fusionauth logo
FusionAuth v2.17.0, Mar 24 23

fusionauth.FusionAuthTenant

Explore with Pulumi AI

# Tenant Resource

A FusionAuth Tenant is a named object that represents a discrete namespace for Users, Applications and Groups. A user is unique by email address or username within a tenant.

Tenants may be useful to support a multi-tenant application where you wish to use a single instance of FusionAuth but require the ability to have duplicate users across the tenants in your own application. In this scenario a user may exist multiple times with the same email address and different passwords across tenants.

Tenants may also be useful in a test or staging environment to allow multiple users to call APIs and create and modify users without possibility of collision.

Tenants API

Example Usage

using System.Collections.Generic;
using Pulumi;
using Fusionauth = theogravity.Fusionauth;

return await Deployment.RunAsync(() => 
{
    var example = new Fusionauth.FusionAuthTenant("example", new()
    {
        ConnectorPolicies = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs
            {
                ConnectorId = "b57b3d0f-f7a4-4831-a838-549717362ea8",
                Domains = new[]
                {
                    "*",
                },
                Migrate = false,
            },
        },
        EmailConfiguration = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
        {
            ForgotPasswordEmailTemplateId = fusionauth_email.ForgotPassword_Example.Id,
            Host = "smtp.sendgrid.net",
            Password = "password",
            PasswordlessEmailTemplateId = fusionauth_email.PasswordlessLogin_Example.Id,
            Port = 587,
            Security = "TLS",
            SetPasswordEmailTemplateId = fusionauth_email.SetupPassword_Example.Id,
            Username = "username",
            VerifyEmail = true,
            VerifyEmailWhenChanged = true,
        },
        EventConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.delete",
                Enabled = true,
                TransactionType = "None",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.create",
                Enabled = true,
                TransactionType = "None",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.update",
                Enabled = true,
                TransactionType = "None",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.deactivate",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.bulk.create",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.reactivate",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "jwt.refresh-token.revoke",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "jwt.refresh",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "jwt.public-key.update",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.login.success",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.login.failed",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.registration.create",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.registration.update",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.registration.delete",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.registration.verified",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.email.verified",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.identity-provider.link",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.identity-provider.unlink",
                Enabled = true,
                TransactionType = "Any",
            },
            new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
            {
                Event = "user.password.breach",
                Enabled = false,
                TransactionType = "None",
            },
        },
        ExternalIdentifierConfiguration = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
        {
            AuthorizationGrantIdTimeToLiveInSeconds = 30,
            ChangePasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
            {
                Length = 32,
                Type = "randomBytes",
            },
            ChangePasswordIdTimeToLiveInSeconds = 600,
            DeviceCodeTimeToLiveInSeconds = 1800,
            DeviceUserCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
            {
                Length = 6,
                Type = "randomAlphaNumeric",
            },
            EmailVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
            {
                Length = 32,
                Type = "randomBytes",
            },
            EmailVerificationIdTimeToLiveInSeconds = 86400,
            EmailVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
            {
                Length = 6,
                Type = "randomAlphaNumeric",
            },
            ExternalAuthenticationIdTimeToLiveInSeconds = 300,
            OneTimePasswordTimeToLiveInSeconds = 60,
            PasswordlessLoginGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
            {
                Length = 32,
                Type = "randomBytes",
            },
            PasswordlessLoginTimeToLiveInSeconds = 600,
            RegistrationVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
            {
                Length = 32,
                Type = "randomBytes",
            },
            RegistrationVerificationIdTimeToLiveInSeconds = 86400,
            RegistrationVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
            {
                Length = 6,
                Type = "randomAlphaNumeric",
            },
            SamlV2AuthnRequestIdTtlSeconds = 300,
            SetupPasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
            {
                Length = 32,
                Type = "randomBytes",
            },
            SetupPasswordIdTimeToLiveInSeconds = 86400,
            TwoFactorIdTimeToLiveInSeconds = 300,
            TwoFactorOneTimeCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
            {
                Length = 6,
                Type = "randomDigits",
            },
            TwoFactorTrustIdTimeToLiveInSeconds = 2592000,
        },
        FailedAuthenticationConfiguration = new Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
        {
            ActionDuration = 3,
            ActionDurationUnit = "MINUTES",
            ResetCountInSeconds = 60,
            TooManyAttempts = 5,
        },
        FamilyConfiguration = new Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
        {
            AllowChildRegistrations = true,
            DeleteOrphanedAccounts = false,
            DeleteOrphanedAccountsDays = 30,
            Enabled = true,
            MaximumChildAge = 12,
            MinimumOwnerAge = 21,
            ParentEmailRequired = false,
        },
        FormConfiguration = new Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
        {
            AdminUserFormId = "e92751a5-25f4-4bca-ad91-66cdf67725d2",
        },
        HttpSessionMaxInactiveInterval = 3600,
        Issuer = "https://example.com",
        JwtConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs
            {
                AccessTokenKeyId = fusionauth_key.Accesstoken.Id,
                IdTokenKeyId = fusionauth_key.Idtoken.Id,
                RefreshTokenTimeToLiveInMinutes = 43200,
                TimeToLiveInSeconds = 3600,
            },
        },
        LoginConfiguration = new Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
        {
            RequireAuthentication = true,
        },
        MaximumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
        {
            Days = 180,
            Enabled = false,
        },
        MinimumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
        {
            Enabled = false,
            Seconds = 30,
        },
        OauthConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs
            {
                ClientCredentialsAccessTokenPopulateLambdaId = fusionauth_lambda.Client_jwt_populate.Id,
            },
        },
        PasswordEncryptionConfigurations = new[]
        {
            new Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs
            {
                EncryptionScheme = "salted-pbkdf2-hmac-sha256",
                EncryptionSchemeFactor = 24000,
                ModifyEncryptionSchemeOnLogin = false,
            },
        },
        PasswordValidationRules = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
        {
            MaxLength = 256,
            MinLength = 7,
            RememberPreviousPasswords = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
            {
                Count = 1,
                Enabled = false,
            },
            RequiredMixedCase = false,
            RequireNonAlpha = false,
            RequireNumber = false,
            ValidateOnLogin = false,
        },
        ThemeId = fusionauth_theme.Example_theme.Id,
        UserDeletePolicy = new Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
        {
            UnverifiedEnabled = false,
            UnverifiedNumberOfDaysToRetain = 30,
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/theogravity/pulumi-fusionauth/sdk/v2/go/fusionauth"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fusionauth.NewFusionAuthTenant(ctx, "example", &fusionauth.FusionAuthTenantArgs{
			ConnectorPolicies: fusionauth.FusionAuthTenantConnectorPolicyArray{
				&fusionauth.FusionAuthTenantConnectorPolicyArgs{
					ConnectorId: pulumi.String("b57b3d0f-f7a4-4831-a838-549717362ea8"),
					Domains: pulumi.StringArray{
						pulumi.String("*"),
					},
					Migrate: pulumi.Bool(false),
				},
			},
			EmailConfiguration: &fusionauth.FusionAuthTenantEmailConfigurationArgs{
				ForgotPasswordEmailTemplateId: pulumi.Any(fusionauth_email.ForgotPassword_Example.Id),
				Host:                          pulumi.String("smtp.sendgrid.net"),
				Password:                      pulumi.String("password"),
				PasswordlessEmailTemplateId:   pulumi.Any(fusionauth_email.PasswordlessLogin_Example.Id),
				Port:                          pulumi.Int(587),
				Security:                      pulumi.String("TLS"),
				SetPasswordEmailTemplateId:    pulumi.Any(fusionauth_email.SetupPassword_Example.Id),
				Username:                      pulumi.String("username"),
				VerifyEmail:                   pulumi.Bool(true),
				VerifyEmailWhenChanged:        pulumi.Bool(true),
			},
			EventConfigurations: fusionauth.FusionAuthTenantEventConfigurationArray{
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.delete"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("None"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.create"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("None"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.update"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("None"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.deactivate"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.bulk.create"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.reactivate"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("jwt.refresh-token.revoke"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("jwt.refresh"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("jwt.public-key.update"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.login.success"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.login.failed"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.registration.create"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.registration.update"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.registration.delete"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.registration.verified"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.email.verified"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.identity-provider.link"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.identity-provider.unlink"),
					Enabled:         pulumi.Bool(true),
					TransactionType: pulumi.String("Any"),
				},
				&fusionauth.FusionAuthTenantEventConfigurationArgs{
					Event:           pulumi.String("user.password.breach"),
					Enabled:         pulumi.Bool(false),
					TransactionType: pulumi.String("None"),
				},
			},
			ExternalIdentifierConfiguration: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs{
				AuthorizationGrantIdTimeToLiveInSeconds: pulumi.Int(30),
				ChangePasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs{
					Length: pulumi.Int(32),
					Type:   pulumi.String("randomBytes"),
				},
				ChangePasswordIdTimeToLiveInSeconds: pulumi.Int(600),
				DeviceCodeTimeToLiveInSeconds:       pulumi.Int(1800),
				DeviceUserCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs{
					Length: pulumi.Int(6),
					Type:   pulumi.String("randomAlphaNumeric"),
				},
				EmailVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs{
					Length: pulumi.Int(32),
					Type:   pulumi.String("randomBytes"),
				},
				EmailVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
				EmailVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs{
					Length: pulumi.Int(6),
					Type:   pulumi.String("randomAlphaNumeric"),
				},
				ExternalAuthenticationIdTimeToLiveInSeconds: pulumi.Int(300),
				OneTimePasswordTimeToLiveInSeconds:          pulumi.Int(60),
				PasswordlessLoginGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs{
					Length: pulumi.Int(32),
					Type:   pulumi.String("randomBytes"),
				},
				PasswordlessLoginTimeToLiveInSeconds: pulumi.Int(600),
				RegistrationVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs{
					Length: pulumi.Int(32),
					Type:   pulumi.String("randomBytes"),
				},
				RegistrationVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
				RegistrationVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs{
					Length: pulumi.Int(6),
					Type:   pulumi.String("randomAlphaNumeric"),
				},
				SamlV2AuthnRequestIdTtlSeconds: pulumi.Int(300),
				SetupPasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs{
					Length: pulumi.Int(32),
					Type:   pulumi.String("randomBytes"),
				},
				SetupPasswordIdTimeToLiveInSeconds: pulumi.Int(86400),
				TwoFactorIdTimeToLiveInSeconds:     pulumi.Int(300),
				TwoFactorOneTimeCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs{
					Length: pulumi.Int(6),
					Type:   pulumi.String("randomDigits"),
				},
				TwoFactorTrustIdTimeToLiveInSeconds: pulumi.Int(2592000),
			},
			FailedAuthenticationConfiguration: &fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs{
				ActionDuration:      pulumi.Int(3),
				ActionDurationUnit:  pulumi.String("MINUTES"),
				ResetCountInSeconds: pulumi.Int(60),
				TooManyAttempts:     pulumi.Int(5),
			},
			FamilyConfiguration: &fusionauth.FusionAuthTenantFamilyConfigurationArgs{
				AllowChildRegistrations:    pulumi.Bool(true),
				DeleteOrphanedAccounts:     pulumi.Bool(false),
				DeleteOrphanedAccountsDays: pulumi.Int(30),
				Enabled:                    pulumi.Bool(true),
				MaximumChildAge:            pulumi.Int(12),
				MinimumOwnerAge:            pulumi.Int(21),
				ParentEmailRequired:        pulumi.Bool(false),
			},
			FormConfiguration: &fusionauth.FusionAuthTenantFormConfigurationArgs{
				AdminUserFormId: pulumi.String("e92751a5-25f4-4bca-ad91-66cdf67725d2"),
			},
			HttpSessionMaxInactiveInterval: pulumi.Int(3600),
			Issuer:                         pulumi.String("https://example.com"),
			JwtConfigurations: fusionauth.FusionAuthTenantJwtConfigurationArray{
				&fusionauth.FusionAuthTenantJwtConfigurationArgs{
					AccessTokenKeyId:                pulumi.Any(fusionauth_key.Accesstoken.Id),
					IdTokenKeyId:                    pulumi.Any(fusionauth_key.Idtoken.Id),
					RefreshTokenTimeToLiveInMinutes: pulumi.Int(43200),
					TimeToLiveInSeconds:             pulumi.Int(3600),
				},
			},
			LoginConfiguration: &fusionauth.FusionAuthTenantLoginConfigurationArgs{
				RequireAuthentication: pulumi.Bool(true),
			},
			MaximumPasswordAge: &fusionauth.FusionAuthTenantMaximumPasswordAgeArgs{
				Days:    pulumi.Int(180),
				Enabled: pulumi.Bool(false),
			},
			MinimumPasswordAge: &fusionauth.FusionAuthTenantMinimumPasswordAgeArgs{
				Enabled: pulumi.Bool(false),
				Seconds: pulumi.Int(30),
			},
			OauthConfigurations: fusionauth.FusionAuthTenantOauthConfigurationArray{
				&fusionauth.FusionAuthTenantOauthConfigurationArgs{
					ClientCredentialsAccessTokenPopulateLambdaId: pulumi.Any(fusionauth_lambda.Client_jwt_populate.Id),
				},
			},
			PasswordEncryptionConfigurations: fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArray{
				&fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs{
					EncryptionScheme:              pulumi.String("salted-pbkdf2-hmac-sha256"),
					EncryptionSchemeFactor:        pulumi.Int(24000),
					ModifyEncryptionSchemeOnLogin: pulumi.Bool(false),
				},
			},
			PasswordValidationRules: &fusionauth.FusionAuthTenantPasswordValidationRulesArgs{
				MaxLength: pulumi.Int(256),
				MinLength: pulumi.Int(7),
				RememberPreviousPasswords: &fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs{
					Count:   pulumi.Int(1),
					Enabled: pulumi.Bool(false),
				},
				RequiredMixedCase: pulumi.Bool(false),
				RequireNonAlpha:   pulumi.Bool(false),
				RequireNumber:     pulumi.Bool(false),
				ValidateOnLogin:   pulumi.Bool(false),
			},
			ThemeId: pulumi.Any(fusionauth_theme.Example_theme.Id),
			UserDeletePolicy: &fusionauth.FusionAuthTenantUserDeletePolicyArgs{
				UnverifiedEnabled:              pulumi.Bool(false),
				UnverifiedNumberOfDaysToRetain: pulumi.Int(30),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fusionauth.FusionAuthTenant;
import com.pulumi.fusionauth.FusionAuthTenantArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantConnectorPolicyArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantEmailConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantEventConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFamilyConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFormConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantJwtConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantLoginConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantMaximumPasswordAgeArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantMinimumPasswordAgeArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantOauthConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantUserDeletePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new FusionAuthTenant("example", FusionAuthTenantArgs.builder()        
            .connectorPolicies(FusionAuthTenantConnectorPolicyArgs.builder()
                .connectorId("b57b3d0f-f7a4-4831-a838-549717362ea8")
                .domains("*")
                .migrate(false)
                .build())
            .emailConfiguration(FusionAuthTenantEmailConfigurationArgs.builder()
                .forgotPasswordEmailTemplateId(fusionauth_email.ForgotPassword_Example().id())
                .host("smtp.sendgrid.net")
                .password("password")
                .passwordlessEmailTemplateId(fusionauth_email.PasswordlessLogin_Example().id())
                .port(587)
                .security("TLS")
                .setPasswordEmailTemplateId(fusionauth_email.SetupPassword_Example().id())
                .username("username")
                .verifyEmail(true)
                .verifyEmailWhenChanged(true)
                .build())
            .eventConfigurations(            
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.delete")
                    .enabled(true)
                    .transactionType("None")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.create")
                    .enabled(true)
                    .transactionType("None")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.update")
                    .enabled(true)
                    .transactionType("None")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.deactivate")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.bulk.create")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.reactivate")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("jwt.refresh-token.revoke")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("jwt.refresh")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("jwt.public-key.update")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.login.success")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.login.failed")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.registration.create")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.registration.update")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.registration.delete")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.registration.verified")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.email.verified")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.identity-provider.link")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.identity-provider.unlink")
                    .enabled(true)
                    .transactionType("Any")
                    .build(),
                FusionAuthTenantEventConfigurationArgs.builder()
                    .event("user.password.breach")
                    .enabled(false)
                    .transactionType("None")
                    .build())
            .externalIdentifierConfiguration(FusionAuthTenantExternalIdentifierConfigurationArgs.builder()
                .authorizationGrantIdTimeToLiveInSeconds(30)
                .changePasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs.builder()
                    .length(32)
                    .type("randomBytes")
                    .build())
                .changePasswordIdTimeToLiveInSeconds(600)
                .deviceCodeTimeToLiveInSeconds(1800)
                .deviceUserCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs.builder()
                    .length(6)
                    .type("randomAlphaNumeric")
                    .build())
                .emailVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs.builder()
                    .length(32)
                    .type("randomBytes")
                    .build())
                .emailVerificationIdTimeToLiveInSeconds(86400)
                .emailVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs.builder()
                    .length(6)
                    .type("randomAlphaNumeric")
                    .build())
                .externalAuthenticationIdTimeToLiveInSeconds(300)
                .oneTimePasswordTimeToLiveInSeconds(60)
                .passwordlessLoginGenerator(FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs.builder()
                    .length(32)
                    .type("randomBytes")
                    .build())
                .passwordlessLoginTimeToLiveInSeconds(600)
                .registrationVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs.builder()
                    .length(32)
                    .type("randomBytes")
                    .build())
                .registrationVerificationIdTimeToLiveInSeconds(86400)
                .registrationVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs.builder()
                    .length(6)
                    .type("randomAlphaNumeric")
                    .build())
                .samlV2AuthnRequestIdTtlSeconds(300)
                .setupPasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs.builder()
                    .length(32)
                    .type("randomBytes")
                    .build())
                .setupPasswordIdTimeToLiveInSeconds(86400)
                .twoFactorIdTimeToLiveInSeconds(300)
                .twoFactorOneTimeCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs.builder()
                    .length(6)
                    .type("randomDigits")
                    .build())
                .twoFactorTrustIdTimeToLiveInSeconds(2592000)
                .build())
            .failedAuthenticationConfiguration(FusionAuthTenantFailedAuthenticationConfigurationArgs.builder()
                .actionDuration(3)
                .actionDurationUnit("MINUTES")
                .resetCountInSeconds(60)
                .tooManyAttempts(5)
                .build())
            .familyConfiguration(FusionAuthTenantFamilyConfigurationArgs.builder()
                .allowChildRegistrations(true)
                .deleteOrphanedAccounts(false)
                .deleteOrphanedAccountsDays(30)
                .enabled(true)
                .maximumChildAge(12)
                .minimumOwnerAge(21)
                .parentEmailRequired(false)
                .build())
            .formConfiguration(FusionAuthTenantFormConfigurationArgs.builder()
                .adminUserFormId("e92751a5-25f4-4bca-ad91-66cdf67725d2")
                .build())
            .httpSessionMaxInactiveInterval(3600)
            .issuer("https://example.com")
            .jwtConfigurations(FusionAuthTenantJwtConfigurationArgs.builder()
                .accessTokenKeyId(fusionauth_key.accesstoken().id())
                .idTokenKeyId(fusionauth_key.idtoken().id())
                .refreshTokenTimeToLiveInMinutes(43200)
                .timeToLiveInSeconds(3600)
                .build())
            .loginConfiguration(FusionAuthTenantLoginConfigurationArgs.builder()
                .requireAuthentication(true)
                .build())
            .maximumPasswordAge(FusionAuthTenantMaximumPasswordAgeArgs.builder()
                .days(180)
                .enabled(false)
                .build())
            .minimumPasswordAge(FusionAuthTenantMinimumPasswordAgeArgs.builder()
                .enabled(false)
                .seconds(30)
                .build())
            .oauthConfigurations(FusionAuthTenantOauthConfigurationArgs.builder()
                .clientCredentialsAccessTokenPopulateLambdaId(fusionauth_lambda.client_jwt_populate().id())
                .build())
            .passwordEncryptionConfigurations(FusionAuthTenantPasswordEncryptionConfigurationArgs.builder()
                .encryptionScheme("salted-pbkdf2-hmac-sha256")
                .encryptionSchemeFactor(24000)
                .modifyEncryptionSchemeOnLogin(false)
                .build())
            .passwordValidationRules(FusionAuthTenantPasswordValidationRulesArgs.builder()
                .maxLength(256)
                .minLength(7)
                .rememberPreviousPasswords(FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs.builder()
                    .count(1)
                    .enabled(false)
                    .build())
                .requiredMixedCase(false)
                .requireNonAlpha(false)
                .requireNumber(false)
                .validateOnLogin(false)
                .build())
            .themeId(fusionauth_theme.example_theme().id())
            .userDeletePolicy(FusionAuthTenantUserDeletePolicyArgs.builder()
                .unverifiedEnabled(false)
                .unverifiedNumberOfDaysToRetain(30)
                .build())
            .build());

