabled: false,
event: "group.create.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.delete",
transactionType: "None",
},
{
enabled: false,
event: "group.delete.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.member.add",
transactionType: "None",
},
{
enabled: false,
event: "group.member.add.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.member.remove",
transactionType: "None",
},
{
enabled: false,
event: "group.member.remove.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.member.update",
transactionType: "None",
},
{
enabled: false,
event: "group.member.update.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.update",
transactionType: "None",
},
{
enabled: false,
event: "group.update.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.action",
transactionType: "None",
},
{
event: "user.bulk.create",
enabled: false,
transactionType: "None",
},
{
enabled: false,
event: "user.create",
transactionType: "None",
},
{
enabled: false,
event: "user.create.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.deactivate",
transactionType: "None",
},
{
enabled: false,
event: "user.delete",
transactionType: "None",
},
{
enabled: false,
event: "user.delete.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.email.update",
transactionType: "None",
},
{
enabled: false,
event: "user.email.verified",
transactionType: "None",
},
{
enabled: false,
event: "user.identity-provider.link",
transactionType: "None",
},
{
enabled: false,
event: "user.identity-provider.unlink",
transactionType: "None",
},
{
enabled: false,
event: "user.loginId.duplicate.create",
transactionType: "None",
},
{
enabled: false,
event: "user.loginId.duplicate.update",
transactionType: "None",
},
{
enabled: false,
event: "user.login.failed",
transactionType: "None",
},
{
enabled: false,
event: "user.login.new-device",
transactionType: "None",
},
{
enabled: false,
event: "user.login.success",
transactionType: "None",
},
{
enabled: false,
event: "user.login.suspicious",
transactionType: "None",
},
{
enabled: false,
event: "user.password.breach",
transactionType: "None",
},
{
enabled: false,
event: "user.password.reset.send",
transactionType: "None",
},
{
enabled: false,
event: "user.password.reset.start",
transactionType: "None",
},
{
enabled: false,
event: "user.password.reset.success",
transactionType: "None",
},
{
enabled: false,
event: "user.password.update",
transactionType: "None",
},
{
enabled: false,
event: "user.reactivate",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.create",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.create.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.delete",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.delete.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.update",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.update.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.verified",
transactionType: "None",
},
{
enabled: false,
event: "user.two-factor.method.add",
transactionType: "None",
},
{
enabled: false,
event: "user.two-factor.method.remove",
transactionType: "None",
},
{
enabled: false,
event: "user.update",
transactionType: "None",
},
{
enabled: false,
event: "user.update.complete",
transactionType: "None",
},
],
externalIdentifierConfiguration: {
authorizationGrantIdTimeToLiveInSeconds: 30,
changePasswordIdGenerator: {
length: 32,
type: "randomBytes",
},
changePasswordIdTimeToLiveInSeconds: 600,
deviceCodeTimeToLiveInSeconds: 1800,
deviceUserCodeIdGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
emailVerificationIdGenerator: {
length: 32,
type: "randomBytes",
},
emailVerificationIdTimeToLiveInSeconds: 86400,
emailVerificationOneTimeCodeGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
externalAuthenticationIdTimeToLiveInSeconds: 300,
loginIntentTimeToLiveInSeconds: 1800,
oneTimePasswordTimeToLiveInSeconds: 60,
passwordlessLoginGenerator: {
length: 32,
type: "randomBytes",
},
passwordlessLoginTimeToLiveInSeconds: 600,
registrationVerificationIdGenerator: {
length: 32,
type: "randomBytes",
},
registrationVerificationIdTimeToLiveInSeconds: 86400,
registrationVerificationOneTimeCodeGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
samlV2AuthnRequestIdTtlSeconds: 300,
setupPasswordIdGenerator: {
length: 32,
type: "randomBytes",
},
setupPasswordIdTimeToLiveInSeconds: 86400,
twoFactorIdTimeToLiveInSeconds: 300,
twoFactorOneTimeCodeIdGenerator: {
length: 6,
type: "randomDigits",
},
twoFactorOneTimeCodeIdTimeToLiveInSeconds: 60,
twoFactorTrustIdTimeToLiveInSeconds: 2592000,
},
failedAuthenticationConfiguration: {
actionDuration: 3,
actionDurationUnit: "MINUTES",
resetCountInSeconds: 60,
tooManyAttempts: 5,
},
familyConfiguration: {
allowChildRegistrations: true,
deleteOrphanedAccounts: false,
deleteOrphanedAccountsDays: 30,
enabled: true,
maximumChildAge: 12,
minimumOwnerAge: 21,
parentEmailRequired: false,
},
formConfiguration: {
adminUserFormId: "e92751a5-25f4-4bca-ad91-66cdf67725d2",
},
httpSessionMaxInactiveInterval: 3600,
issuer: "https://example.com",
jwtConfigurations: [{
accessTokenKeyId: fusionauth_key.accesstoken.id,
idTokenKeyId: fusionauth_key.idtoken.id,
refreshTokenTimeToLiveInMinutes: 43200,
timeToLiveInSeconds: 3600,
}],
loginConfiguration: {
requireAuthentication: true,
},
maximumPasswordAge: {
days: 180,
enabled: false,
},
minimumPasswordAge: {
enabled: false,
seconds: 30,
},
oauthConfigurations: [{
clientCredentialsAccessTokenPopulateLambdaId: fusionauth_lambda.client_jwt_populate.id,
}],
passwordEncryptionConfigurations: [{
encryptionScheme: "salted-pbkdf2-hmac-sha256",
encryptionSchemeFactor: 24000,
modifyEncryptionSchemeOnLogin: false,
}],
passwordValidationRules: {
maxLength: 256,
minLength: 7,
rememberPreviousPasswords: {
count: 1,
enabled: false,
},
requiredMixedCase: false,
requireNonAlpha: false,
requireNumber: false,
validateOnLogin: false,
},
rateLimitConfiguration: {
failedLogin: {
enabled: true,
limit: 5,
timePeriodInSeconds: 60,
},
forgotPassword: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
sendEmailVerification: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
sendPasswordless: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
sendRegistrationVerification: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
sendTwoFactor: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
},
registrationConfiguration: {
blockedDomains: ["example.com"],
},
captchaConfiguration: {
enabled: true,
captchaMethod: "GoogleRecaptchaV3",
siteKey: "captcha_site_key",
secretKey: "captcha_secret_key",
threshold: 0.5,
},
themeId: fusionauth_theme.example_theme.id,
userDeletePolicy: {
unverifiedEnabled: false,
unverifiedNumberOfDaysToRetain: 30,
},
});
import pulumi
import theogravity_pulumi_fusionauth as fusionauth
example = fusionauth.FusionAuthTenant("example",
connector_policies=[{
"connector_id": "b57b3d0f-f7a4-4831-a838-549717362ea8",
"domains": ["*"],
"migrate": False,
}],
email_configuration={
"forgot_password_email_template_id": fusionauth_email["ForgotPassword_Example"]["id"],
"host": "smtp.sendgrid.net",
"password": "password",
"passwordless_email_template_id": fusionauth_email["PasswordlessLogin_Example"]["id"],
"port": 587,
"security": "TLS",
"set_password_email_template_id": fusionauth_email["SetupPassword_Example"]["id"],
"username": "username",
"verify_email": True,
"verify_email_when_changed": True,
"additional_headers": {
"HeaderName1": "HeaderValue1",
"HeaderName2": "HeaderValue2",
},
},
event_configurations=[
{
"enabled": False,
"event": "jwt.public-key.update",
"transaction_type": "None",
},
{
"enabled": False,
"event": "jwt.refresh-token.revoke",
"transaction_type": "None",
},
{
"enabled": False,
"event": "jwt.refresh",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.create",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.create.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.delete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.delete.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.member.add",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.member.add.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.member.remove",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.member.remove.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.member.update",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.member.update.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.update",
"transaction_type": "None",
},
{
"enabled": False,
"event": "group.update.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.action",
"transaction_type": "None",
},
{
"event": "user.bulk.create",
"enabled": False,
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.create",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.create.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.deactivate",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.delete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.delete.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.email.update",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.email.verified",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.identity-provider.link",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.identity-provider.unlink",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.loginId.duplicate.create",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.loginId.duplicate.update",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.login.failed",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.login.new-device",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.login.success",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.login.suspicious",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.password.breach",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.password.reset.send",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.password.reset.start",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.password.reset.success",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.password.update",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.reactivate",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.registration.create",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.registration.create.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.registration.delete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.registration.delete.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.registration.update",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.registration.update.complete",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.registration.verified",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.two-factor.method.add",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.two-factor.method.remove",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.update",
"transaction_type": "None",
},
{
"enabled": False,
"event": "user.update.complete",
"transaction_type": "None",
},
],
external_identifier_configuration={
"authorization_grant_id_time_to_live_in_seconds": 30,
"change_password_id_generator": {
"length": 32,
"type": "randomBytes",
},
"change_password_id_time_to_live_in_seconds": 600,
"device_code_time_to_live_in_seconds": 1800,
"device_user_code_id_generator": {
"length": 6,
"type": "randomAlphaNumeric",
},
"email_verification_id_generator": {
"length": 32,
"type": "randomBytes",
},
"email_verification_id_time_to_live_in_seconds": 86400,
"email_verification_one_time_code_generator": {
"length": 6,
"type": "randomAlphaNumeric",
},
"external_authentication_id_time_to_live_in_seconds": 300,
"login_intent_time_to_live_in_seconds": 1800,
"one_time_password_time_to_live_in_seconds": 60,
"passwordless_login_generator": {
"length": 32,
"type": "randomBytes",
},
"passwordless_login_time_to_live_in_seconds": 600,
"registration_verification_id_generator": {
"length": 32,
"type": "randomBytes",
},
"registration_verification_id_time_to_live_in_seconds": 86400,
"registration_verification_one_time_code_generator": {
"length": 6,
"type": "randomAlphaNumeric",
},
"saml_v2_authn_request_id_ttl_seconds": 300,
"setup_password_id_generator": {
"length": 32,
"type": "randomBytes",
},
"setup_password_id_time_to_live_in_seconds": 86400,
"two_factor_id_time_to_live_in_seconds": 300,
"two_factor_one_time_code_id_generator": {
"length": 6,
"type": "randomDigits",
},
"two_factor_one_time_code_id_time_to_live_in_seconds": 60,
"two_factor_trust_id_time_to_live_in_seconds": 2592000,
},
failed_authentication_configuration={
"action_duration": 3,
"action_duration_unit": "MINUTES",
"reset_count_in_seconds": 60,
"too_many_attempts": 5,
},
family_configuration={
"allow_child_registrations": True,
"delete_orphaned_accounts": False,
"delete_orphaned_accounts_days": 30,
"enabled": True,
"maximum_child_age": 12,
"minimum_owner_age": 21,
"parent_email_required": False,
},
form_configuration={
"admin_user_form_id": "e92751a5-25f4-4bca-ad91-66cdf67725d2",
},
http_session_max_inactive_interval=3600,
issuer="https://example.com",
jwt_configurations=[{
"access_token_key_id": fusionauth_key["accesstoken"]["id"],
"id_token_key_id": fusionauth_key["idtoken"]["id"],
"refresh_token_time_to_live_in_minutes": 43200,
"time_to_live_in_seconds": 3600,
}],
login_configuration={
"require_authentication": True,
},
maximum_password_age={
"days": 180,
"enabled": False,
},
minimum_password_age={
"enabled": False,
"seconds": 30,
},
oauth_configurations=[{
"client_credentials_access_token_populate_lambda_id": fusionauth_lambda["client_jwt_populate"]["id"],
}],
password_encryption_configurations=[{
"encryption_scheme": "salted-pbkdf2-hmac-sha256",
"encryption_scheme_factor": 24000,
"modify_encryption_scheme_on_login": False,
}],
password_validation_rules={
"max_length": 256,
"min_length": 7,
"remember_previous_passwords": {
"count": 1,
"enabled": False,
},
"required_mixed_case": False,
"require_non_alpha": False,
"require_number": False,
"validate_on_login": False,
},
rate_limit_configuration={
"failed_login": {
"enabled": True,
"limit": 5,
"time_period_in_seconds": 60,
},
"forgot_password": {
"enabled": False,
"limit": 5,
"time_period_in_seconds": 60,
},
"send_email_verification": {
"enabled": False,
"limit": 5,
"time_period_in_seconds": 60,
},
"send_passwordless": {
"enabled": False,
"limit": 5,
"time_period_in_seconds": 60,
},
"send_registration_verification": {
"enabled": False,
"limit": 5,
"time_period_in_seconds": 60,
},
"send_two_factor": {
"enabled": False,
"limit": 5,
"time_period_in_seconds": 60,
},
},
registration_configuration={
"blocked_domains": ["example.com"],
},
captcha_configuration={
"enabled": True,
"captcha_method": "GoogleRecaptchaV3",
"site_key": "captcha_site_key",
"secret_key": "captcha_secret_key",
"threshold": 0.5,
},
theme_id=fusionauth_theme["example_theme"]["id"],
user_delete_policy={
"unverified_enabled": False,
"unverified_number_of_days_to_retain": 30,
})
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/theogravity/pulumi-fusionauth/sdk/go/fusionauth"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := fusionauth.NewFusionAuthTenant(ctx, "example", &fusionauth.FusionAuthTenantArgs{
ConnectorPolicies: fusionauth.FusionAuthTenantConnectorPolicyArray{
&fusionauth.FusionAuthTenantConnectorPolicyArgs{
ConnectorId: pulumi.String("b57b3d0f-f7a4-4831-a838-549717362ea8"),