    }
}
import pulumi
import theogravity_pulumi-fusionauth as fusionauth

example = fusionauth.FusionAuthTenant("example",
    connector_policies=[fusionauth.FusionAuthTenantConnectorPolicyArgs(
        connector_id="b57b3d0f-f7a4-4831-a838-549717362ea8",
        domains=["*"],
        migrate=False,
    )],
    email_configuration=fusionauth.FusionAuthTenantEmailConfigurationArgs(
        forgot_password_email_template_id=fusionauth_email["ForgotPassword_Example"]["id"],
        host="smtp.sendgrid.net",
        password="password",
        passwordless_email_template_id=fusionauth_email["PasswordlessLogin_Example"]["id"],
        port=587,
        security="TLS",
        set_password_email_template_id=fusionauth_email["SetupPassword_Example"]["id"],
        username="username",
        verify_email=True,
        verify_email_when_changed=True,
    ),
    event_configurations=[
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.delete",
            enabled=True,
            transaction_type="None",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.create",
            enabled=True,
            transaction_type="None",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.update",
            enabled=True,
            transaction_type="None",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.deactivate",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.bulk.create",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.reactivate",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="jwt.refresh-token.revoke",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="jwt.refresh",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="jwt.public-key.update",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.login.success",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.login.failed",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.registration.create",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.registration.update",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.registration.delete",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.registration.verified",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.email.verified",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.identity-provider.link",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.identity-provider.unlink",
            enabled=True,
            transaction_type="Any",
        ),
        fusionauth.FusionAuthTenantEventConfigurationArgs(
            event="user.password.breach",
            enabled=False,
            transaction_type="None",
        ),
    ],
    external_identifier_configuration=fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs(
        authorization_grant_id_time_to_live_in_seconds=30,
        change_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs(
            length=32,
            type="randomBytes",
        ),
        change_password_id_time_to_live_in_seconds=600,
        device_code_time_to_live_in_seconds=1800,
        device_user_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs(
            length=6,
            type="randomAlphaNumeric",
        ),
        email_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs(
            length=32,
            type="randomBytes",
        ),
        email_verification_id_time_to_live_in_seconds=86400,
        email_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs(
            length=6,
            type="randomAlphaNumeric",
        ),
        external_authentication_id_time_to_live_in_seconds=300,
        one_time_password_time_to_live_in_seconds=60,
        passwordless_login_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs(
            length=32,
            type="randomBytes",
        ),
        passwordless_login_time_to_live_in_seconds=600,
        registration_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs(
            length=32,
            type="randomBytes",
        ),
        registration_verification_id_time_to_live_in_seconds=86400,
        registration_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs(
            length=6,
            type="randomAlphaNumeric",
        ),
        saml_v2_authn_request_id_ttl_seconds=300,
        setup_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs(
            length=32,
            type="randomBytes",
        ),
        setup_password_id_time_to_live_in_seconds=86400,
        two_factor_id_time_to_live_in_seconds=300,
        two_factor_one_time_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs(
            length=6,
            type="randomDigits",
        ),
        two_factor_trust_id_time_to_live_in_seconds=2592000,
    ),
    failed_authentication_configuration=fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs(
        action_duration=3,
        action_duration_unit="MINUTES",
        reset_count_in_seconds=60,
        too_many_attempts=5,
    ),
    family_configuration=fusionauth.FusionAuthTenantFamilyConfigurationArgs(
        allow_child_registrations=True,
        delete_orphaned_accounts=False,
        delete_orphaned_accounts_days=30,
        enabled=True,
        maximum_child_age=12,
        minimum_owner_age=21,
        parent_email_required=False,
    ),
    form_configuration=fusionauth.FusionAuthTenantFormConfigurationArgs(
        admin_user_form_id="e92751a5-25f4-4bca-ad91-66cdf67725d2",
    ),
    http_session_max_inactive_interval=3600,
    issuer="https://example.com",
    jwt_configurations=[fusionauth.FusionAuthTenantJwtConfigurationArgs(
        access_token_key_id=fusionauth_key["accesstoken"]["id"],
        id_token_key_id=fusionauth_key["idtoken"]["id"],
        refresh_token_time_to_live_in_minutes=43200,
        time_to_live_in_seconds=3600,
    )],
    login_configuration=fusionauth.FusionAuthTenantLoginConfigurationArgs(
        require_authentication=True,
    ),
    maximum_password_age=fusionauth.FusionAuthTenantMaximumPasswordAgeArgs(
        days=180,
        enabled=False,
    ),
    minimum_password_age=fusionauth.FusionAuthTenantMinimumPasswordAgeArgs(
        enabled=False,
        seconds=30,
    ),
    oauth_configurations=[fusionauth.FusionAuthTenantOauthConfigurationArgs(
        client_credentials_access_token_populate_lambda_id=fusionauth_lambda["client_jwt_populate"]["id"],
    )],
    password_encryption_configurations=[fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs(
        encryption_scheme="salted-pbkdf2-hmac-sha256",
        encryption_scheme_factor=24000,
        modify_encryption_scheme_on_login=False,
    )],
    password_validation_rules=fusionauth.FusionAuthTenantPasswordValidationRulesArgs(
        max_length=256,
        min_length=7,
        remember_previous_passwords=fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs(
            count=1,
            enabled=False,
        ),
        required_mixed_case=False,
        require_non_alpha=False,
        require_number=False,
        validate_on_login=False,
    ),
    theme_id=fusionauth_theme["example_theme"]["id"],
    user_delete_policy=fusionauth.FusionAuthTenantUserDeletePolicyArgs(
        unverified_enabled=False,
        unverified_number_of_days_to_retain=30,
    ))
import * as pulumi from "@pulumi/pulumi";
import * as fusionauth from "pulumi-fusionauth";