Domains: pulumi.StringArray{
pulumi.String("*"),
},
Migrate: pulumi.Bool(false),
},
},
EmailConfiguration: &fusionauth.FusionAuthTenantEmailConfigurationArgs{
ForgotPasswordEmailTemplateId: pulumi.Any(fusionauth_email.ForgotPassword_Example.Id),
Host: pulumi.String("smtp.sendgrid.net"),
Password: pulumi.String("password"),
PasswordlessEmailTemplateId: pulumi.Any(fusionauth_email.PasswordlessLogin_Example.Id),
Port: pulumi.Int(587),
Security: pulumi.String("TLS"),
SetPasswordEmailTemplateId: pulumi.Any(fusionauth_email.SetupPassword_Example.Id),
Username: pulumi.String("username"),
VerifyEmail: pulumi.Bool(true),
VerifyEmailWhenChanged: pulumi.Bool(true),
AdditionalHeaders: pulumi.StringMap{
"HeaderName1": pulumi.String("HeaderValue1"),
"HeaderName2": pulumi.String("HeaderValue2"),
},
},
EventConfigurations: fusionauth.FusionAuthTenantEventConfigurationArray{
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("jwt.public-key.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("jwt.refresh-token.revoke"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("jwt.refresh"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.create"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.create.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.delete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.delete.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.add"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.add.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.remove"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.remove.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.update.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.update.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.action"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.bulk.create"),
Enabled: pulumi.Bool(false),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.create"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.create.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.deactivate"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.delete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.delete.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.email.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.email.verified"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.identity-provider.link"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.identity-provider.unlink"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.loginId.duplicate.create"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.loginId.duplicate.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.login.failed"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.login.new-device"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.login.success"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.login.suspicious"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.breach"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.reset.send"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.reset.start"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.reset.success"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.reactivate"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.create"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.create.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.delete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.delete.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.update.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.verified"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.two-factor.method.add"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.two-factor.method.remove"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.update.complete"),
TransactionType: pulumi.String("None"),
},
},
ExternalIdentifierConfiguration: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs{
AuthorizationGrantIdTimeToLiveInSeconds: pulumi.Int(30),
ChangePasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
ChangePasswordIdTimeToLiveInSeconds: pulumi.Int(600),
DeviceCodeTimeToLiveInSeconds: pulumi.Int(1800),
DeviceUserCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
EmailVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
EmailVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
EmailVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
ExternalAuthenticationIdTimeToLiveInSeconds: pulumi.Int(300),
LoginIntentTimeToLiveInSeconds: pulumi.Int(1800),
OneTimePasswordTimeToLiveInSeconds: pulumi.Int(60),
PasswordlessLoginGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
PasswordlessLoginTimeToLiveInSeconds: pulumi.Int(600),
RegistrationVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
RegistrationVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
RegistrationVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
SamlV2AuthnRequestIdTtlSeconds: pulumi.Int(300),
SetupPasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
SetupPasswordIdTimeToLiveInSeconds: pulumi.Int(86400),
TwoFactorIdTimeToLiveInSeconds: pulumi.Int(300),
TwoFactorOneTimeCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomDigits"),
},
TwoFactorOneTimeCodeIdTimeToLiveInSeconds: pulumi.Int(60),
TwoFactorTrustIdTimeToLiveInSeconds: pulumi.Int(2592000),
},
FailedAuthenticationConfiguration: &fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs{
ActionDuration: pulumi.Int(3),
ActionDurationUnit: pulumi.String("MINUTES"),
ResetCountInSeconds: pulumi.Int(60),
TooManyAttempts: pulumi.Int(5),
},
FamilyConfiguration: &fusionauth.FusionAuthTenantFamilyConfigurationArgs{
AllowChildRegistrations: pulumi.Bool(true),
DeleteOrphanedAccounts: pulumi.Bool(false),
DeleteOrphanedAccountsDays: pulumi.Int(30),
Enabled: pulumi.Bool(true),
MaximumChildAge: pulumi.Int(12),
MinimumOwnerAge: pulumi.Int(21),
ParentEmailRequired: pulumi.Bool(false),
},
FormConfiguration: &fusionauth.FusionAuthTenantFormConfigurationArgs{
AdminUserFormId: pulumi.String("e92751a5-25f4-4bca-ad91-66cdf67725d2"),
},
HttpSessionMaxInactiveInterval: pulumi.Int(3600),
Issuer: pulumi.String("https://example.com"),
JwtConfigurations: fusionauth.FusionAuthTenantJwtConfigurationArray{
&fusionauth.FusionAuthTenantJwtConfigurationArgs{
AccessTokenKeyId: pulumi.Any(fusionauth_key.Accesstoken.Id),
IdTokenKeyId: pulumi.Any(fusionauth_key.Idtoken.Id),
RefreshTokenTimeToLiveInMinutes: pulumi.Int(43200),
TimeToLiveInSeconds: pulumi.Int(3600),
},
},
LoginConfiguration: &fusionauth.FusionAuthTenantLoginConfigurationArgs{
RequireAuthentication: pulumi.Bool(true),
},
MaximumPasswordAge: &fusionauth.FusionAuthTenantMaximumPasswordAgeArgs{
Days: pulumi.Int(180),
Enabled: pulumi.Bool(false),
},
MinimumPasswordAge: &fusionauth.FusionAuthTenantMinimumPasswordAgeArgs{
Enabled: pulumi.Bool(false),
Seconds: pulumi.Int(30),
},
OauthConfigurations: fusionauth.FusionAuthTenantOauthConfigurationArray{
&fusionauth.FusionAuthTenantOauthConfigurationArgs{
ClientCredentialsAccessTokenPopulateLambdaId: pulumi.Any(fusionauth_lambda.Client_jwt_populate.Id),
},
},
PasswordEncryptionConfigurations: fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArray{
&fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs{
EncryptionScheme: pulumi.String("salted-pbkdf2-hmac-sha256"),
EncryptionSchemeFactor: pulumi.Int(24000),
ModifyEncryptionSchemeOnLogin: pulumi.Bool(false),
},
},
PasswordValidationRules: &fusionauth.FusionAuthTenantPasswordValidationRulesArgs{
MaxLength: pulumi.Int(256),
MinLength: pulumi.Int(7),
RememberPreviousPasswords: &fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs{
Count: pulumi.Int(1),
Enabled: pulumi.Bool(false),
},
RequiredMixedCase: pulumi.Bool(false),
RequireNonAlpha: pulumi.Bool(false),
RequireNumber: pulumi.Bool(false),
ValidateOnLogin: pulumi.Bool(false),
},
RateLimitConfiguration: &fusionauth.FusionAuthTenantRateLimitConfigurationArgs{
FailedLogin: &fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs{
Enabled: pulumi.Bool(true),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
ForgotPassword: &fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
SendEmailVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
SendPasswordless: &fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
SendRegistrationVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
SendTwoFactor: &fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
},
RegistrationConfiguration: &fusionauth.FusionAuthTenantRegistrationConfigurationArgs{
BlockedDomains: pulumi.StringArray{
pulumi.String("example.com"),
},
},
CaptchaConfiguration: &fusionauth.FusionAuthTenantCaptchaConfigurationArgs{
Enabled: pulumi.Bool(true),
CaptchaMethod: pulumi.String("GoogleRecaptchaV3"),
SiteKey: pulumi.String("captcha_site_key"),
SecretKey: pulumi.String("captcha_secret_key"),
Threshold: pulumi.Float64(0.5),
},
ThemeId: pulumi.Any(fusionauth_theme.Example_theme.Id),
UserDeletePolicy: &fusionauth.FusionAuthTenantUserDeletePolicyArgs{
UnverifiedEnabled: pulumi.Bool(false),
UnverifiedNumberOfDaysToRetain: pulumi.Int(30),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fusionauth = theogravity.Fusionauth;
return await Deployment.RunAsync(() =>
{
var example = new Fusionauth.FusionAuthTenant("example", new()
{
ConnectorPolicies = new[]
{
new Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs
{
ConnectorId = "b57b3d0f-f7a4-4831-a838-549717362ea8",
Domains = new[]
{
"*",
},
Migrate = false,
},
},
EmailConfiguration = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
{
ForgotPasswordEmailTemplateId = fusionauth_email.ForgotPassword_Example.Id,
Host = "smtp.sendgrid.net",
Password = "password",
PasswordlessEmailTemplateId = fusionauth_email.PasswordlessLogin_Example.Id,
Port = 587,
Security = "TLS",
SetPasswordEmailTemplateId = fusionauth_email.SetupPassword_Example.Id,
Username = "username",
VerifyEmail = true,
VerifyEmailWhenChanged = true,
AdditionalHeaders =
{
{ "HeaderName1", "HeaderValue1" },
{ "HeaderName2", "HeaderValue2" },
},
},
EventConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "jwt.public-key.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "jwt.refresh-token.revoke",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "jwt.refresh",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.create",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.create.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.delete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.delete.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.add",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.add.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.remove",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.remove.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.update.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.update.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.action",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.bulk.create",
Enabled = false,
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.create",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.create.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.deactivate",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.delete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.delete.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.email.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.email.verified",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.identity-provider.link",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.identity-provider.unlink",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.loginId.duplicate.create",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.loginId.duplicate.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.login.failed",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.login.new-device",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.login.success",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.login.suspicious",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.breach",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.reset.send",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.reset.start",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.reset.success",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.reactivate",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.create",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.create.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.delete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.delete.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.update.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.verified",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.two-factor.method.add",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.two-factor.method.remove",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.update.complete",
TransactionType = "None",
},
},
ExternalIdentifierConfiguration = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
{
AuthorizationGrantIdTimeToLiveInSeconds = 30,
ChangePasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
ChangePasswordIdTimeToLiveInSeconds = 600,
DeviceCodeTimeToLiveInSeconds = 1800,
DeviceUserCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
EmailVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
EmailVerificationIdTimeToLiveInSeconds = 86400,
EmailVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
ExternalAuthenticationIdTimeToLiveInSeconds = 300,
LoginIntentTimeToLiveInSeconds = 1800,
OneTimePasswordTimeToLiveInSeconds = 60,
PasswordlessLoginGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
PasswordlessLoginTimeToLiveInSeconds = 600,
RegistrationVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
RegistrationVerificationIdTimeToLiveInSeconds = 86400,
RegistrationVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
SamlV2AuthnRequestIdTtlSeconds = 300,
SetupPasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
SetupPasswordIdTimeToLiveInSeconds = 86400,
TwoFactorIdTimeToLiveInSeconds = 300,
TwoFactorOneTimeCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
{
Length = 6,
Type = "randomDigits",
},
TwoFactorOneTimeCodeIdTimeToLiveInSeconds = 60,
TwoFactorTrustIdTimeToLiveInSeconds = 2592000,
},
FailedAuthenticationConfiguration = new Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
{
ActionDuration = 3,
ActionDurationUnit = "MINUTES",
ResetCountInSeconds = 60,
TooManyAttempts = 5,
},
FamilyConfiguration = new Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
{
AllowChildRegistrations = true,
DeleteOrphanedAccounts = false,
DeleteOrphanedAccountsDays = 30,
Enabled = true,
MaximumChildAge = 12,
MinimumOwnerAge = 21,
ParentEmailRequired = false,
},
FormConfiguration = new Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
{
AdminUserFormId = "e92751a5-25f4-4bca-ad91-66cdf67725d2",
},
HttpSessionMaxInactiveInterval = 3600,
Issuer = "https://example.com",
JwtConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs
{
AccessTokenKeyId = fusionauth_key.Accesstoken.Id,
IdTokenKeyId = fusionauth_key.Idtoken.Id,
RefreshTokenTimeToLiveInMinutes = 43200,
TimeToLiveInSeconds = 3600,
},
},
LoginConfiguration = new Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
{
RequireAuthentication = true,
},
MaximumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
{
Days = 180,
Enabled = false,
},
MinimumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
{
Enabled = false,
Seconds = 30,
},
OauthConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs
{
ClientCredentialsAccessTokenPopulateLambdaId = fusionauth_lambda.Client_jwt_populate.Id,
},
},
PasswordEncryptionConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs
{
EncryptionScheme = "salted-pbkdf2-hmac-sha256",
EncryptionSchemeFactor = 24000,
ModifyEncryptionSchemeOnLogin = false,
},
},
PasswordValidationRules = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
{
MaxLength = 256,
MinLength = 7,
RememberPreviousPasswords = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
{
Count = 1,
Enabled = false,
},
RequiredMixedCase = false,
RequireNonAlpha = false,
RequireNumber = false,
ValidateOnLogin = false,
},
RateLimitConfiguration = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationArgs
{
FailedLogin = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs
{
Enabled = true,
Limit = 5,
TimePeriodInSeconds = 60,
},
ForgotPassword = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
SendEmailVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
SendPasswordless = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
SendRegistrationVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
SendTwoFactor = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
},
RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthTenantRegistrationConfigurationArgs
{
BlockedDomains = new[]
{
"example.com",
},
},
CaptchaConfiguration = new Fusionauth.Inputs.FusionAuthTenantCaptchaConfigurationArgs
{
Enabled = true,
CaptchaMethod = "GoogleRecaptchaV3",
SiteKey = "captcha_site_key",
SecretKey = "captcha_secret_key",
Threshold = 0.5,
},
ThemeId = fusionauth_theme.Example_theme.Id,
UserDeletePolicy = new Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
{
UnverifiedEnabled = false,
UnverifiedNumberOfDaysToRetain = 30,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fusionauth.FusionAuthTenant;
import com.pulumi.fusionauth.FusionAuthTenantArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantConnectorPolicyArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantEmailConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantEventConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFamilyConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFormConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantJwtConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantLoginConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantMaximumPasswordAgeArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantMinimumPasswordAgeArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantOauthConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRegistrationConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantCaptchaConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantUserDeletePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new FusionAuthTenant("example", FusionAuthTenantArgs.builder()
.connectorPolicies(FusionAuthTenantConnectorPolicyArgs.builder()
.connectorId("b57b3d0f-f7a4-4831-a838-549717362ea8")
.domains("*")
.migrate(false)
.build())
.emailConfiguration(FusionAuthTenantEmailConfigurationArgs.builder()
.forgotPasswordEmailTemplateId(fusionauth_email.ForgotPassword_Example().id())
.host("smtp.sendgrid.net")
.password("password")
.passwordlessEmailTemplateId(fusionauth_email.PasswordlessLogin_Example().id())
.port(587)
.security("TLS")
.setPasswordEmailTemplateId(fusionauth_email.SetupPassword_Example().id())
.username("username")
.verifyEmail(true)
.verifyEmailWhenChanged(true)
.additionalHeaders(Map.ofEntries(
Map.entry("HeaderName1", "HeaderValue1"),
Map.entry("HeaderName2", "HeaderValue2")
))
.build())
.eventConfigurations(
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("jwt.public-key.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("jwt.refresh-token.revoke")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("jwt.refresh")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.create")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.create.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.delete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.delete.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.add")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.add.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.remove")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.remove.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.update.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.update.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.action")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.bulk.create")
.enabled(false)
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.create")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.create.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.deactivate")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.delete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.delete.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.email.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.email.verified")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.identity-provider.link")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.identity-provider.unlink")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.loginId.duplicate.create")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.loginId.duplicate.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.login.failed")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.login.new-device")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.login.success")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.login.suspicious")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.breach")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.reset.send")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.reset.start")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.reset.success")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.reactivate")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.create")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.create.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.delete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.delete.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.update.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.verified")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.two-factor.method.add")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.two-factor.method.remove")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.update.complete")
.transactionType("None")
.build())
.externalIdentifierConfiguration(FusionAuthTenantExternalIdentifierConfigurationArgs.builder()
.authorizationGrantIdTimeToLiveInSeconds(30)
.changePasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.changePasswordIdTimeToLiveInSeconds(600)
.deviceCodeTimeToLiveInSeconds(1800)
.deviceUserCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.emailVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.emailVerificationIdTimeToLiveInSeconds(86400)
.emailVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.externalAuthenticationIdTimeToLiveInSeconds(300)
.loginIntentTimeToLiveInSeconds(1800)
.oneTimePasswordTimeToLiveInSeconds(60)
.passwordlessLoginGenerator(FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.passwordlessLoginTimeToLiveInSeconds(600)
.registrationVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.registrationVerificationIdTimeToLiveInSeconds(86400)
.registrationVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.samlV2AuthnRequestIdTtlSeconds(300)
.setupPasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.setupPasswordIdTimeToLiveInSeconds(86400)
.twoFactorIdTimeToLiveInSeconds(300)
.twoFactorOneTimeCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs.builder()
.length(6)
.type("randomDigits")
.build())
.twoFactorOneTimeCodeIdTimeToLiveInSeconds(60)
.twoFactorTrustIdTimeToLiveInSeconds(2592000)
.build())
.failedAuthenticationConfiguration(FusionAuthTenantFailedAuthenticationConfigurationArgs.builder()
.actionDuration(3)
.actionDurationUnit("MINUTES")
.resetCountInSeconds(60)
.tooManyAttempts(5)
.build())
.familyConfiguration(FusionAuthTenantFamilyConfigurationArgs.builder()
.allowChildRegistrations(true)
.deleteOrphanedAccounts(false)
.deleteOrphanedAccountsDays(30)
.enabled(true)
.maximumChildAge(12)
.minimumOwnerAge(21)
.parentEmailRequired(false)
.build())
.formConfiguration(FusionAuthTenantFormConfigurationArgs.builder()
.adminUserFormId("e92751a5-25f4-4bca-ad91-66cdf67725d2")
.build())
.httpSessionMaxInactiveInterval(3600)
.issuer("https://example.com")
.jwtConfigurations(FusionAuthTenantJwtConfigurationArgs.builder()
.accessTokenKeyId(fusionauth_key.accesstoken().id())
.idTokenKeyId(fusionauth_key.idtoken().id())
.refreshTokenTimeToLiveInMinutes(43200)
.timeToLiveInSeconds(3600)
.build())
.loginConfiguration(FusionAuthTenantLoginConfigurationArgs.builder()
.requireAuthentication(true)
.build())
.maximumPasswordAge(FusionAuthTenantMaximumPasswordAgeArgs.builder()
.days(180)
.enabled(false)
.build())
.minimumPasswordAge(FusionAuthTenantMinimumPasswordAgeArgs.builder()
.enabled(false)
.seconds(30)
.build())
.oauthConfigurations(FusionAuthTenantOauthConfigurationArgs.builder()
.clientCredentialsAccessTokenPopulateLambdaId(fusionauth_lambda.client_jwt_populate().id())
.build())
.passwordEncryptionConfigurations(FusionAuthTenantPasswordEncryptionConfigurationArgs.builder()
.encryptionScheme("salted-pbkdf2-hmac-sha256")
.encryptionSchemeFactor(24000)
.modifyEncryptionSchemeOnLogin(false)
.build())
.passwordValidationRules(FusionAuthTenantPasswordValidationRulesArgs.builder()
.maxLength(256)
.minLength(7)
.rememberPreviousPasswords(FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs.builder()
.count(1)
.enabled(false)
.build())
.requiredMixedCase(false)
.requireNonAlpha(false)
.requireNumber(false)
.validateOnLogin(false)
.build())
.rateLimitConfiguration(FusionAuthTenantRateLimitConfigurationArgs.builder()
.failedLogin(FusionAuthTenantRateLimitConfigurationFailedLoginArgs.builder()
.enabled(true)
.limit(5)
.timePeriodInSeconds(60)
.build())
.forgotPassword(FusionAuthTenantRateLimitConfigurationForgotPasswordArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.sendEmailVerification(FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.sendPasswordless(FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.sendRegistrationVerification(FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.sendTwoFactor(FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.build())
.registrationConfiguration(FusionAuthTenantRegistrationConfigurationArgs.builder()
.blockedDomains("example.com")
.build())
.captchaConfiguration(FusionAuthTenantCaptchaConfigurationArgs.builder()
.enabled(true)
.captchaMethod("GoogleRecaptchaV3")
.siteKey("captcha_site_key")
.secretKey("captcha_secret_key")
.threshold(0.5)
.build())
.themeId(fusionauth_theme.example_theme().id())
.userDeletePolicy(FusionAuthTenantUserDeletePolicyArgs.builder()
.unverifiedEnabled(false)
.unverifiedNumberOfDaysToRetain(30)
.build())
.build());
}
}
resources:
example:
type: fusionauth:FusionAuthTenant
properties:
connectorPolicies:
- connectorId: b57b3d0f-f7a4-4831-a838-549717362ea8
domains:
- '*'
migrate: false
emailConfiguration:
forgotPasswordEmailTemplateId: ${fusionauth_email.ForgotPassword_Example.id}
host: smtp.sendgrid.net
password: password
passwordlessEmailTemplateId: ${fusionauth_email.PasswordlessLogin_Example.id}
port: 587
security: TLS
setPasswordEmailTemplateId: ${fusionauth_email.SetupPassword_Example.id}
username: username
verifyEmail: true
verifyEmailWhenChanged: true
additionalHeaders:
HeaderName1: HeaderValue1
HeaderName2: HeaderValue2
eventConfigurations:
- enabled: false
event: jwt.public-key.update
transactionType: None
- enabled: false
event: jwt.refresh-token.revoke
transactionType: None
- enabled: false
event: jwt.refresh
transactionType: None
- enabled: false
event: group.create
transactionType: None
- enabled: false
event: group.create.complete
transactionType: None
- enabled: false
event: group.delete
transactionType: None
- enabled: false
event: group.delete.complete
transactionType: None
- enabled: false
event: group.member.add
transactionType: None
- enabled: false
event: group.member.add.complete
transactionType: None
- enabled: false
event: group.member.remove
transactionType: None
- enabled: false
event: group.member.remove.complete
transactionType: None
- enabled: false
event: group.member.update
transactionType: None
- enabled: false
event: group.member.update.complete
transactionType: None
- enabled: false
event: group.update
transactionType: None
- enabled: false
event: group.update.complete
transactionType: None
- enabled: false
event: user.action
transactionType: None
- event: user.bulk.create
enabled: false
transactionType: None
- enabled: false
event: user.create
transactionType: None
- enabled: false
event: user.create.complete
transactionType: None
- enabled: false
event: user.deactivate
transactionType: None
- enabled: false
event: user.delete
transactionType: None
- enabled: false
event: user.delete.complete
transactionType: None
- enabled: false
event: user.email.update
transactionType: None
- enabled: false
event: user.email.verified
transactionType: None
- enabled: false
event: user.identity-provider.link
transactionType: None
- enabled: false
event: user.identity-provider.unlink
transactionType: None
- enabled: false
event: user.loginId.duplicate.create
transactionType: None
- enabled: false
event: user.loginId.duplicate.update
transactionType: None
- enabled: false
event: user.login.failed
transactionType: None
- enabled: false
event: user.login.new-device
transactionType: None
- enabled: false
event: user.login.success
transactionType: None
- enabled: false
event: user.login.suspicious
transactionType: None
- enabled: false
event: user.password.breach
transactionType: None
- enabled: false
event: user.password.reset.send
transactionType: None
- enabled: false
event: user.password.reset.start
transactionType: None
- enabled: false
event: user.password.reset.success
transactionType: None
- enabled: false
event: user.password.update
transactionType: None
- enabled: false
event: user.reactivate
transactionType: None
- enabled: false
event: user.registration.create
transactionType: None
- enabled: false
event: user.registration.create.complete
transactionType: None
- enabled: false
event: user.registration.delete
transactionType: None
- enabled: false
event: user.registration.delete.complete
transactionType: None
- enabled: false
event: user.registration.update
transactionType: None
- enabled: false
event: user.registration.update.complete
transactionType: None
- enabled: false
event: user.registration.verified
transactionType: None
- enabled: false
event: user.two-factor.method.add
transactionType: None
- enabled: false
event: user.two-factor.method.remove
transactionType: None
- enabled: false
event: user.update