const example = new fusionauth.FusionAuthTenant("example", {
    connectorPolicies: [{
        connectorId: "b57b3d0f-f7a4-4831-a838-549717362ea8",
        domains: ["*"],
        migrate: false,
    }],
    emailConfiguration: {
        forgotPasswordEmailTemplateId: fusionauth_email.ForgotPassword_Example.id,
        host: "smtp.sendgrid.net",
        password: "password",
        passwordlessEmailTemplateId: fusionauth_email.PasswordlessLogin_Example.id,
        port: 587,
        security: "TLS",
        setPasswordEmailTemplateId: fusionauth_email.SetupPassword_Example.id,
        username: "username",
        verifyEmail: true,
        verifyEmailWhenChanged: true,
    },
    eventConfigurations: [
        {
            event: "user.delete",
            enabled: true,
            transactionType: "None",
        },
        {
            event: "user.create",
            enabled: true,
            transactionType: "None",
        },
        {
            event: "user.update",
            enabled: true,
            transactionType: "None",
        },
        {
            event: "user.deactivate",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.bulk.create",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.reactivate",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "jwt.refresh-token.revoke",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "jwt.refresh",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "jwt.public-key.update",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.login.success",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.login.failed",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.registration.create",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.registration.update",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.registration.delete",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.registration.verified",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.email.verified",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.identity-provider.link",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.identity-provider.unlink",
            enabled: true,
            transactionType: "Any",
        },
        {
            event: "user.password.breach",
            enabled: false,
            transactionType: "None",
        },
    ],
    externalIdentifierConfiguration: {
        authorizationGrantIdTimeToLiveInSeconds: 30,
        changePasswordIdGenerator: {
            length: 32,
            type: "randomBytes",
        },
        changePasswordIdTimeToLiveInSeconds: 600,
        deviceCodeTimeToLiveInSeconds: 1800,
        deviceUserCodeIdGenerator: {
            length: 6,
            type: "randomAlphaNumeric",
        },
        emailVerificationIdGenerator: {
            length: 32,
            type: "randomBytes",
        },
        emailVerificationIdTimeToLiveInSeconds: 86400,
        emailVerificationOneTimeCodeGenerator: {
            length: 6,
            type: "randomAlphaNumeric",
        },
        externalAuthenticationIdTimeToLiveInSeconds: 300,
        oneTimePasswordTimeToLiveInSeconds: 60,
        passwordlessLoginGenerator: {
            length: 32,
            type: "randomBytes",
        },
        passwordlessLoginTimeToLiveInSeconds: 600,
        registrationVerificationIdGenerator: {
            length: 32,
            type: "randomBytes",
        },
        registrationVerificationIdTimeToLiveInSeconds: 86400,
        registrationVerificationOneTimeCodeGenerator: {
            length: 6,
            type: "randomAlphaNumeric",
        },
        samlV2AuthnRequestIdTtlSeconds: 300,
        setupPasswordIdGenerator: {
            length: 32,
            type: "randomBytes",
        },
        setupPasswordIdTimeToLiveInSeconds: 86400,
        twoFactorIdTimeToLiveInSeconds: 300,
        twoFactorOneTimeCodeIdGenerator: {
            length: 6,
            type: "randomDigits",
        },
        twoFactorTrustIdTimeToLiveInSeconds: 2592000,
    },
    failedAuthenticationConfiguration: {
        actionDuration: 3,
        actionDurationUnit: "MINUTES",
        resetCountInSeconds: 60,
        tooManyAttempts: 5,
    },
    familyConfiguration: {
        allowChildRegistrations: true,
        deleteOrphanedAccounts: false,
        deleteOrphanedAccountsDays: 30,
        enabled: true,
        maximumChildAge: 12,
        minimumOwnerAge: 21,
        parentEmailRequired: false,
    },
    formConfiguration: {
        adminUserFormId: "e92751a5-25f4-4bca-ad91-66cdf67725d2",
    },
    httpSessionMaxInactiveInterval: 3600,
    issuer: "https://example.com",
    jwtConfigurations: [{
        accessTokenKeyId: fusionauth_key.accesstoken.id,
        idTokenKeyId: fusionauth_key.idtoken.id,
        refreshTokenTimeToLiveInMinutes: 43200,
        timeToLiveInSeconds: 3600,
    }],
    loginConfiguration: {
        requireAuthentication: true,
    },
    maximumPasswordAge: {
        days: 180,
        enabled: false,
    },
    minimumPasswordAge: {
        enabled: false,
        seconds: 30,
    },
    oauthConfigurations: [{
        clientCredentialsAccessTokenPopulateLambdaId: fusionauth_lambda.client_jwt_populate.id,
    }],
    passwordEncryptionConfigurations: [{
        encryptionScheme: "salted-pbkdf2-hmac-sha256",
        encryptionSchemeFactor: 24000,
        modifyEncryptionSchemeOnLogin: false,
    }],
    passwordValidationRules: {
        maxLength: 256,
        minLength: 7,
        rememberPreviousPasswords: {
            count: 1,
            enabled: false,
        },
        requiredMixedCase: false,
        requireNonAlpha: false,
        requireNumber: false,
        validateOnLogin: false,
    },
    themeId: fusionauth_theme.example_theme.id,
    userDeletePolicy: {
        unverifiedEnabled: false,
        unverifiedNumberOfDaysToRetain: 30,
    },
});
resources:
  example:
    type: fusionauth:FusionAuthTenant
    properties:
      connectorPolicies:
        - connectorId: b57b3d0f-f7a4-4831-a838-549717362ea8
          domains:
            - '*'
          migrate: false
      emailConfiguration:
        forgotPasswordEmailTemplateId: ${fusionauth_email.ForgotPassword_Example.id}
        host: smtp.sendgrid.net
        password: password
        passwordlessEmailTemplateId: ${fusionauth_email.PasswordlessLogin_Example.id}
        port: 587
        security: TLS
        setPasswordEmailTemplateId: ${fusionauth_email.SetupPassword_Example.id}
        username: username
        verifyEmail: true
        verifyEmailWhenChanged: true
      eventConfigurations:
        - event: user.delete
          enabled: true
          transactionType: None
        - event: user.create
          enabled: true
          transactionType: None
        - event: user.update
          enabled: true
          transactionType: None
        - event: user.deactivate
          enabled: true
          transactionType: Any
        - event: user.bulk.create
          enabled: true
          transactionType: Any
        - event: user.reactivate
          enabled: true
          transactionType: Any
        - event: jwt.refresh-token.revoke
          enabled: true
          transactionType: Any
        - event: jwt.refresh
          enabled: true
          transactionType: Any
        - event: jwt.public-key.update
          enabled: true
          transactionType: Any
        - event: user.login.success
          enabled: true
          transactionType: Any
        - event: user.login.failed
          enabled: true
          transactionType: Any
        - event: user.registration.create
          enabled: true
          transactionType: Any
        - event: user.registration.update
          enabled: true
          transactionType: Any
        - event: user.registration.delete
          enabled: true
          transactionType: Any
        - event: user.registration.verified
          enabled: true
          transactionType: Any
        - event: user.email.verified
          enabled: true
          transactionType: Any
        - event: user.identity-provider.link
          enabled: true
          transactionType: Any
        - event: user.identity-provider.unlink
          enabled: true
          transactionType: Any
        - event: user.password.breach
          enabled: false
          transactionType: None
      externalIdentifierConfiguration:
        authorizationGrantIdTimeToLiveInSeconds: 30
        changePasswordIdGenerator:
          length: 32
          type: randomBytes
        changePasswordIdTimeToLiveInSeconds: 600
        deviceCodeTimeToLiveInSeconds: 1800
        deviceUserCodeIdGenerator:
          length: 6
          type: randomAlphaNumeric
        emailVerificationIdGenerator:
          length: 32
          type: randomBytes
        emailVerificationIdTimeToLiveInSeconds: 86400
        emailVerificationOneTimeCodeGenerator:
          length: 6
          type: randomAlphaNumeric
        externalAuthenticationIdTimeToLiveInSeconds: 300
        oneTimePasswordTimeToLiveInSeconds: 60
        passwordlessLoginGenerator:
          length: 32
          type: randomBytes
        passwordlessLoginTimeToLiveInSeconds: 600
        registrationVerificationIdGenerator:
          length: 32
          type: randomBytes
        registrationVerificationIdTimeToLiveInSeconds: 86400
        registrationVerificationOneTimeCodeGenerator:
          length: 6
          type: randomAlphaNumeric
        samlV2AuthnRequestIdTtlSeconds: 300
        setupPasswordIdGenerator:
          length: 32
          type: randomBytes
        setupPasswordIdTimeToLiveInSeconds: 86400
        twoFactorIdTimeToLiveInSeconds: 300
        twoFactorOneTimeCodeIdGenerator:
          length: 6
          type: randomDigits
        twoFactorTrustIdTimeToLiveInSeconds: 2.592e+06
      failedAuthenticationConfiguration:
        actionDuration: 3
        actionDurationUnit: MINUTES
        resetCountInSeconds: 60
        tooManyAttempts: 5
      familyConfiguration:
        allowChildRegistrations: true
        deleteOrphanedAccounts: false
        deleteOrphanedAccountsDays: 30
        enabled: true
        maximumChildAge: 12
        minimumOwnerAge: 21
        parentEmailRequired: false
      formConfiguration:
        adminUserFormId: e92751a5-25f4-4bca-ad91-66cdf67725d2
      httpSessionMaxInactiveInterval: 3600
      issuer: https://example.com
      jwtConfigurations:
        - accessTokenKeyId: ${fusionauth_key.accesstoken.id}
          idTokenKeyId: ${fusionauth_key.idtoken.id}
          refreshTokenTimeToLiveInMinutes: 43200
          timeToLiveInSeconds: 3600
      loginConfiguration:
        requireAuthentication: true
      maximumPasswordAge:
        days: 180
        enabled: false
      minimumPasswordAge:
        enabled: false
        seconds: 30
      oauthConfigurations:
        - clientCredentialsAccessTokenPopulateLambdaId: ${fusionauth_lambda.client_jwt_populate.id}
      passwordEncryptionConfigurations:
        - encryptionScheme: salted-pbkdf2-hmac-sha256
          encryptionSchemeFactor: 24000
          modifyEncryptionSchemeOnLogin: false
      passwordValidationRules:
        maxLength: 256
        minLength: 7
        rememberPreviousPasswords:
          count: 1
          enabled: false
        requiredMixedCase: false
        requireNonAlpha: false
        requireNumber: false
        validateOnLogin: false
      themeId: ${fusionauth_theme.example_theme.id}
      userDeletePolicy:
        unverifiedEnabled: false
        unverifiedNumberOfDaysToRetain: 30