transactionType: None
- enabled: false
event: user.update.complete
transactionType: None
externalIdentifierConfiguration:
authorizationGrantIdTimeToLiveInSeconds: 30
changePasswordIdGenerator:
length: 32
type: randomBytes
changePasswordIdTimeToLiveInSeconds: 600
deviceCodeTimeToLiveInSeconds: 1800
deviceUserCodeIdGenerator:
length: 6
type: randomAlphaNumeric
emailVerificationIdGenerator:
length: 32
type: randomBytes
emailVerificationIdTimeToLiveInSeconds: 86400
emailVerificationOneTimeCodeGenerator:
length: 6
type: randomAlphaNumeric
externalAuthenticationIdTimeToLiveInSeconds: 300
loginIntentTimeToLiveInSeconds: 1800
oneTimePasswordTimeToLiveInSeconds: 60
passwordlessLoginGenerator:
length: 32
type: randomBytes
passwordlessLoginTimeToLiveInSeconds: 600
registrationVerificationIdGenerator:
length: 32
type: randomBytes
registrationVerificationIdTimeToLiveInSeconds: 86400
registrationVerificationOneTimeCodeGenerator:
length: 6
type: randomAlphaNumeric
samlV2AuthnRequestIdTtlSeconds: 300
setupPasswordIdGenerator:
length: 32
type: randomBytes
setupPasswordIdTimeToLiveInSeconds: 86400
twoFactorIdTimeToLiveInSeconds: 300
twoFactorOneTimeCodeIdGenerator:
length: 6
type: randomDigits
twoFactorOneTimeCodeIdTimeToLiveInSeconds: 60
twoFactorTrustIdTimeToLiveInSeconds: 2.592e+06
failedAuthenticationConfiguration:
actionDuration: 3
actionDurationUnit: MINUTES
resetCountInSeconds: 60
tooManyAttempts: 5
familyConfiguration:
allowChildRegistrations: true
deleteOrphanedAccounts: false
deleteOrphanedAccountsDays: 30
enabled: true
maximumChildAge: 12
minimumOwnerAge: 21
parentEmailRequired: false
formConfiguration:
adminUserFormId: e92751a5-25f4-4bca-ad91-66cdf67725d2
httpSessionMaxInactiveInterval: 3600
issuer: https://example.com
jwtConfigurations:
- accessTokenKeyId: ${fusionauth_key.accesstoken.id}
idTokenKeyId: ${fusionauth_key.idtoken.id}
refreshTokenTimeToLiveInMinutes: 43200
timeToLiveInSeconds: 3600
loginConfiguration:
requireAuthentication: true
maximumPasswordAge:
days: 180
enabled: false
minimumPasswordAge:
enabled: false
seconds: 30
oauthConfigurations:
- clientCredentialsAccessTokenPopulateLambdaId: ${fusionauth_lambda.client_jwt_populate.id}
passwordEncryptionConfigurations:
- encryptionScheme: salted-pbkdf2-hmac-sha256
encryptionSchemeFactor: 24000
modifyEncryptionSchemeOnLogin: false
passwordValidationRules:
maxLength: 256
minLength: 7
rememberPreviousPasswords:
count: 1
enabled: false
requiredMixedCase: false
requireNonAlpha: false
requireNumber: false
validateOnLogin: false
rateLimitConfiguration:
failedLogin:
enabled: true
limit: 5
timePeriodInSeconds: 60
forgotPassword:
enabled: false
limit: 5
timePeriodInSeconds: 60
sendEmailVerification:
enabled: false
limit: 5
timePeriodInSeconds: 60
sendPasswordless:
enabled: false
limit: 5
timePeriodInSeconds: 60
sendRegistrationVerification:
enabled: false
limit: 5
timePeriodInSeconds: 60
sendTwoFactor:
enabled: false
limit: 5
timePeriodInSeconds: 60
registrationConfiguration:
blockedDomains:
- example.com
captchaConfiguration:
enabled: true
captchaMethod: GoogleRecaptchaV3
siteKey: captcha_site_key
secretKey: captcha_secret_key
threshold: 0.5
themeId: ${fusionauth_theme.example_theme.id}
userDeletePolicy:
unverifiedEnabled: false
unverifiedNumberOfDaysToRetain: 30
Create FusionAuthTenant Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new FusionAuthTenant(name: string, args?: FusionAuthTenantArgs, opts?: CustomResourceOptions);
@overload
def FusionAuthTenant(resource_name: str,
args: Optional[FusionAuthTenantArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def FusionAuthTenant(resource_name: str,
opts: Optional[ResourceOptions] = None,
access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
data: Optional[Mapping[str, str]] = None,
email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
http_session_max_inactive_interval: Optional[int] = None,
issuer: Optional[str] = None,
jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
lambda_configuration: Optional[FusionAuthTenantLambdaConfigurationArgs] = None,
login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
logout_url: Optional[str] = None,
maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
name: Optional[str] = None,
oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
rate_limit_configuration: Optional[FusionAuthTenantRateLimitConfigurationArgs] = None,
registration_configuration: Optional[FusionAuthTenantRegistrationConfigurationArgs] = None,
scim_server_configuration: Optional[FusionAuthTenantScimServerConfigurationArgs] = None,
source_tenant_id: Optional[str] = None,
sso_configuration: Optional[FusionAuthTenantSsoConfigurationArgs] = None,
tenant_id: Optional[str] = None,
theme_id: Optional[str] = None,
user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None,
webauthn_configuration: Optional[FusionAuthTenantWebauthnConfigurationArgs] = None,
webhook_ids: Optional[Sequence[str]] = None)
func NewFusionAuthTenant(ctx *Context, name string, args *FusionAuthTenantArgs, opts ...ResourceOption) (*FusionAuthTenant, error)
public FusionAuthTenant(string name, FusionAuthTenantArgs? args = null, CustomResourceOptions? opts = null)
public FusionAuthTenant(String name, FusionAuthTenantArgs args)
public FusionAuthTenant(String name, FusionAuthTenantArgs args, CustomResourceOptions options)
type: fusionauth:FusionAuthTenant
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var fusionAuthTenantResource = new Fusionauth.FusionAuthTenant("fusionAuthTenantResource", new()
{
AccessControlConfiguration = new Fusionauth.Inputs.FusionAuthTenantAccessControlConfigurationArgs
{
UiIpAccessControlListId = "string",
},
CaptchaConfiguration = new Fusionauth.Inputs.FusionAuthTenantCaptchaConfigurationArgs
{
CaptchaMethod = "string",
Enabled = false,
SecretKey = "string",
SiteKey = "string",
Threshold = 0,
},
ConnectorPolicies = new[]
{
new Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs
{
ConnectorId = "string",
Domains = new[]
{
"string",
},
Migrate = false,
},
},
Data =
{
{ "string", "string" },
},
EmailConfiguration = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
{
AdditionalHeaders =
{
{ "string", "string" },
},
Debug = false,
DefaultFromEmail = "string",
DefaultFromName = "string",
EmailUpdateEmailTemplateId = "string",
EmailVerifiedEmailTemplateId = "string",
ForgotPasswordEmailTemplateId = "string",
Host = "string",
ImplicitEmailVerificationAllowed = false,
LoginIdInUseOnCreateEmailTemplateId = "string",
LoginIdInUseOnUpdateEmailTemplateId = "string",
LoginNewDeviceEmailTemplateId = "string",
LoginSuspiciousEmailTemplateId = "string",
Password = "string",
PasswordResetSuccessEmailTemplateId = "string",
PasswordUpdateEmailTemplateId = "string",
PasswordlessEmailTemplateId = "string",
Port = 0,
Properties = "string",
Security = "string",
SetPasswordEmailTemplateId = "string",
TwoFactorMethodAddEmailTemplateId = "string",
TwoFactorMethodRemoveEmailTemplateId = "string",
Unverified = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationUnverifiedArgs
{
AllowEmailChangeWhenGated = false,
Behavior = "string",
},
Username = "string",
VerificationEmailTemplateId = "string",
VerificationStrategy = "string",
VerifyEmail = false,
VerifyEmailWhenChanged = false,
},
EventConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "string",
TransactionType = "string",
},
},
ExternalIdentifierConfiguration = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
{
AuthorizationGrantIdTimeToLiveInSeconds = 0,
ChangePasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
{
Length = 0,
Type = "string",
},
ChangePasswordIdTimeToLiveInSeconds = 0,
DeviceCodeTimeToLiveInSeconds = 0,
DeviceUserCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
{
Length = 0,
Type = "string",
},
EmailVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
{
Length = 0,
Type = "string",
},
EmailVerificationIdTimeToLiveInSeconds = 0,
EmailVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
{
Length = 0,
Type = "string",
},
ExternalAuthenticationIdTimeToLiveInSeconds = 0,
LoginIntentTimeToLiveInSeconds = 0,
OneTimePasswordTimeToLiveInSeconds = 0,
PasswordlessLoginGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
{
Length = 0,
Type = "string",
},
PasswordlessLoginTimeToLiveInSeconds = 0,
PendingAccountLinkTimeToLiveInSeconds = 0,
RegistrationVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
{
Length = 0,
Type = "string",
},
RegistrationVerificationIdTimeToLiveInSeconds = 0,
RegistrationVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
{
Length = 0,
Type = "string",
},
RememberOauthScopeConsentChoiceTimeToLiveInSeconds = 0,
SamlV2AuthnRequestIdTtlSeconds = 0,
SetupPasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
{
Length = 0,
Type = "string",
},
SetupPasswordIdTimeToLiveInSeconds = 0,
TrustTokenTimeToLiveInSeconds = 0,
TwoFactorIdTimeToLiveInSeconds = 0,
TwoFactorOneTimeCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
{
Length = 0,
Type = "string",
},
TwoFactorOneTimeCodeIdTimeToLiveInSeconds = 0,
TwoFactorTrustIdTimeToLiveInSeconds = 0,
WebauthnAuthenticationChallengeTimeToLiveInSeconds = 0,
WebauthnRegistrationChallengeTimeToLiveInSeconds = 0,
},
FailedAuthenticationConfiguration = new Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
{
ActionCancelPolicyOnPasswordReset = false,
ActionDuration = 0,
ActionDurationUnit = "string",
EmailUser = false,
ResetCountInSeconds = 0,
TooManyAttempts = 0,
UserActionId = "string",
},
FamilyConfiguration = new Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
{
AllowChildRegistrations = false,
ConfirmChildEmailTemplateId = "string",
DeleteOrphanedAccounts = false,
DeleteOrphanedAccountsDays = 0,
Enabled = false,
FamilyRequestEmailTemplateId = "string",
MaximumChildAge = 0,
MinimumOwnerAge = 0,
ParentEmailRequired = false,
ParentRegistrationEmailTemplateId = "string",
},
FormConfiguration = new Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
{
AdminUserFormId = "string",
},
HttpSessionMaxInactiveInterval = 0,
Issuer = "string",
JwtConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs
{
AccessTokenKeyId = "string",
IdTokenKeyId = "string",
RefreshTokenExpirationPolicy = "string",
RefreshTokenOneTimeUseConfigurationGracePeriodInSeconds = 0,
RefreshTokenRevocationPolicyOnLoginPrevented = false,
RefreshTokenRevocationPolicyOnMultiFactorEnable = false,
RefreshTokenRevocationPolicyOnOneTimeTokenReuse = false,
RefreshTokenRevocationPolicyOnPasswordChange = false,
RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes = 0,
RefreshTokenTimeToLiveInMinutes = 0,
RefreshTokenUsagePolicy = "string",
TimeToLiveInSeconds = 0,
},
},
LambdaConfiguration = new Fusionauth.Inputs.FusionAuthTenantLambdaConfigurationArgs
{
LoginValidationId = "string",
ScimEnterpriseUserRequestConverterId = "string",
ScimEnterpriseUserResponseConverterId = "string",
ScimGroupRequestConverterId = "string",
ScimGroupResponseConverterId = "string",
ScimUserRequestConverterId = "string",
ScimUserResponseConverterId = "string",
},
LoginConfiguration = new Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
{
RequireAuthentication = false,
},
LogoutUrl = "string",
MaximumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
{
Days = 0,
Enabled = false,
},
MinimumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
{
Enabled = false,
Seconds = 0,
},
MultiFactorConfiguration = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationArgs
{
Authenticator = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs
{
Enabled = false,
},
Email = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationEmailArgs
{
Enabled = false,
TemplateId = "string",
},
LoginPolicy = "string",
Sms = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationSmsArgs
{
Enabled = false,
MessengerId = "string",
TemplateId = "string",
},
},
Name = "string",
OauthConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs
{
ClientCredentialsAccessTokenPopulateLambdaId = "string",
},
},
PasswordEncryptionConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs
{
EncryptionScheme = "string",
EncryptionSchemeFactor = 0,
ModifyEncryptionSchemeOnLogin = false,
},
},
PasswordValidationRules = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
{
BreachDetection = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesBreachDetectionArgs
{
Enabled = false,
MatchMode = "string",
NotifyUserEmailTemplateId = "string",
OnLogin = "string",
},
MaxLength = 0,
MinLength = 0,
RememberPreviousPasswords = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
{
Count = 0,
Enabled = false,
},
RequireNonAlpha = false,
RequireNumber = false,
RequiredMixedCase = false,
ValidateOnLogin = false,
},
RateLimitConfiguration = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationArgs
{
FailedLogin = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
ForgotPassword = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
SendEmailVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
SendPasswordless = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
SendRegistrationVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
SendTwoFactor = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
},
RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthTenantRegistrationConfigurationArgs
{
BlockedDomains = new[]
{
"string",
},
},
ScimServerConfiguration = new Fusionauth.Inputs.FusionAuthTenantScimServerConfigurationArgs
{
ClientEntityTypeId = "string",
ServerEntityTypeId = "string",
Enabled = false,
Schemas = "string",
},
SourceTenantId = "string",
SsoConfiguration = new Fusionauth.Inputs.FusionAuthTenantSsoConfigurationArgs
{
DeviceTrustTimeToLiveInSeconds = 0,
},
TenantId = "string",
ThemeId = "string",
UserDeletePolicy = new Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
{
UnverifiedEnabled = false,
UnverifiedNumberOfDaysToRetain = 0,
},
UsernameConfiguration = new Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationArgs
{
Unique = new Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationUniqueArgs
{
Enabled = false,
NumberOfDigits = 0,
Separator = "string",
Strategy = "string",
},
},
WebauthnConfiguration = new Fusionauth.Inputs.FusionAuthTenantWebauthnConfigurationArgs
{
BootstrapWorkflow = new Fusionauth.Inputs.FusionAuthTenantWebauthnConfigurationBootstrapWorkflowArgs
{
AuthenticatorAttachmentPreference = "string",
Enabled = false,
UserVerificationRequirement = "string",
},
Debug = false,
Enabled = false,
ReauthenticationWorkflow = new Fusionauth.Inputs.FusionAuthTenantWebauthnConfigurationReauthenticationWorkflowArgs
{
AuthenticatorAttachmentPreference = "string",
Enabled = false,
UserVerificationRequirement = "string",
},
RelyingPartyId = "string",
RelyingPartyName = "string",
},
WebhookIds = new[]
{
"string",
},
});
example, err := fusionauth.NewFusionAuthTenant(ctx, "fusionAuthTenantResource", &fusionauth.FusionAuthTenantArgs{
AccessControlConfiguration: &fusionauth.FusionAuthTenantAccessControlConfigurationArgs{
UiIpAccessControlListId: pulumi.String("string"),
},
CaptchaConfiguration: &fusionauth.FusionAuthTenantCaptchaConfigurationArgs{
CaptchaMethod: pulumi.String("string"),
Enabled: pulumi.Bool(false),
SecretKey: pulumi.String("string"),
SiteKey: pulumi.String("string"),
Threshold: pulumi.Float64(0),
},
ConnectorPolicies: fusionauth.FusionAuthTenantConnectorPolicyArray{
&fusionauth.FusionAuthTenantConnectorPolicyArgs{