Create FusionAuthTenant Resource

new FusionAuthTenant(name: string, args: FusionAuthTenantArgs, opts?: CustomResourceOptions);
@overload
def FusionAuthTenant(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
                     captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
                     connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
                     data: Optional[Mapping[str, Any]] = None,
                     email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
                     event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
                     external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
                     failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
                     family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
                     form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
                     http_session_max_inactive_interval: Optional[int] = None,
                     issuer: Optional[str] = None,
                     jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
                     login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
                     logout_url: Optional[str] = None,
                     maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
                     minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
                     multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
                     name: Optional[str] = None,
                     oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
                     password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
                     password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
                     source_tenant_id: Optional[str] = None,
                     tenant_id: Optional[str] = None,
                     theme_id: Optional[str] = None,
                     user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
                     username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None)
@overload
def FusionAuthTenant(resource_name: str,
                     args: FusionAuthTenantArgs,
                     opts: Optional[ResourceOptions] = None)
func NewFusionAuthTenant(ctx *Context, name string, args FusionAuthTenantArgs, opts ...ResourceOption) (*FusionAuthTenant, error)
public FusionAuthTenant(string name, FusionAuthTenantArgs args, CustomResourceOptions? opts = null)
public FusionAuthTenant(String name, FusionAuthTenantArgs args)
public FusionAuthTenant(String name, FusionAuthTenantArgs args, CustomResourceOptions options)
type: fusionauth:FusionAuthTenant
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args FusionAuthTenantArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args FusionAuthTenantArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args FusionAuthTenantArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args FusionAuthTenantArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args FusionAuthTenantArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

FusionAuthTenant Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The FusionAuthTenant resource accepts the following input properties:

EmailConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
ExternalIdentifierConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
Issuer string

The named issuer used to sign tokens, this is generally your public fully qualified domain.

JwtConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs>
ThemeId string

The unique Id of the theme to be used to style the login page and other end user templates.

AccessControlConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantAccessControlConfigurationArgs
CaptchaConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantCaptchaConfigurationArgs
ConnectorPolicies List<theogravity.Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs>

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

Data Dictionary<string, object>

An object that can hold any information about the Tenant that should be persisted.

EventConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs>
FailedAuthenticationConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
FamilyConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
FormConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
HttpSessionMaxInactiveInterval int

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

LoginConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
LogoutUrl string

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

MaximumPasswordAge theogravity.Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
MinimumPasswordAge theogravity.Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
MultiFactorConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationArgs
Name string

The unique name of the Tenant.

OauthConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs>
PasswordEncryptionConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs>
PasswordValidationRules theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
SourceTenantId string

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

TenantId string

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

UserDeletePolicy theogravity.Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
UsernameConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationArgs
EmailConfiguration FusionAuthTenantEmailConfigurationArgs
ExternalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfigurationArgs
Issuer string

The named issuer used to sign tokens, this is generally your public fully qualified domain.

JwtConfigurations []FusionAuthTenantJwtConfigurationArgs
ThemeId string

The unique Id of the theme to be used to style the login page and other end user templates.

AccessControlConfiguration FusionAuthTenantAccessControlConfigurationArgs
CaptchaConfiguration FusionAuthTenantCaptchaConfigurationArgs
ConnectorPolicies []FusionAuthTenantConnectorPolicyArgs

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

Data map[string]interface{}

An object that can hold any information about the Tenant that should be persisted.

EventConfigurations []FusionAuthTenantEventConfigurationArgs
FailedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfigurationArgs
FamilyConfiguration FusionAuthTenantFamilyConfigurationArgs
FormConfiguration FusionAuthTenantFormConfigurationArgs
HttpSessionMaxInactiveInterval int

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

LoginConfiguration FusionAuthTenantLoginConfigurationArgs
LogoutUrl string

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

MaximumPasswordAge FusionAuthTenantMaximumPasswordAgeArgs
MinimumPasswordAge FusionAuthTenantMinimumPasswordAgeArgs
MultiFactorConfiguration FusionAuthTenantMultiFactorConfigurationArgs
Name string

The unique name of the Tenant.

OauthConfigurations []FusionAuthTenantOauthConfigurationArgs
PasswordEncryptionConfigurations []FusionAuthTenantPasswordEncryptionConfigurationArgs
PasswordValidationRules FusionAuthTenantPasswordValidationRulesArgs
SourceTenantId string

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

TenantId string

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

UserDeletePolicy FusionAuthTenantUserDeletePolicyArgs
UsernameConfiguration FusionAuthTenantUsernameConfigurationArgs
emailConfiguration FusionAuthTenantEmailConfigurationArgs
externalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfigurationArgs
issuer String

The named issuer used to sign tokens, this is generally your public fully qualified domain.

jwtConfigurations List<FusionAuthTenantJwtConfigurationArgs>
themeId String

The unique Id of the theme to be used to style the login page and other end user templates.

accessControlConfiguration FusionAuthTenantAccessControlConfigurationArgs
captchaConfiguration FusionAuthTenantCaptchaConfigurationArgs
connectorPolicies List<FusionAuthTenantConnectorPolicyArgs>

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

data Map<String,Object>

An object that can hold any information about the Tenant that should be persisted.

eventConfigurations List<FusionAuthTenantEventConfigurationArgs>
failedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfigurationArgs
familyConfiguration FusionAuthTenantFamilyConfigurationArgs
formConfiguration FusionAuthTenantFormConfigurationArgs
httpSessionMaxInactiveInterval Integer

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

loginConfiguration FusionAuthTenantLoginConfigurationArgs
logoutUrl String

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

maximumPasswordAge FusionAuthTenantMaximumPasswordAgeArgs
minimumPasswordAge FusionAuthTenantMinimumPasswordAgeArgs
multiFactorConfiguration FusionAuthTenantMultiFactorConfigurationArgs
name String

The unique name of the Tenant.

oauthConfigurations List<FusionAuthTenantOauthConfigurationArgs>
passwordEncryptionConfigurations List<FusionAuthTenantPasswordEncryptionConfigurationArgs>
passwordValidationRules FusionAuthTenantPasswordValidationRulesArgs
sourceTenantId String

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

tenantId String

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

userDeletePolicy FusionAuthTenantUserDeletePolicyArgs
usernameConfiguration FusionAuthTenantUsernameConfigurationArgs
emailConfiguration FusionAuthTenantEmailConfigurationArgs
externalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfigurationArgs
issuer string

The named issuer used to sign tokens, this is generally your public fully qualified domain.

jwtConfigurations FusionAuthTenantJwtConfigurationArgs[]
themeId string

The unique Id of the theme to be used to style the login page and other end user templates.

accessControlConfiguration FusionAuthTenantAccessControlConfigurationArgs
captchaConfiguration FusionAuthTenantCaptchaConfigurationArgs
connectorPolicies FusionAuthTenantConnectorPolicyArgs[]

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

data {[key: string]: any}

An object that can hold any information about the Tenant that should be persisted.

eventConfigurations FusionAuthTenantEventConfigurationArgs[]
failedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfigurationArgs
familyConfiguration FusionAuthTenantFamilyConfigurationArgs
formConfiguration FusionAuthTenantFormConfigurationArgs
httpSessionMaxInactiveInterval number

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

loginConfiguration FusionAuthTenantLoginConfigurationArgs
logoutUrl string

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

maximumPasswordAge FusionAuthTenantMaximumPasswordAgeArgs
minimumPasswordAge FusionAuthTenantMinimumPasswordAgeArgs
multiFactorConfiguration FusionAuthTenantMultiFactorConfigurationArgs
name string

The unique name of the Tenant.

oauthConfigurations FusionAuthTenantOauthConfigurationArgs[]
passwordEncryptionConfigurations FusionAuthTenantPasswordEncryptionConfigurationArgs[]
passwordValidationRules FusionAuthTenantPasswordValidationRulesArgs
sourceTenantId string

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

tenantId string

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

userDeletePolicy FusionAuthTenantUserDeletePolicyArgs
usernameConfiguration FusionAuthTenantUsernameConfigurationArgs
email_configuration FusionAuthTenantEmailConfigurationArgs
external_identifier_configuration FusionAuthTenantExternalIdentifierConfigurationArgs
issuer str

The named issuer used to sign tokens, this is generally your public fully qualified domain.

jwt_configurations Sequence[FusionAuthTenantJwtConfigurationArgs]
theme_id str

The unique Id of the theme to be used to style the login page and other end user templates.

access_control_configuration FusionAuthTenantAccessControlConfigurationArgs
captcha_configuration FusionAuthTenantCaptchaConfigurationArgs
connector_policies Sequence[FusionAuthTenantConnectorPolicyArgs]

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

data Mapping[str, Any]

An object that can hold any information about the Tenant that should be persisted.

event_configurations Sequence[FusionAuthTenantEventConfigurationArgs]
failed_authentication_configuration FusionAuthTenantFailedAuthenticationConfigurationArgs
family_configuration FusionAuthTenantFamilyConfigurationArgs
form_configuration FusionAuthTenantFormConfigurationArgs
http_session_max_inactive_interval int

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

login_configuration FusionAuthTenantLoginConfigurationArgs
logout_url str

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

maximum_password_age FusionAuthTenantMaximumPasswordAgeArgs
minimum_password_age FusionAuthTenantMinimumPasswordAgeArgs
multi_factor_configuration FusionAuthTenantMultiFactorConfigurationArgs
name str

The unique name of the Tenant.

oauth_configurations Sequence[FusionAuthTenantOauthConfigurationArgs]
password_encryption_configurations Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]
password_validation_rules FusionAuthTenantPasswordValidationRulesArgs
source_tenant_id str

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

tenant_id str

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

user_delete_policy FusionAuthTenantUserDeletePolicyArgs
username_configuration FusionAuthTenantUsernameConfigurationArgs
emailConfiguration Property Map
externalIdentifierConfiguration Property Map
issuer String

The named issuer used to sign tokens, this is generally your public fully qualified domain.

jwtConfigurations List<Property Map>
themeId String

The unique Id of the theme to be used to style the login page and other end user templates.

accessControlConfiguration Property Map
captchaConfiguration Property Map
connectorPolicies List<Property Map>

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

data Map<Any>

An object that can hold any information about the Tenant that should be persisted.

eventConfigurations List<Property Map>
failedAuthenticationConfiguration Property Map
familyConfiguration Property Map
formConfiguration Property Map
httpSessionMaxInactiveInterval Number

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

loginConfiguration Property Map
logoutUrl String

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

maximumPasswordAge Property Map
minimumPasswordAge Property Map
multiFactorConfiguration Property Map
name String

The unique name of the Tenant.

oauthConfigurations List<Property Map>
passwordEncryptionConfigurations List<Property Map>
passwordValidationRules Property Map
sourceTenantId String

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

tenantId String

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

userDeletePolicy Property Map
usernameConfiguration Property Map

Outputs

All input properties are implicitly available as output properties. Additionally, the FusionAuthTenant resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing FusionAuthTenant Resource

Get an existing FusionAuthTenant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FusionAuthTenantState, opts?: CustomResourceOptions): FusionAuthTenant
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
        captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
        connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
        data: Optional[Mapping[str, Any]] = None,
        email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
        event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
        external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
        failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
        family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
        form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
        http_session_max_inactive_interval: Optional[int] = None,
        issuer: Optional[str] = None,
        jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
        login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
        logout_url: Optional[str] = None,
        maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
        minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
        multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
        name: Optional[str] = None,
        oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
        password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
        password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
        source_tenant_id: Optional[str] = None,
        tenant_id: Optional[str] = None,
        theme_id: Optional[str] = None,
        user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
        username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None) -> FusionAuthTenant
func GetFusionAuthTenant(ctx *Context, name string, id IDInput, state *FusionAuthTenantState, opts ...ResourceOption) (*FusionAuthTenant, error)
public static FusionAuthTenant Get(string name, Input<string> id, FusionAuthTenantState? state, CustomResourceOptions? opts = null)
public static FusionAuthTenant get(String name, Output<String> id, FusionAuthTenantState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccessControlConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantAccessControlConfigurationArgs
CaptchaConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantCaptchaConfigurationArgs
ConnectorPolicies List<theogravity.Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs>

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

Data Dictionary<string, object>

An object that can hold any information about the Tenant that should be persisted.

EmailConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
EventConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs>
ExternalIdentifierConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
FailedAuthenticationConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
FamilyConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
FormConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
HttpSessionMaxInactiveInterval int

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

Issuer string

The named issuer used to sign tokens, this is generally your public fully qualified domain.

JwtConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs>
LoginConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
LogoutUrl string

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

MaximumPasswordAge theogravity.Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
MinimumPasswordAge theogravity.Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
MultiFactorConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationArgs
Name string

The unique name of the Tenant.

OauthConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs>
PasswordEncryptionConfigurations List<theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs>
PasswordValidationRules theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
SourceTenantId string

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

TenantId string

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

ThemeId string

The unique Id of the theme to be used to style the login page and other end user templates.

UserDeletePolicy theogravity.Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
UsernameConfiguration theogravity.Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationArgs
AccessControlConfiguration FusionAuthTenantAccessControlConfigurationArgs
CaptchaConfiguration FusionAuthTenantCaptchaConfigurationArgs
ConnectorPolicies []FusionAuthTenantConnectorPolicyArgs

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

Data map[string]interface{}

An object that can hold any information about the Tenant that should be persisted.

EmailConfiguration FusionAuthTenantEmailConfigurationArgs
EventConfigurations []FusionAuthTenantEventConfigurationArgs
ExternalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfigurationArgs
FailedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfigurationArgs
FamilyConfiguration FusionAuthTenantFamilyConfigurationArgs
FormConfiguration FusionAuthTenantFormConfigurationArgs
HttpSessionMaxInactiveInterval int

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

Issuer string

The named issuer used to sign tokens, this is generally your public fully qualified domain.

JwtConfigurations []FusionAuthTenantJwtConfigurationArgs
LoginConfiguration FusionAuthTenantLoginConfigurationArgs
LogoutUrl string

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

MaximumPasswordAge FusionAuthTenantMaximumPasswordAgeArgs
MinimumPasswordAge FusionAuthTenantMinimumPasswordAgeArgs
MultiFactorConfiguration FusionAuthTenantMultiFactorConfigurationArgs
Name string

The unique name of the Tenant.

OauthConfigurations []FusionAuthTenantOauthConfigurationArgs
PasswordEncryptionConfigurations []FusionAuthTenantPasswordEncryptionConfigurationArgs
PasswordValidationRules FusionAuthTenantPasswordValidationRulesArgs
SourceTenantId string

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

TenantId string

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

ThemeId string

The unique Id of the theme to be used to style the login page and other end user templates.

UserDeletePolicy FusionAuthTenantUserDeletePolicyArgs
UsernameConfiguration FusionAuthTenantUsernameConfigurationArgs
accessControlConfiguration FusionAuthTenantAccessControlConfigurationArgs
captchaConfiguration FusionAuthTenantCaptchaConfigurationArgs
connectorPolicies List<FusionAuthTenantConnectorPolicyArgs>

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

data Map<String,Object>

An object that can hold any information about the Tenant that should be persisted.

emailConfiguration FusionAuthTenantEmailConfigurationArgs
eventConfigurations List<FusionAuthTenantEventConfigurationArgs>
externalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfigurationArgs
failedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfigurationArgs
familyConfiguration FusionAuthTenantFamilyConfigurationArgs
formConfiguration FusionAuthTenantFormConfigurationArgs
httpSessionMaxInactiveInterval Integer

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

issuer String

The named issuer used to sign tokens, this is generally your public fully qualified domain.

jwtConfigurations List<FusionAuthTenantJwtConfigurationArgs>
loginConfiguration FusionAuthTenantLoginConfigurationArgs
logoutUrl String

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

maximumPasswordAge FusionAuthTenantMaximumPasswordAgeArgs
minimumPasswordAge FusionAuthTenantMinimumPasswordAgeArgs
multiFactorConfiguration FusionAuthTenantMultiFactorConfigurationArgs
name String

The unique name of the Tenant.

oauthConfigurations List<FusionAuthTenantOauthConfigurationArgs>
passwordEncryptionConfigurations List<FusionAuthTenantPasswordEncryptionConfigurationArgs>
passwordValidationRules FusionAuthTenantPasswordValidationRulesArgs
sourceTenantId String

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

tenantId String

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

themeId String

The unique Id of the theme to be used to style the login page and other end user templates.

userDeletePolicy FusionAuthTenantUserDeletePolicyArgs
usernameConfiguration FusionAuthTenantUsernameConfigurationArgs
accessControlConfiguration FusionAuthTenantAccessControlConfigurationArgs
captchaConfiguration FusionAuthTenantCaptchaConfigurationArgs
connectorPolicies FusionAuthTenantConnectorPolicyArgs[]

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

data {[key: string]: any}

An object that can hold any information about the Tenant that should be persisted.

emailConfiguration FusionAuthTenantEmailConfigurationArgs
eventConfigurations FusionAuthTenantEventConfigurationArgs[]
externalIdentifierConfiguration FusionAuthTenantExternalIdentifierConfigurationArgs
failedAuthenticationConfiguration FusionAuthTenantFailedAuthenticationConfigurationArgs
familyConfiguration FusionAuthTenantFamilyConfigurationArgs
formConfiguration FusionAuthTenantFormConfigurationArgs
httpSessionMaxInactiveInterval number

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

issuer string

The named issuer used to sign tokens, this is generally your public fully qualified domain.

jwtConfigurations FusionAuthTenantJwtConfigurationArgs[]
loginConfiguration FusionAuthTenantLoginConfigurationArgs
logoutUrl string

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

maximumPasswordAge FusionAuthTenantMaximumPasswordAgeArgs
minimumPasswordAge FusionAuthTenantMinimumPasswordAgeArgs
multiFactorConfiguration FusionAuthTenantMultiFactorConfigurationArgs
name string

The unique name of the Tenant.

oauthConfigurations FusionAuthTenantOauthConfigurationArgs[]
passwordEncryptionConfigurations FusionAuthTenantPasswordEncryptionConfigurationArgs[]
passwordValidationRules FusionAuthTenantPasswordValidationRulesArgs
sourceTenantId string

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

tenantId string

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

themeId string

The unique Id of the theme to be used to style the login page and other end user templates.

userDeletePolicy FusionAuthTenantUserDeletePolicyArgs
usernameConfiguration FusionAuthTenantUsernameConfigurationArgs
access_control_configuration FusionAuthTenantAccessControlConfigurationArgs
captcha_configuration FusionAuthTenantCaptchaConfigurationArgs
connector_policies Sequence[FusionAuthTenantConnectorPolicyArgs]

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

data Mapping[str, Any]

An object that can hold any information about the Tenant that should be persisted.

email_configuration FusionAuthTenantEmailConfigurationArgs
event_configurations Sequence[FusionAuthTenantEventConfigurationArgs]
external_identifier_configuration FusionAuthTenantExternalIdentifierConfigurationArgs
failed_authentication_configuration FusionAuthTenantFailedAuthenticationConfigurationArgs
family_configuration FusionAuthTenantFamilyConfigurationArgs
form_configuration FusionAuthTenantFormConfigurationArgs
http_session_max_inactive_interval int

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

issuer str

The named issuer used to sign tokens, this is generally your public fully qualified domain.

jwt_configurations Sequence[FusionAuthTenantJwtConfigurationArgs]
login_configuration FusionAuthTenantLoginConfigurationArgs
logout_url str

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

maximum_password_age FusionAuthTenantMaximumPasswordAgeArgs
minimum_password_age FusionAuthTenantMinimumPasswordAgeArgs
multi_factor_configuration FusionAuthTenantMultiFactorConfigurationArgs
name str

The unique name of the Tenant.

oauth_configurations Sequence[FusionAuthTenantOauthConfigurationArgs]
password_encryption_configurations Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]
password_validation_rules FusionAuthTenantPasswordValidationRulesArgs
source_tenant_id str

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

tenant_id str

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

theme_id str

The unique Id of the theme to be used to style the login page and other end user templates.

user_delete_policy FusionAuthTenantUserDeletePolicyArgs
username_configuration FusionAuthTenantUsernameConfigurationArgs
accessControlConfiguration Property Map
captchaConfiguration Property Map
connectorPolicies List<Property Map>

A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.

data Map<Any>

An object that can hold any information about the Tenant that should be persisted.

emailConfiguration Property Map
eventConfigurations List<Property Map>
externalIdentifierConfiguration Property Map
failedAuthenticationConfiguration Property Map
familyConfiguration Property Map
formConfiguration Property Map
httpSessionMaxInactiveInterval Number

Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.

issuer String

The named issuer used to sign tokens, this is generally your public fully qualified domain.

jwtConfigurations List<Property Map>
loginConfiguration Property Map
logoutUrl String

The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.

maximumPasswordAge Property Map
minimumPasswordAge Property Map
multiFactorConfiguration Property Map
name String

The unique name of the Tenant.

oauthConfigurations List<Property Map>
passwordEncryptionConfigurations List<Property Map>
passwordValidationRules Property Map
sourceTenantId String

The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.

tenantId String

The Id to use for the new Tenant. If not specified a secure random UUID will be generated.

themeId String

The unique Id of the theme to be used to style the login page and other end user templates.

userDeletePolicy Property Map
usernameConfiguration Property Map

Supporting Types

FusionAuthTenantAccessControlConfiguration

UiIpAccessControlListId string

The Id of the IP Access Control List limiting access to all applications in this tenant.

UiIpAccessControlListId string

The Id of the IP Access Control List limiting access to all applications in this tenant.

uiIpAccessControlListId String

The Id of the IP Access Control List limiting access to all applications in this tenant.

uiIpAccessControlListId string

The Id of the IP Access Control List limiting access to all applications in this tenant.

ui_ip_access_control_list_id str

The Id of the IP Access Control List limiting access to all applications in this tenant.

uiIpAccessControlListId String

The Id of the IP Access Control List limiting access to all applications in this tenant.

FusionAuthTenantCaptchaConfiguration

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

SecretKey string

The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

SiteKey string

The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

Threshold double

The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

SecretKey string

The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

SiteKey string

The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

Threshold float64

The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

secretKey String

The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

siteKey String

The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

threshold Double

The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

secretKey string

The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

siteKey string

The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

threshold number

The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

secret_key str

The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

site_key str

The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

threshold float

The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

secretKey String

The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

siteKey String

The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.

threshold Number

The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.

FusionAuthTenantConnectorPolicy

ConnectorId string

The identifier of the Connector to which this policy refers.

Domains List<string>

A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.

Migrate bool

If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.

ConnectorId string

The identifier of the Connector to which this policy refers.

Domains []string

A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.

Migrate bool

If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.

connectorId String

The identifier of the Connector to which this policy refers.

domains List<String>

A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.

migrate Boolean

If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.

connectorId string

The identifier of the Connector to which this policy refers.

domains string[]

A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.

migrate boolean

If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.

connector_id str

The identifier of the Connector to which this policy refers.

domains Sequence[str]

A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.

migrate bool

If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.

connectorId String

The identifier of the Connector to which this policy refers.

domains List<String>

A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.

migrate Boolean

If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.

FusionAuthTenantEmailConfiguration

Host string

The host name of the SMTP server that FusionAuth will use.

Port int

The port of the SMTP server that FusionAuth will use.

AdditionalHeaders Dictionary<string, object>

The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.

DefaultFromEmail string

The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).

DefaultFromName string

The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).

EmailUpdateEmailTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email.

EmailVerifiedEmailTemplateId string

The Id of the Email Template used to verify user emails.

ForgotPasswordEmailTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email.

ImplicitEmailVerificationAllowed bool

When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.

LoginIdInUseOnCreateEmailTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

LoginIdInUseOnUpdateEmailTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

LoginNewDeviceEmailTemplateId string

The Id of the Email Template used to send emails to users when they log in on a new device.

LoginSuspiciousEmailTemplateId string

The Id of the Email Template used to send emails to users when a suspicious login occurs.

Password string

An optional password FusionAuth will use to authenticate with the SMTP server.

PasswordResetSuccessEmailTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.

PasswordUpdateEmailTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese

PasswordlessEmailTemplateId string

The Id of the Passwordless Email Template.

Properties string

Additional Email Configuration in a properties file formatted String.

Security string

The type of security protocol FusionAuth will use when connecting to the SMTP server.

SetPasswordEmailTemplateId string

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.

TwoFactorMethodAddEmailTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been added to their account.

TwoFactorMethodRemoveEmailTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.

Unverified theogravity.Fusionauth.Inputs.FusionAuthTenantEmailConfigurationUnverified
Username string

An optional username FusionAuth will to authenticate with the SMTP server.

VerificationEmailTemplateId string

The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.

VerificationStrategy string

The process by which the user will verify their email address. Possible values are ClickableLink or FormField.

VerifyEmail bool

Whether the user’s email addresses are verified when the registers with your application.

VerifyEmailWhenChanged bool

Whether the user’s email addresses are verified when the user changes them.

Host string

The host name of the SMTP server that FusionAuth will use.

Port int

The port of the SMTP server that FusionAuth will use.

AdditionalHeaders map[string]interface{}

The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.

DefaultFromEmail string

The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).

DefaultFromName string

The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).

EmailUpdateEmailTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email.

EmailVerifiedEmailTemplateId string

The Id of the Email Template used to verify user emails.

ForgotPasswordEmailTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email.

ImplicitEmailVerificationAllowed bool

When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.

LoginIdInUseOnCreateEmailTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

LoginIdInUseOnUpdateEmailTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

LoginNewDeviceEmailTemplateId string

The Id of the Email Template used to send emails to users when they log in on a new device.

LoginSuspiciousEmailTemplateId string

The Id of the Email Template used to send emails to users when a suspicious login occurs.

Password string

An optional password FusionAuth will use to authenticate with the SMTP server.

PasswordResetSuccessEmailTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.

PasswordUpdateEmailTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese

PasswordlessEmailTemplateId string

The Id of the Passwordless Email Template.

Properties string

Additional Email Configuration in a properties file formatted String.

Security string

The type of security protocol FusionAuth will use when connecting to the SMTP server.

SetPasswordEmailTemplateId string

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.

TwoFactorMethodAddEmailTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been added to their account.

TwoFactorMethodRemoveEmailTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.

Unverified FusionAuthTenantEmailConfigurationUnverified
Username string

An optional username FusionAuth will to authenticate with the SMTP server.

VerificationEmailTemplateId string

The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.

VerificationStrategy string

The process by which the user will verify their email address. Possible values are ClickableLink or FormField.

VerifyEmail bool

Whether the user’s email addresses are verified when the registers with your application.

VerifyEmailWhenChanged bool

Whether the user’s email addresses are verified when the user changes them.

host String

The host name of the SMTP server that FusionAuth will use.

port Integer

The port of the SMTP server that FusionAuth will use.

additionalHeaders Map<String,Object>

The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.

defaultFromEmail String

The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).

defaultFromName String

The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).

emailUpdateEmailTemplateId String

The Id of the Email Template that is used when a user is sent a forgot password email.

emailVerifiedEmailTemplateId String

The Id of the Email Template used to verify user emails.

forgotPasswordEmailTemplateId String

The Id of the Email Template that is used when a user is sent a forgot password email.

implicitEmailVerificationAllowed Boolean

When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.

loginIdInUseOnCreateEmailTemplateId String

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

loginIdInUseOnUpdateEmailTemplateId String

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

loginNewDeviceEmailTemplateId String

The Id of the Email Template used to send emails to users when they log in on a new device.

loginSuspiciousEmailTemplateId String

The Id of the Email Template used to send emails to users when a suspicious login occurs.

password String

An optional password FusionAuth will use to authenticate with the SMTP server.

passwordResetSuccessEmailTemplateId String

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.

passwordUpdateEmailTemplateId String

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese

passwordlessEmailTemplateId String

The Id of the Passwordless Email Template.

properties String

Additional Email Configuration in a properties file formatted String.

security String

The type of security protocol FusionAuth will use when connecting to the SMTP server.

setPasswordEmailTemplateId String

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.

twoFactorMethodAddEmailTemplateId String

The Id of the Email Template used to send emails to users when a MFA method has been added to their account.

twoFactorMethodRemoveEmailTemplateId String

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.

unverified FusionAuthTenantEmailConfigurationUnverified
username String

An optional username FusionAuth will to authenticate with the SMTP server.

verificationEmailTemplateId String

The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.

verificationStrategy String

The process by which the user will verify their email address. Possible values are ClickableLink or FormField.

verifyEmail Boolean

Whether the user’s email addresses are verified when the registers with your application.

verifyEmailWhenChanged Boolean

Whether the user’s email addresses are verified when the user changes them.

host string

The host name of the SMTP server that FusionAuth will use.

port number

The port of the SMTP server that FusionAuth will use.

additionalHeaders {[key: string]: any}

The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.

defaultFromEmail string

The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).

defaultFromName string

The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).

emailUpdateEmailTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email.

emailVerifiedEmailTemplateId string

The Id of the Email Template used to verify user emails.

forgotPasswordEmailTemplateId string

The Id of the Email Template that is used when a user is sent a forgot password email.

implicitEmailVerificationAllowed boolean

When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.

loginIdInUseOnCreateEmailTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

loginIdInUseOnUpdateEmailTemplateId string

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

loginNewDeviceEmailTemplateId string

The Id of the Email Template used to send emails to users when they log in on a new device.

loginSuspiciousEmailTemplateId string

The Id of the Email Template used to send emails to users when a suspicious login occurs.

password string

An optional password FusionAuth will use to authenticate with the SMTP server.

passwordResetSuccessEmailTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.

passwordUpdateEmailTemplateId string

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese

passwordlessEmailTemplateId string

The Id of the Passwordless Email Template.

properties string

Additional Email Configuration in a properties file formatted String.

security string

The type of security protocol FusionAuth will use when connecting to the SMTP server.

setPasswordEmailTemplateId string

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.

twoFactorMethodAddEmailTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been added to their account.

twoFactorMethodRemoveEmailTemplateId string

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.

unverified FusionAuthTenantEmailConfigurationUnverified
username string

An optional username FusionAuth will to authenticate with the SMTP server.

verificationEmailTemplateId string

The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.

verificationStrategy string

The process by which the user will verify their email address. Possible values are ClickableLink or FormField.

verifyEmail boolean

Whether the user’s email addresses are verified when the registers with your application.

verifyEmailWhenChanged boolean

Whether the user’s email addresses are verified when the user changes them.

host str

The host name of the SMTP server that FusionAuth will use.

port int

The port of the SMTP server that FusionAuth will use.

additional_headers Mapping[str, Any]

The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.

default_from_email str

The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).

default_from_name str

The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).

email_update_email_template_id str

The Id of the Email Template that is used when a user is sent a forgot password email.

email_verified_email_template_id str

The Id of the Email Template used to verify user emails.

forgot_password_email_template_id str

The Id of the Email Template that is used when a user is sent a forgot password email.

implicit_email_verification_allowed bool

When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.

login_id_in_use_on_create_email_template_id str

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

login_id_in_use_on_update_email_template_id str

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

login_new_device_email_template_id str

The Id of the Email Template used to send emails to users when they log in on a new device.

login_suspicious_email_template_id str

The Id of the Email Template used to send emails to users when a suspicious login occurs.

password str

An optional password FusionAuth will use to authenticate with the SMTP server.

password_reset_success_email_template_id str

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.

password_update_email_template_id str

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese

passwordless_email_template_id str

The Id of the Passwordless Email Template.

properties str

Additional Email Configuration in a properties file formatted String.

security str

The type of security protocol FusionAuth will use when connecting to the SMTP server.

set_password_email_template_id str

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.

two_factor_method_add_email_template_id str

The Id of the Email Template used to send emails to users when a MFA method has been added to their account.

two_factor_method_remove_email_template_id str

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.

unverified FusionAuthTenantEmailConfigurationUnverified
username str

An optional username FusionAuth will to authenticate with the SMTP server.

verification_email_template_id str

The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.

verification_strategy str

The process by which the user will verify their email address. Possible values are ClickableLink or FormField.

verify_email bool

Whether the user’s email addresses are verified when the registers with your application.

verify_email_when_changed bool

Whether the user’s email addresses are verified when the user changes them.

host String

The host name of the SMTP server that FusionAuth will use.

port Number

The port of the SMTP server that FusionAuth will use.

additionalHeaders Map<Any>

The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.

defaultFromEmail String

The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).

defaultFromName String

The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).

emailUpdateEmailTemplateId String

The Id of the Email Template that is used when a user is sent a forgot password email.

emailVerifiedEmailTemplateId String

The Id of the Email Template used to verify user emails.

forgotPasswordEmailTemplateId String

The Id of the Email Template that is used when a user is sent a forgot password email.

implicitEmailVerificationAllowed Boolean

When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.

loginIdInUseOnCreateEmailTemplateId String

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

loginIdInUseOnUpdateEmailTemplateId String

The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.

loginNewDeviceEmailTemplateId String

The Id of the Email Template used to send emails to users when they log in on a new device.

loginSuspiciousEmailTemplateId String

The Id of the Email Template used to send emails to users when a suspicious login occurs.

password String

An optional password FusionAuth will use to authenticate with the SMTP server.

passwordResetSuccessEmailTemplateId String

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.

passwordUpdateEmailTemplateId String

The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese

passwordlessEmailTemplateId String

The Id of the Passwordless Email Template.

properties String

Additional Email Configuration in a properties file formatted String.

security String

The type of security protocol FusionAuth will use when connecting to the SMTP server.

setPasswordEmailTemplateId String

The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.

twoFactorMethodAddEmailTemplateId String

The Id of the Email Template used to send emails to users when a MFA method has been added to their account.

twoFactorMethodRemoveEmailTemplateId String

The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.

unverified Property Map
username String

An optional username FusionAuth will to authenticate with the SMTP server.

verificationEmailTemplateId String

The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.

verificationStrategy String

The process by which the user will verify their email address. Possible values are ClickableLink or FormField.

verifyEmail Boolean

Whether the user’s email addresses are verified when the registers with your application.

verifyEmailWhenChanged Boolean

Whether the user’s email addresses are verified when the user changes them.

FusionAuthTenantEmailConfigurationUnverified

AllowEmailChangeWhenGated bool

When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.

Behavior string

= (Optional) The behavior when detecting breaches at time of user login

AllowEmailChangeWhenGated bool

When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.

Behavior string

= (Optional) The behavior when detecting breaches at time of user login

allowEmailChangeWhenGated Boolean

When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.

behavior String

= (Optional) The behavior when detecting breaches at time of user login

allowEmailChangeWhenGated boolean

When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.

behavior string

= (Optional) The behavior when detecting breaches at time of user login

allow_email_change_when_gated bool

When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.

behavior str

= (Optional) The behavior when detecting breaches at time of user login

allowEmailChangeWhenGated Boolean

When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.

behavior String

= (Optional) The behavior when detecting breaches at time of user login

FusionAuthTenantEventConfiguration

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

Event string

The event type

TransactionType string

The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

Event string

The event type

TransactionType string

The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

event String

The event type

transactionType String

The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

event string

The event type

transactionType string

The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

event str

The event type

transaction_type str

The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

event String

The event type

transactionType String

The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.