ConnectorId: pulumi.String("string"),
Domains: pulumi.StringArray{
pulumi.String("string"),
},
Migrate: pulumi.Bool(false),
},
},
Data: pulumi.StringMap{
"string": pulumi.String("string"),
},
EmailConfiguration: &fusionauth.FusionAuthTenantEmailConfigurationArgs{
AdditionalHeaders: pulumi.StringMap{
"string": pulumi.String("string"),
},
Debug: pulumi.Bool(false),
DefaultFromEmail: pulumi.String("string"),
DefaultFromName: pulumi.String("string"),
EmailUpdateEmailTemplateId: pulumi.String("string"),
EmailVerifiedEmailTemplateId: pulumi.String("string"),
ForgotPasswordEmailTemplateId: pulumi.String("string"),
Host: pulumi.String("string"),
ImplicitEmailVerificationAllowed: pulumi.Bool(false),
LoginIdInUseOnCreateEmailTemplateId: pulumi.String("string"),
LoginIdInUseOnUpdateEmailTemplateId: pulumi.String("string"),
LoginNewDeviceEmailTemplateId: pulumi.String("string"),
LoginSuspiciousEmailTemplateId: pulumi.String("string"),
Password: pulumi.String("string"),
PasswordResetSuccessEmailTemplateId: pulumi.String("string"),
PasswordUpdateEmailTemplateId: pulumi.String("string"),
PasswordlessEmailTemplateId: pulumi.String("string"),
Port: pulumi.Int(0),
Properties: pulumi.String("string"),
Security: pulumi.String("string"),
SetPasswordEmailTemplateId: pulumi.String("string"),
TwoFactorMethodAddEmailTemplateId: pulumi.String("string"),
TwoFactorMethodRemoveEmailTemplateId: pulumi.String("string"),
Unverified: &fusionauth.FusionAuthTenantEmailConfigurationUnverifiedArgs{
AllowEmailChangeWhenGated: pulumi.Bool(false),
Behavior: pulumi.String("string"),
},
Username: pulumi.String("string"),
VerificationEmailTemplateId: pulumi.String("string"),
VerificationStrategy: pulumi.String("string"),
VerifyEmail: pulumi.Bool(false),
VerifyEmailWhenChanged: pulumi.Bool(false),
},
EventConfigurations: fusionauth.FusionAuthTenantEventConfigurationArray{
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("string"),
TransactionType: pulumi.String("string"),
},
},
ExternalIdentifierConfiguration: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs{
AuthorizationGrantIdTimeToLiveInSeconds: pulumi.Int(0),
ChangePasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
ChangePasswordIdTimeToLiveInSeconds: pulumi.Int(0),
DeviceCodeTimeToLiveInSeconds: pulumi.Int(0),
DeviceUserCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
EmailVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
EmailVerificationIdTimeToLiveInSeconds: pulumi.Int(0),
EmailVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
ExternalAuthenticationIdTimeToLiveInSeconds: pulumi.Int(0),
LoginIntentTimeToLiveInSeconds: pulumi.Int(0),
OneTimePasswordTimeToLiveInSeconds: pulumi.Int(0),
PasswordlessLoginGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
PasswordlessLoginTimeToLiveInSeconds: pulumi.Int(0),
PendingAccountLinkTimeToLiveInSeconds: pulumi.Int(0),
RegistrationVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
RegistrationVerificationIdTimeToLiveInSeconds: pulumi.Int(0),
RegistrationVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
RememberOauthScopeConsentChoiceTimeToLiveInSeconds: pulumi.Int(0),
SamlV2AuthnRequestIdTtlSeconds: pulumi.Int(0),
SetupPasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
SetupPasswordIdTimeToLiveInSeconds: pulumi.Int(0),
TrustTokenTimeToLiveInSeconds: pulumi.Int(0),
TwoFactorIdTimeToLiveInSeconds: pulumi.Int(0),
TwoFactorOneTimeCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
TwoFactorOneTimeCodeIdTimeToLiveInSeconds: pulumi.Int(0),
TwoFactorTrustIdTimeToLiveInSeconds: pulumi.Int(0),
WebauthnAuthenticationChallengeTimeToLiveInSeconds: pulumi.Int(0),
WebauthnRegistrationChallengeTimeToLiveInSeconds: pulumi.Int(0),
},
FailedAuthenticationConfiguration: &fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs{
ActionCancelPolicyOnPasswordReset: pulumi.Bool(false),
ActionDuration: pulumi.Int(0),
ActionDurationUnit: pulumi.String("string"),
EmailUser: pulumi.Bool(false),
ResetCountInSeconds: pulumi.Int(0),
TooManyAttempts: pulumi.Int(0),
UserActionId: pulumi.String("string"),
},
FamilyConfiguration: &fusionauth.FusionAuthTenantFamilyConfigurationArgs{
AllowChildRegistrations: pulumi.Bool(false),
ConfirmChildEmailTemplateId: pulumi.String("string"),
DeleteOrphanedAccounts: pulumi.Bool(false),
DeleteOrphanedAccountsDays: pulumi.Int(0),
Enabled: pulumi.Bool(false),
FamilyRequestEmailTemplateId: pulumi.String("string"),
MaximumChildAge: pulumi.Int(0),
MinimumOwnerAge: pulumi.Int(0),
ParentEmailRequired: pulumi.Bool(false),
ParentRegistrationEmailTemplateId: pulumi.String("string"),
},
FormConfiguration: &fusionauth.FusionAuthTenantFormConfigurationArgs{
AdminUserFormId: pulumi.String("string"),
},
HttpSessionMaxInactiveInterval: pulumi.Int(0),
Issuer: pulumi.String("string"),
JwtConfigurations: fusionauth.FusionAuthTenantJwtConfigurationArray{
&fusionauth.FusionAuthTenantJwtConfigurationArgs{
AccessTokenKeyId: pulumi.String("string"),
IdTokenKeyId: pulumi.String("string"),
RefreshTokenExpirationPolicy: pulumi.String("string"),
RefreshTokenOneTimeUseConfigurationGracePeriodInSeconds: pulumi.Int(0),
RefreshTokenRevocationPolicyOnLoginPrevented: pulumi.Bool(false),
RefreshTokenRevocationPolicyOnMultiFactorEnable: pulumi.Bool(false),
RefreshTokenRevocationPolicyOnOneTimeTokenReuse: pulumi.Bool(false),
RefreshTokenRevocationPolicyOnPasswordChange: pulumi.Bool(false),
RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes: pulumi.Int(0),
RefreshTokenTimeToLiveInMinutes: pulumi.Int(0),
RefreshTokenUsagePolicy: pulumi.String("string"),
TimeToLiveInSeconds: pulumi.Int(0),
},
},
LambdaConfiguration: &fusionauth.FusionAuthTenantLambdaConfigurationArgs{
LoginValidationId: pulumi.String("string"),
ScimEnterpriseUserRequestConverterId: pulumi.String("string"),
ScimEnterpriseUserResponseConverterId: pulumi.String("string"),
ScimGroupRequestConverterId: pulumi.String("string"),
ScimGroupResponseConverterId: pulumi.String("string"),
ScimUserRequestConverterId: pulumi.String("string"),
ScimUserResponseConverterId: pulumi.String("string"),
},
LoginConfiguration: &fusionauth.FusionAuthTenantLoginConfigurationArgs{
RequireAuthentication: pulumi.Bool(false),
},
LogoutUrl: pulumi.String("string"),
MaximumPasswordAge: &fusionauth.FusionAuthTenantMaximumPasswordAgeArgs{
Days: pulumi.Int(0),
Enabled: pulumi.Bool(false),
},
MinimumPasswordAge: &fusionauth.FusionAuthTenantMinimumPasswordAgeArgs{
Enabled: pulumi.Bool(false),
Seconds: pulumi.Int(0),
},
MultiFactorConfiguration: &fusionauth.FusionAuthTenantMultiFactorConfigurationArgs{
Authenticator: &fusionauth.FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs{
Enabled: pulumi.Bool(false),
},
Email: &fusionauth.FusionAuthTenantMultiFactorConfigurationEmailArgs{
Enabled: pulumi.Bool(false),
TemplateId: pulumi.String("string"),
},
LoginPolicy: pulumi.String("string"),
Sms: &fusionauth.FusionAuthTenantMultiFactorConfigurationSmsArgs{
Enabled: pulumi.Bool(false),
MessengerId: pulumi.String("string"),
TemplateId: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
OauthConfigurations: fusionauth.FusionAuthTenantOauthConfigurationArray{
&fusionauth.FusionAuthTenantOauthConfigurationArgs{
ClientCredentialsAccessTokenPopulateLambdaId: pulumi.String("string"),
},
},
PasswordEncryptionConfigurations: fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArray{
&fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs{
EncryptionScheme: pulumi.String("string"),
EncryptionSchemeFactor: pulumi.Int(0),
ModifyEncryptionSchemeOnLogin: pulumi.Bool(false),
},
},
PasswordValidationRules: &fusionauth.FusionAuthTenantPasswordValidationRulesArgs{
BreachDetection: &fusionauth.FusionAuthTenantPasswordValidationRulesBreachDetectionArgs{
Enabled: pulumi.Bool(false),
MatchMode: pulumi.String("string"),
NotifyUserEmailTemplateId: pulumi.String("string"),
OnLogin: pulumi.String("string"),
},
MaxLength: pulumi.Int(0),
MinLength: pulumi.Int(0),
RememberPreviousPasswords: &fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs{
Count: pulumi.Int(0),
Enabled: pulumi.Bool(false),
},
RequireNonAlpha: pulumi.Bool(false),
RequireNumber: pulumi.Bool(false),
RequiredMixedCase: pulumi.Bool(false),
ValidateOnLogin: pulumi.Bool(false),
},
RateLimitConfiguration: &fusionauth.FusionAuthTenantRateLimitConfigurationArgs{
FailedLogin: &fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
ForgotPassword: &fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
SendEmailVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
SendPasswordless: &fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
SendRegistrationVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
SendTwoFactor: &fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
},
RegistrationConfiguration: &fusionauth.FusionAuthTenantRegistrationConfigurationArgs{
BlockedDomains: pulumi.StringArray{
pulumi.String("string"),
},
},
ScimServerConfiguration: &fusionauth.FusionAuthTenantScimServerConfigurationArgs{
ClientEntityTypeId: pulumi.String("string"),
ServerEntityTypeId: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Schemas: pulumi.String("string"),
},
SourceTenantId: pulumi.String("string"),
SsoConfiguration: &fusionauth.FusionAuthTenantSsoConfigurationArgs{
DeviceTrustTimeToLiveInSeconds: pulumi.Int(0),
},
TenantId: pulumi.String("string"),
ThemeId: pulumi.String("string"),
UserDeletePolicy: &fusionauth.FusionAuthTenantUserDeletePolicyArgs{
UnverifiedEnabled: pulumi.Bool(false),
UnverifiedNumberOfDaysToRetain: pulumi.Int(0),
},
UsernameConfiguration: &fusionauth.FusionAuthTenantUsernameConfigurationArgs{
Unique: &fusionauth.FusionAuthTenantUsernameConfigurationUniqueArgs{
Enabled: pulumi.Bool(false),
NumberOfDigits: pulumi.Int(0),
Separator: pulumi.String("string"),
Strategy: pulumi.String("string"),
},
},
WebauthnConfiguration: &fusionauth.FusionAuthTenantWebauthnConfigurationArgs{
BootstrapWorkflow: &fusionauth.FusionAuthTenantWebauthnConfigurationBootstrapWorkflowArgs{
AuthenticatorAttachmentPreference: pulumi.String("string"),
Enabled: pulumi.Bool(false),
UserVerificationRequirement: pulumi.String("string"),
},
Debug: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
ReauthenticationWorkflow: &fusionauth.FusionAuthTenantWebauthnConfigurationReauthenticationWorkflowArgs{
AuthenticatorAttachmentPreference: pulumi.String("string"),
Enabled: pulumi.Bool(false),
UserVerificationRequirement: pulumi.String("string"),
},
RelyingPartyId: pulumi.String("string"),
RelyingPartyName: pulumi.String("string"),
},
WebhookIds: pulumi.StringArray{
pulumi.String("string"),
},
})
var fusionAuthTenantResource = new FusionAuthTenant("fusionAuthTenantResource", FusionAuthTenantArgs.builder()
.accessControlConfiguration(FusionAuthTenantAccessControlConfigurationArgs.builder()
.uiIpAccessControlListId("string")
.build())
.captchaConfiguration(FusionAuthTenantCaptchaConfigurationArgs.builder()
.captchaMethod("string")
.enabled(false)
.secretKey("string")
.siteKey("string")
.threshold(0)
.build())
.connectorPolicies(FusionAuthTenantConnectorPolicyArgs.builder()
.connectorId("string")
.domains("string")
.migrate(false)
.build())
.data(Map.of("string", "string"))
.emailConfiguration(FusionAuthTenantEmailConfigurationArgs.builder()
.additionalHeaders(Map.of("string", "string"))
.debug(false)
.defaultFromEmail("string")
.defaultFromName("string")
.emailUpdateEmailTemplateId("string")
.emailVerifiedEmailTemplateId("string")
.forgotPasswordEmailTemplateId("string")
.host("string")
.implicitEmailVerificationAllowed(false)
.loginIdInUseOnCreateEmailTemplateId("string")
.loginIdInUseOnUpdateEmailTemplateId("string")
.loginNewDeviceEmailTemplateId("string")
.loginSuspiciousEmailTemplateId("string")
.password("string")
.passwordResetSuccessEmailTemplateId("string")
.passwordUpdateEmailTemplateId("string")
.passwordlessEmailTemplateId("string")
.port(0)
.properties("string")
.security("string")
.setPasswordEmailTemplateId("string")
.twoFactorMethodAddEmailTemplateId("string")
.twoFactorMethodRemoveEmailTemplateId("string")
.unverified(FusionAuthTenantEmailConfigurationUnverifiedArgs.builder()
.allowEmailChangeWhenGated(false)
.behavior("string")
.build())
.username("string")
.verificationEmailTemplateId("string")
.verificationStrategy("string")
.verifyEmail(false)
.verifyEmailWhenChanged(false)
.build())
.eventConfigurations(FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("string")
.transactionType("string")
.build())
.externalIdentifierConfiguration(FusionAuthTenantExternalIdentifierConfigurationArgs.builder()
.authorizationGrantIdTimeToLiveInSeconds(0)
.changePasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.changePasswordIdTimeToLiveInSeconds(0)
.deviceCodeTimeToLiveInSeconds(0)
.deviceUserCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.emailVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.emailVerificationIdTimeToLiveInSeconds(0)
.emailVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.externalAuthenticationIdTimeToLiveInSeconds(0)
.loginIntentTimeToLiveInSeconds(0)
.oneTimePasswordTimeToLiveInSeconds(0)
.passwordlessLoginGenerator(FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.passwordlessLoginTimeToLiveInSeconds(0)
.pendingAccountLinkTimeToLiveInSeconds(0)
.registrationVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.registrationVerificationIdTimeToLiveInSeconds(0)
.registrationVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.rememberOauthScopeConsentChoiceTimeToLiveInSeconds(0)
.samlV2AuthnRequestIdTtlSeconds(0)
.setupPasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.setupPasswordIdTimeToLiveInSeconds(0)
.trustTokenTimeToLiveInSeconds(0)
.twoFactorIdTimeToLiveInSeconds(0)
.twoFactorOneTimeCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.twoFactorOneTimeCodeIdTimeToLiveInSeconds(0)
.twoFactorTrustIdTimeToLiveInSeconds(0)
.webauthnAuthenticationChallengeTimeToLiveInSeconds(0)
.webauthnRegistrationChallengeTimeToLiveInSeconds(0)
.build())
.failedAuthenticationConfiguration(FusionAuthTenantFailedAuthenticationConfigurationArgs.builder()
.actionCancelPolicyOnPasswordReset(false)
.actionDuration(0)
.actionDurationUnit("string")
.emailUser(false)
.resetCountInSeconds(0)
.tooManyAttempts(0)
.userActionId("string")
.build())
.familyConfiguration(FusionAuthTenantFamilyConfigurationArgs.builder()
.allowChildRegistrations(false)
.confirmChildEmailTemplateId("string")
.deleteOrphanedAccounts(false)
.deleteOrphanedAccountsDays(0)
.enabled(false)
.familyRequestEmailTemplateId("string")
.maximumChildAge(0)
.minimumOwnerAge(0)
.parentEmailRequired(false)
.parentRegistrationEmailTemplateId("string")
.build())
.formConfiguration(FusionAuthTenantFormConfigurationArgs.builder()
.adminUserFormId("string")
.build())
.httpSessionMaxInactiveInterval(0)
.issuer("string")
.jwtConfigurations(FusionAuthTenantJwtConfigurationArgs.builder()
.accessTokenKeyId("string")
.idTokenKeyId("string")
.refreshTokenExpirationPolicy("string")
.refreshTokenOneTimeUseConfigurationGracePeriodInSeconds(0)
.refreshTokenRevocationPolicyOnLoginPrevented(false)
.refreshTokenRevocationPolicyOnMultiFactorEnable(false)
.refreshTokenRevocationPolicyOnOneTimeTokenReuse(false)
.refreshTokenRevocationPolicyOnPasswordChange(false)
.refreshTokenSlidingWindowMaximumTimeToLiveInMinutes(0)
.refreshTokenTimeToLiveInMinutes(0)
.refreshTokenUsagePolicy("string")