FusionAuthTenantExternalIdentifierConfiguration

AuthorizationGrantIdTimeToLiveInSeconds int

The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.

ChangePasswordIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
ChangePasswordIdTimeToLiveInSeconds int

The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

DeviceCodeTimeToLiveInSeconds int

The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

DeviceUserCodeIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
EmailVerificationIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
EmailVerificationIdTimeToLiveInSeconds int

The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.

EmailVerificationOneTimeCodeGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
ExternalAuthenticationIdTimeToLiveInSeconds int

The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

OneTimePasswordTimeToLiveInSeconds int

The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.

PasswordlessLoginGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
PasswordlessLoginTimeToLiveInSeconds int

The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.

RegistrationVerificationIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
RegistrationVerificationIdTimeToLiveInSeconds int

The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.

RegistrationVerificationOneTimeCodeGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
SetupPasswordIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
SetupPasswordIdTimeToLiveInSeconds int

The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

TwoFactorIdTimeToLiveInSeconds int

The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.

TwoFactorOneTimeCodeIdGenerator theogravity.Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
TwoFactorTrustIdTimeToLiveInSeconds int

The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.

PendingAccountLinkTimeToLiveInSeconds int

The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.

SamlV2AuthnRequestIdTtlSeconds int

The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.

TrustTokenTimeToLiveInSeconds int

The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.

AuthorizationGrantIdTimeToLiveInSeconds int

The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.

ChangePasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
ChangePasswordIdTimeToLiveInSeconds int

The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

DeviceCodeTimeToLiveInSeconds int

The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

DeviceUserCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
EmailVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
EmailVerificationIdTimeToLiveInSeconds int

The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.

EmailVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
ExternalAuthenticationIdTimeToLiveInSeconds int

The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

OneTimePasswordTimeToLiveInSeconds int

The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.

PasswordlessLoginGenerator FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
PasswordlessLoginTimeToLiveInSeconds int

The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.

RegistrationVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
RegistrationVerificationIdTimeToLiveInSeconds int

The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.

RegistrationVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
SetupPasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
SetupPasswordIdTimeToLiveInSeconds int

The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

TwoFactorIdTimeToLiveInSeconds int

The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.

TwoFactorOneTimeCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
TwoFactorTrustIdTimeToLiveInSeconds int

The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.

PendingAccountLinkTimeToLiveInSeconds int

The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.

SamlV2AuthnRequestIdTtlSeconds int

The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.

TrustTokenTimeToLiveInSeconds int

The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.

authorizationGrantIdTimeToLiveInSeconds Integer

The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.

changePasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
changePasswordIdTimeToLiveInSeconds Integer

The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

deviceCodeTimeToLiveInSeconds Integer

The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

deviceUserCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
emailVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
emailVerificationIdTimeToLiveInSeconds Integer

The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.

emailVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
externalAuthenticationIdTimeToLiveInSeconds Integer

The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

oneTimePasswordTimeToLiveInSeconds Integer

The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.

passwordlessLoginGenerator FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
passwordlessLoginTimeToLiveInSeconds Integer

The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.

registrationVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
registrationVerificationIdTimeToLiveInSeconds Integer

The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.

registrationVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
setupPasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
setupPasswordIdTimeToLiveInSeconds Integer

The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

twoFactorIdTimeToLiveInSeconds Integer

The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.

twoFactorOneTimeCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
twoFactorTrustIdTimeToLiveInSeconds Integer

The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.

pendingAccountLinkTimeToLiveInSeconds Integer

The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.

samlV2AuthnRequestIdTtlSeconds Integer

The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.

trustTokenTimeToLiveInSeconds Integer

The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.

authorizationGrantIdTimeToLiveInSeconds number

The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.

changePasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
changePasswordIdTimeToLiveInSeconds number

The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

deviceCodeTimeToLiveInSeconds number

The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

deviceUserCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
emailVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
emailVerificationIdTimeToLiveInSeconds number

The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.

emailVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
externalAuthenticationIdTimeToLiveInSeconds number

The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

oneTimePasswordTimeToLiveInSeconds number

The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.

passwordlessLoginGenerator FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
passwordlessLoginTimeToLiveInSeconds number

The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.

registrationVerificationIdGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
registrationVerificationIdTimeToLiveInSeconds number

The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.

registrationVerificationOneTimeCodeGenerator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
setupPasswordIdGenerator FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
setupPasswordIdTimeToLiveInSeconds number

The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

twoFactorIdTimeToLiveInSeconds number

The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.

twoFactorOneTimeCodeIdGenerator FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
twoFactorTrustIdTimeToLiveInSeconds number

The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.

pendingAccountLinkTimeToLiveInSeconds number

The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.

samlV2AuthnRequestIdTtlSeconds number

The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.

trustTokenTimeToLiveInSeconds number

The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.

authorization_grant_id_time_to_live_in_seconds int

The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.

change_password_id_generator FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator
change_password_id_time_to_live_in_seconds int

The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

device_code_time_to_live_in_seconds int

The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

device_user_code_id_generator FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator
email_verification_id_generator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator
email_verification_id_time_to_live_in_seconds int

The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.

email_verification_one_time_code_generator FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator
external_authentication_id_time_to_live_in_seconds int

The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

one_time_password_time_to_live_in_seconds int

The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.

passwordless_login_generator FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator
passwordless_login_time_to_live_in_seconds int

The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.

registration_verification_id_generator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator
registration_verification_id_time_to_live_in_seconds int

The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.

registration_verification_one_time_code_generator FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator
setup_password_id_generator FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator
setup_password_id_time_to_live_in_seconds int

The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

two_factor_id_time_to_live_in_seconds int

The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.

two_factor_one_time_code_id_generator FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator
two_factor_trust_id_time_to_live_in_seconds int

The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.

pending_account_link_time_to_live_in_seconds int

The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.

saml_v2_authn_request_id_ttl_seconds int

The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.

trust_token_time_to_live_in_seconds int

The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.

authorizationGrantIdTimeToLiveInSeconds Number

The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.

changePasswordIdGenerator Property Map
changePasswordIdTimeToLiveInSeconds Number

The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

deviceCodeTimeToLiveInSeconds Number

The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

deviceUserCodeIdGenerator Property Map
emailVerificationIdGenerator Property Map
emailVerificationIdTimeToLiveInSeconds Number

The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.

emailVerificationOneTimeCodeGenerator Property Map
externalAuthenticationIdTimeToLiveInSeconds Number

The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.

oneTimePasswordTimeToLiveInSeconds Number

The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.

passwordlessLoginGenerator Property Map
passwordlessLoginTimeToLiveInSeconds Number

The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.

registrationVerificationIdGenerator Property Map
registrationVerificationIdTimeToLiveInSeconds Number

The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.

registrationVerificationOneTimeCodeGenerator Property Map
setupPasswordIdGenerator Property Map
setupPasswordIdTimeToLiveInSeconds Number

The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.

twoFactorIdTimeToLiveInSeconds Number

The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.

twoFactorOneTimeCodeIdGenerator Property Map
twoFactorTrustIdTimeToLiveInSeconds Number

The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.

pendingAccountLinkTimeToLiveInSeconds Number

The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.

samlV2AuthnRequestIdTtlSeconds Number

The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.

trustTokenTimeToLiveInSeconds Number

The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.

FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

Length int

TThe length of the secure generator used for generating the the two factor code Id.

Type string

The type of the secure generator used for generating the two factor one time code Id.

length Integer

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

length number

TThe length of the secure generator used for generating the the two factor code Id.

type string

The type of the secure generator used for generating the two factor one time code Id.

length int

TThe length of the secure generator used for generating the the two factor code Id.

type str

The type of the secure generator used for generating the two factor one time code Id.

length Number

TThe length of the secure generator used for generating the the two factor code Id.

type String

The type of the secure generator used for generating the two factor one time code Id.

FusionAuthTenantFailedAuthenticationConfiguration

ActionDuration int

The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.

ActionDurationUnit string

The unit of time associated with a duration.

ResetCountInSeconds int

The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.

TooManyAttempts int

The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.

UserActionId string

The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.

ActionDuration int

The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.

ActionDurationUnit string

The unit of time associated with a duration.

ResetCountInSeconds int

The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.

TooManyAttempts int

The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.

UserActionId string

The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.

actionDuration Integer

The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.

actionDurationUnit String

The unit of time associated with a duration.

resetCountInSeconds Integer

The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.

tooManyAttempts Integer

The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.

userActionId String

The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.

actionDuration number

The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.

actionDurationUnit string

The unit of time associated with a duration.

resetCountInSeconds number

The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.

tooManyAttempts number

The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.

userActionId string

The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.

action_duration int

The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.

action_duration_unit str

The unit of time associated with a duration.

reset_count_in_seconds int

The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.

too_many_attempts int

The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.

user_action_id str

The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.

actionDuration Number

The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.

actionDurationUnit String

The unit of time associated with a duration.

resetCountInSeconds Number

The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.

tooManyAttempts Number

The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.

userActionId String

The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.

FusionAuthTenantFamilyConfiguration

AllowChildRegistrations bool

Whether to allow child registrations.

ConfirmChildEmailTemplateId string

The unique Id of the email template to use when confirming a child.

DeleteOrphanedAccounts bool

Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.

DeleteOrphanedAccountsDays int

The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

FamilyRequestEmailTemplateId string

The unique Id of the email template to use when a family request is made.

MaximumChildAge int

The maximum age of a child. Value must be greater than 0.

MinimumOwnerAge int

The minimum age to be an owner. Value must be greater than 0.

ParentEmailRequired bool

Whether a parent email is required.

ParentRegistrationEmailTemplateId string

The unique Id of the email template to use for parent registration.

AllowChildRegistrations bool

Whether to allow child registrations.

ConfirmChildEmailTemplateId string

The unique Id of the email template to use when confirming a child.

DeleteOrphanedAccounts bool

Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.

DeleteOrphanedAccountsDays int

The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

FamilyRequestEmailTemplateId string

The unique Id of the email template to use when a family request is made.

MaximumChildAge int

The maximum age of a child. Value must be greater than 0.

MinimumOwnerAge int

The minimum age to be an owner. Value must be greater than 0.

ParentEmailRequired bool

Whether a parent email is required.

ParentRegistrationEmailTemplateId string

The unique Id of the email template to use for parent registration.

allowChildRegistrations Boolean

Whether to allow child registrations.

confirmChildEmailTemplateId String

The unique Id of the email template to use when confirming a child.

deleteOrphanedAccounts Boolean

Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.

deleteOrphanedAccountsDays Integer

The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

familyRequestEmailTemplateId String

The unique Id of the email template to use when a family request is made.

maximumChildAge Integer

The maximum age of a child. Value must be greater than 0.

minimumOwnerAge Integer

The minimum age to be an owner. Value must be greater than 0.

parentEmailRequired Boolean

Whether a parent email is required.

parentRegistrationEmailTemplateId String

The unique Id of the email template to use for parent registration.

allowChildRegistrations boolean

Whether to allow child registrations.

confirmChildEmailTemplateId string

The unique Id of the email template to use when confirming a child.

deleteOrphanedAccounts boolean

Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.

deleteOrphanedAccountsDays number

The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

familyRequestEmailTemplateId string

The unique Id of the email template to use when a family request is made.

maximumChildAge number

The maximum age of a child. Value must be greater than 0.

minimumOwnerAge number

The minimum age to be an owner. Value must be greater than 0.

parentEmailRequired boolean

Whether a parent email is required.

parentRegistrationEmailTemplateId string

The unique Id of the email template to use for parent registration.

allow_child_registrations bool

Whether to allow child registrations.

confirm_child_email_template_id str

The unique Id of the email template to use when confirming a child.

delete_orphaned_accounts bool

Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.

delete_orphaned_accounts_days int

The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

family_request_email_template_id str

The unique Id of the email template to use when a family request is made.

maximum_child_age int

The maximum age of a child. Value must be greater than 0.

minimum_owner_age int

The minimum age to be an owner. Value must be greater than 0.

parent_email_required bool

Whether a parent email is required.

parent_registration_email_template_id str

The unique Id of the email template to use for parent registration.

allowChildRegistrations Boolean

Whether to allow child registrations.

confirmChildEmailTemplateId String

The unique Id of the email template to use when confirming a child.

deleteOrphanedAccounts Boolean

Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.

deleteOrphanedAccountsDays Number

The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

familyRequestEmailTemplateId String

The unique Id of the email template to use when a family request is made.

maximumChildAge Number

The maximum age of a child. Value must be greater than 0.

minimumOwnerAge Number

The minimum age to be an owner. Value must be greater than 0.

parentEmailRequired Boolean

Whether a parent email is required.

parentRegistrationEmailTemplateId String

The unique Id of the email template to use for parent registration.