.timeToLiveInSeconds(0)
.build())
.lambdaConfiguration(FusionAuthTenantLambdaConfigurationArgs.builder()
.loginValidationId("string")
.scimEnterpriseUserRequestConverterId("string")
.scimEnterpriseUserResponseConverterId("string")
.scimGroupRequestConverterId("string")
.scimGroupResponseConverterId("string")
.scimUserRequestConverterId("string")
.scimUserResponseConverterId("string")
.build())
.loginConfiguration(FusionAuthTenantLoginConfigurationArgs.builder()
.requireAuthentication(false)
.build())
.logoutUrl("string")
.maximumPasswordAge(FusionAuthTenantMaximumPasswordAgeArgs.builder()
.days(0)
.enabled(false)
.build())
.minimumPasswordAge(FusionAuthTenantMinimumPasswordAgeArgs.builder()
.enabled(false)
.seconds(0)
.build())
.multiFactorConfiguration(FusionAuthTenantMultiFactorConfigurationArgs.builder()
.authenticator(FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs.builder()
.enabled(false)
.build())
.email(FusionAuthTenantMultiFactorConfigurationEmailArgs.builder()
.enabled(false)
.templateId("string")
.build())
.loginPolicy("string")
.sms(FusionAuthTenantMultiFactorConfigurationSmsArgs.builder()
.enabled(false)
.messengerId("string")
.templateId("string")
.build())
.build())
.name("string")
.oauthConfigurations(FusionAuthTenantOauthConfigurationArgs.builder()
.clientCredentialsAccessTokenPopulateLambdaId("string")
.build())
.passwordEncryptionConfigurations(FusionAuthTenantPasswordEncryptionConfigurationArgs.builder()
.encryptionScheme("string")
.encryptionSchemeFactor(0)
.modifyEncryptionSchemeOnLogin(false)
.build())
.passwordValidationRules(FusionAuthTenantPasswordValidationRulesArgs.builder()
.breachDetection(FusionAuthTenantPasswordValidationRulesBreachDetectionArgs.builder()
.enabled(false)
.matchMode("string")
.notifyUserEmailTemplateId("string")
.onLogin("string")
.build())
.maxLength(0)
.minLength(0)
.rememberPreviousPasswords(FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs.builder()
.count(0)
.enabled(false)
.build())
.requireNonAlpha(false)
.requireNumber(false)
.requiredMixedCase(false)
.validateOnLogin(false)
.build())
.rateLimitConfiguration(FusionAuthTenantRateLimitConfigurationArgs.builder()
.failedLogin(FusionAuthTenantRateLimitConfigurationFailedLoginArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.forgotPassword(FusionAuthTenantRateLimitConfigurationForgotPasswordArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.sendEmailVerification(FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.sendPasswordless(FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.sendRegistrationVerification(FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.sendTwoFactor(FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.build())
.registrationConfiguration(FusionAuthTenantRegistrationConfigurationArgs.builder()
.blockedDomains("string")
.build())
.scimServerConfiguration(FusionAuthTenantScimServerConfigurationArgs.builder()
.clientEntityTypeId("string")
.serverEntityTypeId("string")
.enabled(false)
.schemas("string")
.build())
.sourceTenantId("string")
.ssoConfiguration(FusionAuthTenantSsoConfigurationArgs.builder()
.deviceTrustTimeToLiveInSeconds(0)
.build())
.tenantId("string")
.themeId("string")
.userDeletePolicy(FusionAuthTenantUserDeletePolicyArgs.builder()
.unverifiedEnabled(false)
.unverifiedNumberOfDaysToRetain(0)
.build())
.usernameConfiguration(FusionAuthTenantUsernameConfigurationArgs.builder()
.unique(FusionAuthTenantUsernameConfigurationUniqueArgs.builder()
.enabled(false)
.numberOfDigits(0)
.separator("string")
.strategy("string")
.build())
.build())
.webauthnConfiguration(FusionAuthTenantWebauthnConfigurationArgs.builder()
.bootstrapWorkflow(FusionAuthTenantWebauthnConfigurationBootstrapWorkflowArgs.builder()
.authenticatorAttachmentPreference("string")
.enabled(false)
.userVerificationRequirement("string")
.build())
.debug(false)
.enabled(false)
.reauthenticationWorkflow(FusionAuthTenantWebauthnConfigurationReauthenticationWorkflowArgs.builder()
.authenticatorAttachmentPreference("string")
.enabled(false)
.userVerificationRequirement("string")
.build())
.relyingPartyId("string")
.relyingPartyName("string")
.build())
.webhookIds("string")
.build());
fusion_auth_tenant_resource = fusionauth.FusionAuthTenant("fusionAuthTenantResource",
access_control_configuration={
"ui_ip_access_control_list_id": "string",
},
captcha_configuration={
"captcha_method": "string",
"enabled": False,
"secret_key": "string",
"site_key": "string",
"threshold": 0,
},
connector_policies=[{
"connector_id": "string",
"domains": ["string"],
"migrate": False,
}],
data={
"string": "string",
},
email_configuration={
"additional_headers": {
"string": "string",
},
"debug": False,
"default_from_email": "string",
"default_from_name": "string",
"email_update_email_template_id": "string",
"email_verified_email_template_id": "string",
"forgot_password_email_template_id": "string",
"host": "string",
"implicit_email_verification_allowed": False,
"login_id_in_use_on_create_email_template_id": "string",
"login_id_in_use_on_update_email_template_id": "string",
"login_new_device_email_template_id": "string",
"login_suspicious_email_template_id": "string",
"password": "string",
"password_reset_success_email_template_id": "string",
"password_update_email_template_id": "string",
"passwordless_email_template_id": "string",
"port": 0,
"properties": "string",
"security": "string",
"set_password_email_template_id": "string",
"two_factor_method_add_email_template_id": "string",
"two_factor_method_remove_email_template_id": "string",
"unverified": {
"allow_email_change_when_gated": False,
"behavior": "string",
},
"username": "string",
"verification_email_template_id": "string",
"verification_strategy": "string",
"verify_email": False,
"verify_email_when_changed": False,
},
event_configurations=[{
"enabled": False,
"event": "string",
"transaction_type": "string",
}],
external_identifier_configuration={
"authorization_grant_id_time_to_live_in_seconds": 0,
"change_password_id_generator": {
"length": 0,
"type": "string",
},
"change_password_id_time_to_live_in_seconds": 0,
"device_code_time_to_live_in_seconds": 0,
"device_user_code_id_generator": {
"length": 0,
"type": "string",
},
"email_verification_id_generator": {
"length": 0,
"type": "string",
},
"email_verification_id_time_to_live_in_seconds": 0,
"email_verification_one_time_code_generator": {
"length": 0,
"type": "string",
},
"external_authentication_id_time_to_live_in_seconds": 0,
"login_intent_time_to_live_in_seconds": 0,
"one_time_password_time_to_live_in_seconds": 0,
"passwordless_login_generator": {
"length": 0,
"type": "string",
},
"passwordless_login_time_to_live_in_seconds": 0,
"pending_account_link_time_to_live_in_seconds": 0,
"registration_verification_id_generator": {
"length": 0,
"type": "string",
},
"registration_verification_id_time_to_live_in_seconds": 0,
"registration_verification_one_time_code_generator": {
"length": 0,
"type": "string",
},
"remember_oauth_scope_consent_choice_time_to_live_in_seconds": 0,
"saml_v2_authn_request_id_ttl_seconds": 0,
"setup_password_id_generator": {
"length": 0,
"type": "string",
},
"setup_password_id_time_to_live_in_seconds": 0,
"trust_token_time_to_live_in_seconds": 0,
"two_factor_id_time_to_live_in_seconds": 0,
"two_factor_one_time_code_id_generator": {
"length": 0,
"type": "string",
},
"two_factor_one_time_code_id_time_to_live_in_seconds": 0,
"two_factor_trust_id_time_to_live_in_seconds": 0,
"webauthn_authentication_challenge_time_to_live_in_seconds": 0,
"webauthn_registration_challenge_time_to_live_in_seconds": 0,
},
failed_authentication_configuration={
"action_cancel_policy_on_password_reset": False,
"action_duration": 0,
"action_duration_unit": "string",
"email_user": False,
"reset_count_in_seconds": 0,
"too_many_attempts": 0,
"user_action_id": "string",
},
family_configuration={
"allow_child_registrations": False,
"confirm_child_email_template_id": "string",
"delete_orphaned_accounts": False,
"delete_orphaned_accounts_days": 0,
"enabled": False,
"family_request_email_template_id": "string",
"maximum_child_age": 0,
"minimum_owner_age": 0,
"parent_email_required": False,
"parent_registration_email_template_id": "string",
},
form_configuration={
"admin_user_form_id": "string",
},
http_session_max_inactive_interval=0,
issuer="string",
jwt_configurations=[{
"access_token_key_id": "string",
"id_token_key_id": "string",
"refresh_token_expiration_policy": "string",
"refresh_token_one_time_use_configuration_grace_period_in_seconds": 0,
"refresh_token_revocation_policy_on_login_prevented": False,
"refresh_token_revocation_policy_on_multi_factor_enable": False,
"refresh_token_revocation_policy_on_one_time_token_reuse": False,
"refresh_token_revocation_policy_on_password_change": False,
"refresh_token_sliding_window_maximum_time_to_live_in_minutes": 0,
"refresh_token_time_to_live_in_minutes": 0,
"refresh_token_usage_policy": "string",
"time_to_live_in_seconds": 0,
}],
lambda_configuration={
"login_validation_id": "string",
"scim_enterprise_user_request_converter_id": "string",
"scim_enterprise_user_response_converter_id": "string",
"scim_group_request_converter_id": "string",
"scim_group_response_converter_id": "string",
"scim_user_request_converter_id": "string",
"scim_user_response_converter_id": "string",
},
login_configuration={
"require_authentication": False,
},
logout_url="string",
maximum_password_age={
"days": 0,
"enabled": False,
},
minimum_password_age={
"enabled": False,
"seconds": 0,
},
multi_factor_configuration={
"authenticator": {
"enabled": False,
},
"email": {
"enabled": False,
"template_id": "string",
},
"login_policy": "string",
"sms": {
"enabled": False,
"messenger_id": "string",
"template_id": "string",
},
},
name="string",
oauth_configurations=[{
"client_credentials_access_token_populate_lambda_id": "string",
}],
password_encryption_configurations=[{
"encryption_scheme": "string",
"encryption_scheme_factor": 0,
"modify_encryption_scheme_on_login": False,
}],
password_validation_rules={
"breach_detection": {
"enabled": False,
"match_mode": "string",
"notify_user_email_template_id": "string",
"on_login": "string",
},
"max_length": 0,
"min_length": 0,
"remember_previous_passwords": {
"count": 0,
"enabled": False,
},
"require_non_alpha": False,
"require_number": False,
"required_mixed_case": False,
"validate_on_login": False,
},
rate_limit_configuration={
"failed_login": {
"enabled": False,
"limit": 0,
"time_period_in_seconds": 0,
},
"forgot_password": {
"enabled": False,
"limit": 0,
"time_period_in_seconds": 0,
},
"send_email_verification": {
"enabled": False,
"limit": 0,
"time_period_in_seconds": 0,
},
"send_passwordless": {
"enabled": False,
"limit": 0,
"time_period_in_seconds": 0,
},
"send_registration_verification": {
"enabled": False,
"limit": 0,
"time_period_in_seconds": 0,
},
"send_two_factor": {
"enabled": False,
"limit": 0,
"time_period_in_seconds": 0,
},
},
registration_configuration={
"blocked_domains": ["string"],
},
scim_server_configuration={
"client_entity_type_id": "string",
"server_entity_type_id": "string",
"enabled": False,
"schemas": "string",
},
source_tenant_id="string",
sso_configuration={
"device_trust_time_to_live_in_seconds": 0,
},
tenant_id="string",
theme_id="string",
user_delete_policy={
"unverified_enabled": False,
"unverified_number_of_days_to_retain": 0,
},
username_configuration={
"unique": {
"enabled": False,
"number_of_digits": 0,
"separator": "string",
"strategy": "string",
},
},
webauthn_configuration={
"bootstrap_workflow": {
"authenticator_attachment_preference": "string",
"enabled": False,
"user_verification_requirement": "string",
},
"debug": False,
"enabled": False,
"reauthentication_workflow": {
"authenticator_attachment_preference": "string",
"enabled": False,
"user_verification_requirement": "string",
},
"relying_party_id": "string",
"relying_party_name": "string",
},
webhook_ids=["string"])
const fusionAuthTenantResource = new fusionauth.FusionAuthTenant("fusionAuthTenantResource", {
accessControlConfiguration: {
uiIpAccessControlListId: "string",
},
captchaConfiguration: {
captchaMethod: "string",
enabled: false,
secretKey: "string",
siteKey: "string",
threshold: 0,
},
connectorPolicies: [{
connectorId: "string",
domains: ["string"],
migrate: false,
}],
data: {
string: "string",
},
emailConfiguration: {
additionalHeaders: {
string: "string",
},
debug: false,
defaultFromEmail: "string",
defaultFromName: "string",
emailUpdateEmailTemplateId: "string",
emailVerifiedEmailTemplateId: "string",
forgotPasswordEmailTemplateId: "string",
host: "string",
implicitEmailVerificationAllowed: false,
loginIdInUseOnCreateEmailTemplateId: "string",
loginIdInUseOnUpdateEmailTemplateId: "string",
loginNewDeviceEmailTemplateId: "string",
loginSuspiciousEmailTemplateId: "string",
password: "string",
passwordResetSuccessEmailTemplateId: "string",
passwordUpdateEmailTemplateId: "string",
passwordlessEmailTemplateId: "string",
port: 0,
properties: "string",
security: "string",
setPasswordEmailTemplateId: "string",
twoFactorMethodAddEmailTemplateId: "string",
twoFactorMethodRemoveEmailTemplateId: "string",
unverified: {
allowEmailChangeWhenGated: false,
behavior: "string",
},
username: "string",
verificationEmailTemplateId: "string",
verificationStrategy: "string",
verifyEmail: false,
verifyEmailWhenChanged: false,
},
eventConfigurations: [{
enabled: false,
event: "string",
transactionType: "string",
}],
externalIdentifierConfiguration: {
authorizationGrantIdTimeToLiveInSeconds: 0,
changePasswordIdGenerator: {
length: 0,
type: "string",
},
changePasswordIdTimeToLiveInSeconds: 0,
deviceCodeTimeToLiveInSeconds: 0,
deviceUserCodeIdGenerator: {
length: 0,
type: "string",
},
emailVerificationIdGenerator: {
length: 0,
type: "string",
},
emailVerificationIdTimeToLiveInSeconds: 0,
emailVerificationOneTimeCodeGenerator: {
length: 0,
type: "string",
},
externalAuthenticationIdTimeToLiveInSeconds: 0,
loginIntentTimeToLiveInSeconds: 0,
oneTimePasswordTimeToLiveInSeconds: 0,
passwordlessLoginGenerator: {
length: 0,
type: "string",
},
passwordlessLoginTimeToLiveInSeconds: 0,
pendingAccountLinkTimeToLiveInSeconds: 0,
registrationVerificationIdGenerator: {
length: 0,
type: "string",
},
registrationVerificationIdTimeToLiveInSeconds: 0,
registrationVerificationOneTimeCodeGenerator: {
length: 0,
type: "string",
},
rememberOauthScopeConsentChoiceTimeToLiveInSeconds: 0,
samlV2AuthnRequestIdTtlSeconds: 0,
setupPasswordIdGenerator: {
length: 0,
type: "string",
},
setupPasswordIdTimeToLiveInSeconds: 0,
trustTokenTimeToLiveInSeconds: 0,
twoFactorIdTimeToLiveInSeconds: 0,
twoFactorOneTimeCodeIdGenerator: {
length: 0,
type: "string",
},
twoFactorOneTimeCodeIdTimeToLiveInSeconds: 0,
twoFactorTrustIdTimeToLiveInSeconds: 0,
webauthnAuthenticationChallengeTimeToLiveInSeconds: 0,
webauthnRegistrationChallengeTimeToLiveInSeconds: 0,
},
failedAuthenticationConfiguration: {
actionCancelPolicyOnPasswordReset: false,
actionDuration: 0,
actionDurationUnit: "string",
emailUser: false,
resetCountInSeconds: 0,
tooManyAttempts: 0,
userActionId: "string",
},
familyConfiguration: {
allowChildRegistrations: false,
confirmChildEmailTemplateId: "string",
deleteOrphanedAccounts: false,
deleteOrphanedAccountsDays: 0,
enabled: false,
familyRequestEmailTemplateId: "string",
maximumChildAge: 0,
minimumOwnerAge: 0,
parentEmailRequired: false,
parentRegistrationEmailTemplateId: "string",
},
formConfiguration: {
adminUserFormId: "string",
},
httpSessionMaxInactiveInterval: 0,
issuer: "string",
jwtConfigurations: [{
accessTokenKeyId: "string",
idTokenKeyId: "string",
refreshTokenExpirationPolicy: "string",
refreshTokenOneTimeUseConfigurationGracePeriodInSeconds: 0,
refreshTokenRevocationPolicyOnLoginPrevented: false,
refreshTokenRevocationPolicyOnMultiFactorEnable: false,
refreshTokenRevocationPolicyOnOneTimeTokenReuse: false,
refreshTokenRevocationPolicyOnPasswordChange: false,
refreshTokenSlidingWindowMaximumTimeToLiveInMinutes: 0,
refreshTokenTimeToLiveInMinutes: 0,
refreshTokenUsagePolicy: "string",
timeToLiveInSeconds: 0,
}],
lambdaConfiguration: {
loginValidationId: "string",
scimEnterpriseUserRequestConverterId: "string",
scimEnterpriseUserResponseConverterId: "string",
scimGroupRequestConverterId: "string",
scimGroupResponseConverterId: "string",
scimUserRequestConverterId: "string",
scimUserResponseConverterId: "string",
},
loginConfiguration: {
requireAuthentication: false,
},
logoutUrl: "string",
maximumPasswordAge: {
days: 0,
enabled: false,
},
minimumPasswordAge: {
enabled: false,
seconds: 0,
},
multiFactorConfiguration: {
authenticator: {
enabled: false,
},
email: {
enabled: false,
templateId: "string",
},
loginPolicy: "string",
sms: {
enabled: false,
messengerId: "string",
templateId: "string",
},
},
name: "string",
oauthConfigurations: [{
clientCredentialsAccessTokenPopulateLambdaId: "string",
}],
passwordEncryptionConfigurations: [{
encryptionScheme: "string",
encryptionSchemeFactor: 0,
modifyEncryptionSchemeOnLogin: false,
}],
passwordValidationRules: {
breachDetection: {
enabled: false,
matchMode: "string",
notifyUserEmailTemplateId: "string",
onLogin: "string",
},
maxLength: 0,
minLength: 0,
rememberPreviousPasswords: {
count: 0,
enabled: false,
},
requireNonAlpha: false,
requireNumber: false,
requiredMixedCase: false,
validateOnLogin: false,
},
rateLimitConfiguration: {
failedLogin: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
forgotPassword: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
sendEmailVerification: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
sendPasswordless: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
sendRegistrationVerification: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
sendTwoFactor: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
},
registrationConfiguration: {
blockedDomains: ["string"],
},
scimServerConfiguration: {
clientEntityTypeId: "string",
serverEntityTypeId: "string",
enabled: false,
schemas: "string",
},
sourceTenantId: "string",
ssoConfiguration: {
deviceTrustTimeToLiveInSeconds: 0,
},
tenantId: "string",
themeId: "string",
userDeletePolicy: {
unverifiedEnabled: false,
unverifiedNumberOfDaysToRetain: 0,
},
usernameConfiguration: {
unique: {
enabled: false,
numberOfDigits: 0,
separator: "string",
strategy: "string",
},
},
webauthnConfiguration: {
bootstrapWorkflow: {
authenticatorAttachmentPreference: "string",
enabled: false,
userVerificationRequirement: "string",
},
debug: false,
enabled: false,
reauthenticationWorkflow: {
authenticatorAttachmentPreference: "string",
enabled: false,
userVerificationRequirement: "string",
},
relyingPartyId: "string",
relyingPartyName: "string",
},
webhookIds: ["string"],
});
type: fusionauth:FusionAuthTenant
properties:
accessControlConfiguration:
uiIpAccessControlListId: string
captchaConfiguration:
captchaMethod: string
enabled: false
secretKey: string
siteKey: string
threshold: 0
connectorPolicies:
- connectorId: string
domains:
- string
migrate: false
data:
string: string
emailConfiguration:
additionalHeaders:
string: string
debug: false
defaultFromEmail: string
defaultFromName: string
emailUpdateEmailTemplateId: string
emailVerifiedEmailTemplateId: string
forgotPasswordEmailTemplateId: string
host: string
implicitEmailVerificationAllowed: false
loginIdInUseOnCreateEmailTemplateId: string
loginIdInUseOnUpdateEmailTemplateId: string
loginNewDeviceEmailTemplateId: string
loginSuspiciousEmailTemplateId: string
password: string
passwordResetSuccessEmailTemplateId: string
passwordUpdateEmailTemplateId: string
passwordlessEmailTemplateId: string
port: 0
properties: string
security: string
setPasswordEmailTemplateId: string
twoFactorMethodAddEmailTemplateId: string
twoFactorMethodRemoveEmailTemplateId: string
unverified:
allowEmailChangeWhenGated: false
behavior: string
username: string
verificationEmailTemplateId: string
verificationStrategy: string
verifyEmail: false
verifyEmailWhenChanged: false
eventConfigurations:
- enabled: false
event: string
transactionType: string
externalIdentifierConfiguration:
authorizationGrantIdTimeToLiveInSeconds: 0
changePasswordIdGenerator:
length: 0
type: string
changePasswordIdTimeToLiveInSeconds: 0
deviceCodeTimeToLiveInSeconds: 0
deviceUserCodeIdGenerator:
length: 0
type: string
emailVerificationIdGenerator:
length: 0
type: string
emailVerificationIdTimeToLiveInSeconds: 0
emailVerificationOneTimeCodeGenerator:
length: 0
type: string
externalAuthenticationIdTimeToLiveInSeconds: 0
loginIntentTimeToLiveInSeconds: 0
oneTimePasswordTimeToLiveInSeconds: 0
passwordlessLoginGenerator:
length: 0
type: string
passwordlessLoginTimeToLiveInSeconds: 0
pendingAccountLinkTimeToLiveInSeconds: 0
registrationVerificationIdGenerator:
length: 0
type: string
registrationVerificationIdTimeToLiveInSeconds: 0
registrationVerificationOneTimeCodeGenerator:
length: 0
type: string
rememberOauthScopeConsentChoiceTimeToLiveInSeconds: 0
samlV2AuthnRequestIdTtlSeconds: 0
setupPasswordIdGenerator:
length: 0
type: string
setupPasswordIdTimeToLiveInSeconds: 0
trustTokenTimeToLiveInSeconds: 0
twoFactorIdTimeToLiveInSeconds: 0
twoFactorOneTimeCodeIdGenerator:
length: 0
type: string
twoFactorOneTimeCodeIdTimeToLiveInSeconds: 0
twoFactorTrustIdTimeToLiveInSeconds: 0
webauthnAuthenticationChallengeTimeToLiveInSeconds: 0
webauthnRegistrationChallengeTimeToLiveInSeconds: 0
failedAuthenticationConfiguration:
actionCancelPolicyOnPasswordReset: false
actionDuration: 0
actionDurationUnit: string
emailUser: false
resetCountInSeconds: 0
tooManyAttempts: 0
userActionId: string
familyConfiguration:
allowChildRegistrations: false
confirmChildEmailTemplateId: string
deleteOrphanedAccounts: false
deleteOrphanedAccountsDays: 0
enabled: false
familyRequestEmailTemplateId: string
maximumChildAge: 0
minimumOwnerAge: 0
parentEmailRequired: false
parentRegistrationEmailTemplateId: string
formConfiguration:
adminUserFormId: string
httpSessionMaxInactiveInterval: 0
issuer: string
jwtConfigurations:
- accessTokenKeyId: string
idTokenKeyId: string
refreshTokenExpirationPolicy: string
refreshTokenOneTimeUseConfigurationGracePeriodInSeconds: 0
refreshTokenRevocationPolicyOnLoginPrevented: false
refreshTokenRevocationPolicyOnMultiFactorEnable: false
refreshTokenRevocationPolicyOnOneTimeTokenReuse: false
refreshTokenRevocationPolicyOnPasswordChange: false
refreshTokenSlidingWindowMaximumTimeToLiveInMinutes: 0
refreshTokenTimeToLiveInMinutes: 0
refreshTokenUsagePolicy: string
timeToLiveInSeconds: 0
lambdaConfiguration:
loginValidationId: string
scimEnterpriseUserRequestConverterId: string
scimEnterpriseUserResponseConverterId: string
scimGroupRequestConverterId: string
scimGroupResponseConverterId: string
scimUserRequestConverterId: string
scimUserResponseConverterId: string
loginConfiguration:
requireAuthentication: false
logoutUrl: string
maximumPasswordAge:
days: 0
enabled: false
minimumPasswordAge:
enabled: false
seconds: 0
multiFactorConfiguration:
authenticator:
enabled: false
email:
enabled: false
templateId: string
loginPolicy: string
sms:
enabled: false
messengerId: string
templateId: string
name: string
oauthConfigurations:
- clientCredentialsAccessTokenPopulateLambdaId: string
passwordEncryptionConfigurations:
- encryptionScheme: string
encryptionSchemeFactor: 0
modifyEncryptionSchemeOnLogin: false
passwordValidationRules:
breachDetection:
enabled: false
matchMode: string
notifyUserEmailTemplateId: string
onLogin: string
maxLength: 0
minLength: 0
rememberPreviousPasswords:
count: 0
enabled: false
requireNonAlpha: false
requireNumber: false
requiredMixedCase: false
validateOnLogin: false
rateLimitConfiguration:
failedLogin:
enabled: false
limit: 0
timePeriodInSeconds: 0
forgotPassword:
enabled: false
limit: 0
timePeriodInSeconds: 0
sendEmailVerification:
enabled: false
limit: 0
timePeriodInSeconds: 0
sendPasswordless:
enabled: false
limit: 0
timePeriodInSeconds: 0
sendRegistrationVerification:
enabled: false
limit: 0
timePeriodInSeconds: 0
sendTwoFactor:
enabled: false
limit: 0
timePeriodInSeconds: 0
registrationConfiguration:
blockedDomains:
- string
scimServerConfiguration:
clientEntityTypeId: string
enabled: false
schemas: string
serverEntityTypeId: string
sourceTenantId: string
ssoConfiguration:
deviceTrustTimeToLiveInSeconds: 0
tenantId: string
themeId: string
userDeletePolicy:
unverifiedEnabled: false
unverifiedNumberOfDaysToRetain: 0
usernameConfiguration:
unique:
enabled: false
numberOfDigits: 0
separator: string
strategy: string
webauthnConfiguration:
bootstrapWorkflow:
authenticatorAttachmentPreference: string
enabled: false
userVerificationRequirement: string
debug: false
enabled: false
reauthenticationWorkflow:
authenticatorAttachmentPreference: string
enabled: false
userVerificationRequirement: string
relyingPartyId: string
relyingPartyName: string
webhookIds:
- string
FusionAuthTenant Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The FusionAuthTenant resource accepts the following input properties:
- Access
Control theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Access Control Configuration - Captcha
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Captcha Configuration - Connector
Policies List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Connector Policy> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data Dictionary<string, string>
- An object that can hold any information about the Tenant that should be persisted.
- Email
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Email Configuration - The email configuration for the tenant.
- Event
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Event Configuration> - External
Identifier theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration - Failed
Authentication theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Failed Authentication Configuration - Family
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Family Configuration - Form
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Form Configuration - Http
Session intMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Jwt Configuration> - The JWT configuration for the tenant.
- Lambda
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Lambda Configuration - Lamnda configuration for this tenant.
- Login
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Login Configuration - Logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Maximum Password Age - Minimum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Minimum Password Age - Multi
Factor theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration - Name string
- The unique name of the Tenant.
- Oauth
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Oauth Configuration> - Password
Encryption List<theogravity.Configurations Fusionauth. Inputs. Fusion Auth Tenant Password Encryption Configuration> - Password
Validation theogravity.Rules Fusionauth. Inputs. Fusion Auth Tenant Password Validation Rules - Rate
Limit theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Rate Limit Configuration - Registration
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Registration Configuration - Scim
Server theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Scim Server Configuration - Source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Sso
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Sso Configuration - Tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- Theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- User
Delete theogravity.Policy Fusionauth. Inputs. Fusion Auth Tenant User Delete Policy - Username
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Username Configuration - Webauthn
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Webauthn Configuration - The WebAuthn configuration for this tenant.
- Webhook
Ids List<string> - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- Access
Control FusionConfiguration Auth Tenant Access Control Configuration Args - Captcha
Configuration FusionAuth Tenant Captcha Configuration Args - Connector
Policies []FusionAuth Tenant Connector Policy Args - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data map[string]string
- An object that can hold any information about the Tenant that should be persisted.
- Email
Configuration FusionAuth Tenant Email Configuration Args - The email configuration for the tenant.
- Event
Configurations []FusionAuth Tenant Event Configuration Args - External
Identifier FusionConfiguration Auth Tenant External Identifier Configuration Args - Failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration Args - Family
Configuration FusionAuth Tenant Family Configuration Args - Form
Configuration FusionAuth Tenant Form Configuration Args - Http
Session intMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations []FusionAuth Tenant Jwt Configuration Args - The JWT configuration for the tenant.
- Lambda
Configuration FusionAuth Tenant Lambda Configuration Args - Lamnda configuration for this tenant.
- Login
Configuration FusionAuth Tenant Login Configuration Args - Logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password FusionAge Auth Tenant Maximum Password Age Args - Minimum
Password FusionAge Auth Tenant Minimum Password Age Args - Multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration Args - Name string
- The unique name of the Tenant.
- Oauth
Configurations []FusionAuth Tenant Oauth Configuration Args - Password
Encryption []FusionConfigurations Auth Tenant Password Encryption Configuration Args - Password
Validation FusionRules Auth Tenant Password Validation Rules Args - Rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration Args - Registration
Configuration FusionAuth Tenant Registration Configuration Args - Scim
Server FusionConfiguration Auth Tenant Scim Server Configuration Args - Source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Sso
Configuration FusionAuth Tenant Sso Configuration Args - Tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- Theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- User
Delete FusionPolicy Auth Tenant User Delete Policy Args - Username
Configuration FusionAuth Tenant Username Configuration Args - Webauthn
Configuration FusionAuth Tenant Webauthn Configuration Args - The WebAuthn configuration for this tenant.
- Webhook
Ids []string - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies List<FusionAuth Tenant Connector Policy> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<String,String>
- An object that can hold any information about the Tenant that should be persisted.
- email
Configuration FusionAuth Tenant Email Configuration - The email configuration for the tenant.
- event
Configurations List<FusionAuth Tenant Event Configuration> - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session IntegerMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer String
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<FusionAuth Tenant Jwt Configuration> - The JWT configuration for the tenant.
- lambda
Configuration FusionAuth Tenant Lambda Configuration - Lamnda configuration for this tenant.
- login
Configuration FusionAuth Tenant Login Configuration - logout
Url String - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name String
- The unique name of the Tenant.
- oauth
Configurations List<FusionAuth Tenant Oauth Configuration> - password
Encryption List<FusionConfigurations Auth Tenant Password Encryption Configuration> - password
Validation FusionRules Auth Tenant Password Validation Rules - rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration - registration
Configuration FusionAuth Tenant Registration Configuration - scim
Server FusionConfiguration Auth Tenant Scim Server Configuration - source
Tenant StringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- sso
Configuration FusionAuth Tenant Sso Configuration - tenant
Id String - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id String - The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration - webauthn
Configuration FusionAuth Tenant Webauthn Configuration - The WebAuthn configuration for this tenant.
- webhook
Ids List<String> - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies FusionAuth Tenant Connector Policy[] - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data {[key: string]: string}
- An object that can hold any information about the Tenant that should be persisted.
- email
Configuration FusionAuth Tenant Email Configuration - The email configuration for the tenant.
- event
Configurations FusionAuth Tenant Event Configuration[] - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session numberMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations FusionAuth Tenant Jwt Configuration[] - The JWT configuration for the tenant.
- lambda
Configuration FusionAuth Tenant Lambda Configuration - Lamnda configuration for this tenant.
- login
Configuration FusionAuth Tenant Login Configuration - logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name string
- The unique name of the Tenant.
- oauth
Configurations FusionAuth Tenant Oauth Configuration[] - password
Encryption FusionConfigurations Auth Tenant Password Encryption Configuration[] - password
Validation FusionRules Auth Tenant Password Validation Rules - rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration - registration
Configuration FusionAuth Tenant Registration Configuration - scim
Server FusionConfiguration Auth Tenant Scim Server Configuration - source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- sso
Configuration FusionAuth Tenant Sso Configuration - tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration - webauthn
Configuration FusionAuth Tenant Webauthn Configuration - The WebAuthn configuration for this tenant.
- webhook
Ids string[] - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- access_
control_ Fusionconfiguration Auth Tenant Access Control Configuration Args - captcha_
configuration FusionAuth Tenant Captcha Configuration Args - connector_
policies Sequence[FusionAuth Tenant Connector Policy Args] - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Mapping[str, str]
- An object that can hold any information about the Tenant that should be persisted.
- email_
configuration FusionAuth Tenant Email Configuration Args - The email configuration for the tenant.
- event_
configurations Sequence[FusionAuth Tenant Event Configuration Args] - external_
identifier_ Fusionconfiguration Auth Tenant External Identifier Configuration Args - failed_
authentication_ Fusionconfiguration Auth Tenant Failed Authentication Configuration Args - family_
configuration FusionAuth Tenant Family Configuration Args - form_
configuration FusionAuth Tenant Form Configuration Args - http_
session_ intmax_ inactive_ interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer str
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt_
configurations Sequence[FusionAuth Tenant Jwt Configuration Args] - The JWT configuration for the tenant.
- lambda_
configuration FusionAuth Tenant Lambda Configuration Args - Lamnda configuration for this tenant.
- login_
configuration FusionAuth Tenant Login Configuration Args - logout_
url str - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum_
password_ Fusionage Auth Tenant Maximum Password Age Args - minimum_
password_ Fusionage Auth Tenant Minimum Password Age Args - multi_
factor_ Fusionconfiguration Auth Tenant Multi Factor Configuration Args - name str
- The unique name of the Tenant.
- oauth_
configurations Sequence[FusionAuth Tenant Oauth Configuration Args] - password_
encryption_ Sequence[Fusionconfigurations Auth Tenant Password Encryption Configuration Args] - password_
validation_ Fusionrules Auth Tenant Password Validation Rules Args - rate_
limit_ Fusionconfiguration Auth Tenant Rate Limit Configuration Args - registration_
configuration FusionAuth Tenant Registration Configuration Args - scim_
server_ Fusionconfiguration Auth Tenant Scim Server Configuration Args - source_
tenant_ strid - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- sso_
configuration FusionAuth Tenant Sso Configuration Args - tenant_
id str - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme_
id str - The unique Id of the theme to be used to style the login page and other end user templates.
- user_
delete_ Fusionpolicy Auth Tenant User Delete Policy Args - username_
configuration FusionAuth Tenant Username Configuration Args - webauthn_
configuration FusionAuth Tenant Webauthn Configuration Args - The WebAuthn configuration for this tenant.
- webhook_
ids Sequence[str] - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- access
Control Property MapConfiguration - captcha
Configuration Property Map - connector
Policies List<Property Map> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<String>
- An object that can hold any information about the Tenant that should be persisted.
- email
Configuration Property Map - The email configuration for the tenant.
- event
Configurations List<Property Map> - external
Identifier Property MapConfiguration - failed
Authentication Property MapConfiguration - family
Configuration Property Map - form
Configuration Property Map - http
Session NumberMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer String
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<Property Map> - The JWT configuration for the tenant.
- lambda
Configuration Property Map - Lamnda configuration for this tenant.
- login
Configuration Property Map - logout
Url String - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password Property MapAge - minimum
Password Property MapAge - multi
Factor Property MapConfiguration - name String
- The unique name of the Tenant.
- oauth
Configurations List<Property Map> - password
Encryption List<Property Map>Configurations - password
Validation Property MapRules - rate
Limit Property MapConfiguration - registration
Configuration Property Map - scim
Server Property MapConfiguration - source
Tenant StringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- sso
Configuration Property Map - tenant
Id String - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id String - The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete Property MapPolicy - username
Configuration Property Map - webauthn
Configuration Property Map - The WebAuthn configuration for this tenant.
- webhook
Ids List<String> - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
Outputs
All input properties are implicitly available as output properties. Additionally, the FusionAuthTenant resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing FusionAuthTenant Resource
Get an existing FusionAuthTenant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FusionAuthTenantState, opts?: CustomResourceOptions): FusionAuthTenant
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
data: Optional[Mapping[str, str]] = None,
email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
http_session_max_inactive_interval: Optional[int] = None,
issuer: Optional[str] = None,
jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
lambda_configuration: Optional[FusionAuthTenantLambdaConfigurationArgs] = None,
login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
logout_url: Optional[str] = None,
maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
name: Optional[str] = None,
oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
rate_limit_configuration: Optional[FusionAuthTenantRateLimitConfigurationArgs] = None,
registration_configuration: Optional[FusionAuthTenantRegistrationConfigurationArgs] = None,
scim_server_configuration: Optional[FusionAuthTenantScimServerConfigurationArgs] = None,
source_tenant_id: Optional[str] = None,
sso_configuration: Optional[FusionAuthTenantSsoConfigurationArgs] = None,
tenant_id: Optional[str] = None,
theme_id: Optional[str] = None,
user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None,
webauthn_configuration: Optional[FusionAuthTenantWebauthnConfigurationArgs] = None,
webhook_ids: Optional[Sequence[str]] = None) -> FusionAuthTenant
func GetFusionAuthTenant(ctx *Context, name string, id IDInput, state *FusionAuthTenantState, opts ...ResourceOption) (*FusionAuthTenant, error)
public static FusionAuthTenant Get(string name, Input<string> id, FusionAuthTenantState? state, CustomResourceOptions? opts = null)
public static FusionAuthTenant get(String name, Output<String> id, FusionAuthTenantState state, CustomResourceOptions options)
resources: _: type: fusionauth:FusionAuthTenant get: id: ${id}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access
Control theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Access Control Configuration - Captcha
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Captcha Configuration - Connector
Policies List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Connector Policy> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data Dictionary<string, string>
- An object that can hold any information about the Tenant that should be persisted.
- Email
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Email Configuration - The email configuration for the tenant.
- Event
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Event Configuration> - External
Identifier theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration - Failed
Authentication theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Failed Authentication Configuration - Family
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Family Configuration - Form
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Form Configuration - Http
Session intMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Jwt Configuration> - The JWT configuration for the tenant.
- Lambda
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Lambda Configuration - Lamnda configuration for this tenant.
- Login
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Login Configuration - Logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Maximum Password Age - Minimum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Minimum Password Age - Multi
Factor theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration - Name string
- The unique name of the Tenant.
- Oauth
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Oauth Configuration> - Password
Encryption List<theogravity.Configurations Fusionauth. Inputs. Fusion Auth Tenant Password Encryption Configuration> - Password
Validation theogravity.Rules Fusionauth. Inputs. Fusion Auth Tenant Password Validation Rules - Rate
Limit theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Rate Limit Configuration - Registration
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Registration Configuration - Scim
Server theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Scim Server Configuration - Source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Sso
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Sso Configuration - Tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- Theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- User
Delete theogravity.Policy Fusionauth. Inputs. Fusion Auth Tenant User Delete Policy - Username
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Username Configuration - Webauthn
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Webauthn Configuration - The WebAuthn configuration for this tenant.
- Webhook
Ids List<string> - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- Access
Control FusionConfiguration Auth Tenant Access Control Configuration Args - Captcha
Configuration FusionAuth Tenant Captcha Configuration Args - Connector
Policies []FusionAuth Tenant Connector Policy Args - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data map[string]string
- An object that can hold any information about the Tenant that should be persisted.
- Email
Configuration FusionAuth Tenant Email Configuration Args - The email configuration for the tenant.
- Event
Configurations []FusionAuth Tenant Event Configuration Args - External
Identifier FusionConfiguration Auth Tenant External Identifier Configuration Args - Failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration Args - Family
Configuration FusionAuth Tenant Family Configuration Args - Form
Configuration FusionAuth Tenant Form Configuration Args - Http
Session intMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations []FusionAuth Tenant Jwt Configuration Args - The JWT configuration for the tenant.
- Lambda
Configuration FusionAuth Tenant Lambda Configuration Args - Lamnda configuration for this tenant.
- Login
Configuration FusionAuth Tenant Login Configuration Args - Logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password FusionAge Auth Tenant Maximum Password Age Args - Minimum
Password FusionAge Auth Tenant Minimum Password Age Args - Multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration Args - Name string
- The unique name of the Tenant.
- Oauth
Configurations []FusionAuth Tenant Oauth Configuration Args - Password
Encryption []FusionConfigurations Auth Tenant Password Encryption Configuration Args - Password
Validation FusionRules Auth Tenant Password Validation Rules Args - Rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration Args - Registration
Configuration FusionAuth Tenant Registration Configuration Args - Scim
Server FusionConfiguration Auth Tenant Scim Server Configuration Args - Source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Sso
Configuration FusionAuth Tenant Sso Configuration Args - Tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- Theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- User
Delete FusionPolicy Auth Tenant User Delete Policy Args - Username
Configuration FusionAuth Tenant Username Configuration Args - Webauthn
Configuration FusionAuth Tenant Webauthn Configuration Args - The WebAuthn configuration for this tenant.
- Webhook
Ids []string - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies List<FusionAuth Tenant Connector Policy> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<String,String>
- An object that can hold any information about the Tenant that should be persisted.
- email
Configuration FusionAuth Tenant Email Configuration - The email configuration for the tenant.
- event
Configurations List<FusionAuth Tenant Event Configuration> - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session IntegerMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer String
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<FusionAuth Tenant Jwt Configuration> - The JWT configuration for the tenant.
- lambda
Configuration FusionAuth Tenant Lambda Configuration - Lamnda configuration for this tenant.
- login
Configuration FusionAuth Tenant Login Configuration - logout
Url String - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name String
- The unique name of the Tenant.
- oauth
Configurations List<FusionAuth Tenant Oauth Configuration> - password
Encryption List<FusionConfigurations Auth Tenant Password Encryption Configuration> - password
Validation FusionRules Auth Tenant Password Validation Rules - rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration - registration
Configuration FusionAuth Tenant Registration Configuration - scim
Server FusionConfiguration Auth Tenant Scim Server Configuration - source
Tenant StringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- sso
Configuration FusionAuth Tenant Sso Configuration - tenant
Id String - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id String - The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration - webauthn
Configuration FusionAuth Tenant Webauthn Configuration - The WebAuthn configuration for this tenant.
- webhook
Ids List<String> - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies FusionAuth Tenant Connector Policy[] - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data {[key: string]: string}
- An object that can hold any information about the Tenant that should be persisted.
- email
Configuration FusionAuth Tenant Email Configuration - The email configuration for the tenant.
- event
Configurations FusionAuth Tenant Event Configuration[] - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session numberMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations FusionAuth Tenant Jwt Configuration[] - The JWT configuration for the tenant.
- lambda
Configuration FusionAuth Tenant Lambda Configuration - Lamnda configuration for this tenant.
- login
Configuration FusionAuth Tenant Login Configuration - logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name string
- The unique name of the Tenant.
- oauth
Configurations FusionAuth Tenant Oauth Configuration[] - password
Encryption FusionConfigurations Auth Tenant Password Encryption Configuration[] - password
Validation FusionRules Auth Tenant Password Validation Rules - rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration - registration
Configuration FusionAuth Tenant Registration Configuration - scim
Server FusionConfiguration Auth Tenant Scim Server Configuration - source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- sso
Configuration FusionAuth Tenant Sso Configuration - tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration - webauthn
Configuration FusionAuth Tenant Webauthn Configuration - The WebAuthn configuration for this tenant.
- webhook
Ids string[] - An array of Webhook Ids. For Webhooks that are not already configured for All Tenants, specifying an Id on this request will indicate the associated Webhook should handle events for this tenant.
- access_
control_ Fusionconfiguration Auth Tenant Access Control Configuration Args - captcha_
configuration FusionAuth Tenant Captcha Configuration Args - connector_
policies Sequence[FusionAuth Tenant Connector Policy Args] - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Mapping[str, str]
- An object that can hold any information about the Tenant that should be persisted.
- email_
configuration FusionAuth Tenant Email Configuration Args - The email configuration for the tenant.
- event_
configurations Sequence[FusionAuth Tenant Event Configuration Args] - external_
identifier_ Fusionconfiguration Auth Tenant External Identifier Configuration Args - failed_
authentication_ Fusionconfiguration Auth Tenant Failed Authentication Configuration Args - family_
configuration FusionAuth Tenant Family Configuration Args - form_
configuration FusionAuth Tenant Form Configuration Args - http_
session_ intmax_ inactive_ interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer str
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt_
configurations Sequence[FusionAuth Tenant Jwt Configuration Args] - The JWT configuration for the tenant.