FusionAuthTenantFormConfiguration

AdminUserFormId string

The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.

AdminUserFormId string

The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.

adminUserFormId String

The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.

adminUserFormId string

The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.

admin_user_form_id str

The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.

adminUserFormId String

The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.

FusionAuthTenantJwtConfiguration

AccessTokenKeyId string

The unique id of the signing key used to sign the access token.

IdTokenKeyId string

The unique id of the signing key used to sign the Id token.

RefreshTokenTimeToLiveInMinutes int

The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.

TimeToLiveInSeconds int

The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.

RefreshTokenExpirationPolicy string

The refresh token expiration policy.

RefreshTokenRevocationPolicyOnLoginPrevented bool

When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.

RefreshTokenRevocationPolicyOnPasswordChange bool

When enabled, the refresh token will be revoked when a user changes their password."

RefreshTokenUsagePolicy string

The refresh token usage policy.

AccessTokenKeyId string

The unique id of the signing key used to sign the access token.

IdTokenKeyId string

The unique id of the signing key used to sign the Id token.

RefreshTokenTimeToLiveInMinutes int

The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.

TimeToLiveInSeconds int

The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.

RefreshTokenExpirationPolicy string

The refresh token expiration policy.

RefreshTokenRevocationPolicyOnLoginPrevented bool

When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.

RefreshTokenRevocationPolicyOnPasswordChange bool

When enabled, the refresh token will be revoked when a user changes their password."

RefreshTokenUsagePolicy string

The refresh token usage policy.

accessTokenKeyId String

The unique id of the signing key used to sign the access token.

idTokenKeyId String

The unique id of the signing key used to sign the Id token.

refreshTokenTimeToLiveInMinutes Integer

The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.

timeToLiveInSeconds Integer

The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.

refreshTokenExpirationPolicy String

The refresh token expiration policy.

refreshTokenRevocationPolicyOnLoginPrevented Boolean

When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.

refreshTokenRevocationPolicyOnPasswordChange Boolean

When enabled, the refresh token will be revoked when a user changes their password."

refreshTokenUsagePolicy String

The refresh token usage policy.

accessTokenKeyId string

The unique id of the signing key used to sign the access token.

idTokenKeyId string

The unique id of the signing key used to sign the Id token.

refreshTokenTimeToLiveInMinutes number

The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.

timeToLiveInSeconds number

The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.

refreshTokenExpirationPolicy string

The refresh token expiration policy.

refreshTokenRevocationPolicyOnLoginPrevented boolean

When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.

refreshTokenRevocationPolicyOnPasswordChange boolean

When enabled, the refresh token will be revoked when a user changes their password."

refreshTokenUsagePolicy string

The refresh token usage policy.

access_token_key_id str

The unique id of the signing key used to sign the access token.

id_token_key_id str

The unique id of the signing key used to sign the Id token.

refresh_token_time_to_live_in_minutes int

The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.

time_to_live_in_seconds int

The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.

refresh_token_expiration_policy str

The refresh token expiration policy.

refresh_token_revocation_policy_on_login_prevented bool

When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.

refresh_token_revocation_policy_on_password_change bool

When enabled, the refresh token will be revoked when a user changes their password."

refresh_token_usage_policy str

The refresh token usage policy.

accessTokenKeyId String

The unique id of the signing key used to sign the access token.

idTokenKeyId String

The unique id of the signing key used to sign the Id token.

refreshTokenTimeToLiveInMinutes Number

The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.

timeToLiveInSeconds Number

The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.

refreshTokenExpirationPolicy String

The refresh token expiration policy.

refreshTokenRevocationPolicyOnLoginPrevented Boolean

When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.

refreshTokenRevocationPolicyOnPasswordChange Boolean

When enabled, the refresh token will be revoked when a user changes their password."

refreshTokenUsagePolicy String

The refresh token usage policy.

FusionAuthTenantLoginConfiguration

RequireAuthentication bool

Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.

RequireAuthentication bool

Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.

requireAuthentication Boolean

Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.

requireAuthentication boolean

Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.

require_authentication bool

Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.

requireAuthentication Boolean

Indicates whether to require an API key for the Login API when an applicationId is not provided. When an applicationId is provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to be true.

FusionAuthTenantMaximumPasswordAge

Days int

The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

Days int

The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

days Integer

The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

days number

The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

days int

The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

days Number

The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

FusionAuthTenantMinimumPasswordAge

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

Seconds int

The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

Seconds int

The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

seconds Integer

The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

seconds number

The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

seconds int

The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

seconds Number

The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.

FusionAuthTenantMultiFactorConfiguration

Authenticator theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationAuthenticator
Email theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationEmail
LoginPolicy string

When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.

Sms theogravity.Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationSms
Authenticator FusionAuthTenantMultiFactorConfigurationAuthenticator
Email FusionAuthTenantMultiFactorConfigurationEmail
LoginPolicy string

When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.

Sms FusionAuthTenantMultiFactorConfigurationSms
authenticator FusionAuthTenantMultiFactorConfigurationAuthenticator
email FusionAuthTenantMultiFactorConfigurationEmail
loginPolicy String

When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.

sms FusionAuthTenantMultiFactorConfigurationSms
authenticator FusionAuthTenantMultiFactorConfigurationAuthenticator
email FusionAuthTenantMultiFactorConfigurationEmail
loginPolicy string

When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.

sms FusionAuthTenantMultiFactorConfigurationSms
authenticator FusionAuthTenantMultiFactorConfigurationAuthenticator
email FusionAuthTenantMultiFactorConfigurationEmail
login_policy str

When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.

sms FusionAuthTenantMultiFactorConfigurationSms
authenticator Property Map
email Property Map
loginPolicy String

When set to Enabled and a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set to Disabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.

sms Property Map

FusionAuthTenantMultiFactorConfigurationAuthenticator

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

FusionAuthTenantMultiFactorConfigurationEmail

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

TemplateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

TemplateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

templateId String

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

templateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

template_id str

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

templateId String

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

FusionAuthTenantMultiFactorConfigurationSms

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

MessengerId string

The messenger that is used to deliver a SMS multi-factor authentication request.

TemplateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

MessengerId string

The messenger that is used to deliver a SMS multi-factor authentication request.

TemplateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

messengerId String

The messenger that is used to deliver a SMS multi-factor authentication request.

templateId String

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

messengerId string

The messenger that is used to deliver a SMS multi-factor authentication request.

templateId string

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

messenger_id str

The messenger that is used to deliver a SMS multi-factor authentication request.

template_id str

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

messengerId String

The messenger that is used to deliver a SMS multi-factor authentication request.

templateId String

The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.

FusionAuthTenantOauthConfiguration

ClientCredentialsAccessTokenPopulateLambdaId string

The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.

ClientCredentialsAccessTokenPopulateLambdaId string

The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.

clientCredentialsAccessTokenPopulateLambdaId String

The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.

clientCredentialsAccessTokenPopulateLambdaId string

The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.

client_credentials_access_token_populate_lambda_id str

The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.

clientCredentialsAccessTokenPopulateLambdaId String

The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.

FusionAuthTenantPasswordEncryptionConfiguration

EncryptionScheme string

The default method for encrypting the User’s password.

EncryptionSchemeFactor int

The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.

ModifyEncryptionSchemeOnLogin bool

When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.

EncryptionScheme string

The default method for encrypting the User’s password.

EncryptionSchemeFactor int

The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.

ModifyEncryptionSchemeOnLogin bool

When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.

encryptionScheme String

The default method for encrypting the User’s password.

encryptionSchemeFactor Integer

The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.

modifyEncryptionSchemeOnLogin Boolean

When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.

encryptionScheme string

The default method for encrypting the User’s password.

encryptionSchemeFactor number

The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.

modifyEncryptionSchemeOnLogin boolean

When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.

encryption_scheme str

The default method for encrypting the User’s password.

encryption_scheme_factor int

The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.

modify_encryption_scheme_on_login bool

When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.

encryptionScheme String

The default method for encrypting the User’s password.

encryptionSchemeFactor Number

The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.

modifyEncryptionSchemeOnLogin Boolean

When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.

FusionAuthTenantPasswordValidationRules

BreachDetection theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesBreachDetection
MaxLength int

The maximum length of a password when a new user is created or a user requests a password change.

MinLength int

The minimum length of a password when a new user is created or a user requests a password change.

RememberPreviousPasswords theogravity.Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
RequireNonAlpha bool

Whether to force the user to use at least one non-alphanumeric character.

RequireNumber bool

Whether to force the user to use at least one number.

RequiredMixedCase bool

Whether to force the user to use at least one uppercase and one lowercase character.

ValidateOnLogin bool

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

BreachDetection FusionAuthTenantPasswordValidationRulesBreachDetection
MaxLength int

The maximum length of a password when a new user is created or a user requests a password change.

MinLength int

The minimum length of a password when a new user is created or a user requests a password change.

RememberPreviousPasswords FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
RequireNonAlpha bool

Whether to force the user to use at least one non-alphanumeric character.

RequireNumber bool

Whether to force the user to use at least one number.

RequiredMixedCase bool

Whether to force the user to use at least one uppercase and one lowercase character.

ValidateOnLogin bool

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

breachDetection FusionAuthTenantPasswordValidationRulesBreachDetection
maxLength Integer

The maximum length of a password when a new user is created or a user requests a password change.

minLength Integer

The minimum length of a password when a new user is created or a user requests a password change.

rememberPreviousPasswords FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
requireNonAlpha Boolean

Whether to force the user to use at least one non-alphanumeric character.

requireNumber Boolean

Whether to force the user to use at least one number.

requiredMixedCase Boolean

Whether to force the user to use at least one uppercase and one lowercase character.

validateOnLogin Boolean

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

breachDetection FusionAuthTenantPasswordValidationRulesBreachDetection
maxLength number

The maximum length of a password when a new user is created or a user requests a password change.

minLength number

The minimum length of a password when a new user is created or a user requests a password change.

rememberPreviousPasswords FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
requireNonAlpha boolean

Whether to force the user to use at least one non-alphanumeric character.

requireNumber boolean

Whether to force the user to use at least one number.

requiredMixedCase boolean

Whether to force the user to use at least one uppercase and one lowercase character.

validateOnLogin boolean

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

breach_detection FusionAuthTenantPasswordValidationRulesBreachDetection
max_length int

The maximum length of a password when a new user is created or a user requests a password change.

min_length int

The minimum length of a password when a new user is created or a user requests a password change.

remember_previous_passwords FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords
require_non_alpha bool

Whether to force the user to use at least one non-alphanumeric character.

require_number bool

Whether to force the user to use at least one number.

required_mixed_case bool

Whether to force the user to use at least one uppercase and one lowercase character.

validate_on_login bool

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

breachDetection Property Map
maxLength Number

The maximum length of a password when a new user is created or a user requests a password change.

minLength Number

The minimum length of a password when a new user is created or a user requests a password change.

rememberPreviousPasswords Property Map
requireNonAlpha Boolean

Whether to force the user to use at least one non-alphanumeric character.

requireNumber Boolean

Whether to force the user to use at least one number.

requiredMixedCase Boolean

Whether to force the user to use at least one uppercase and one lowercase character.

validateOnLogin Boolean

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

FusionAuthTenantPasswordValidationRulesBreachDetection

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

MatchMode string

The level of severity where Reactor will consider a breach.

NotifyUserEmailTemplateId string

The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.

OnLogin string

The behavior when detecting breaches at time of user login

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

MatchMode string

The level of severity where Reactor will consider a breach.

NotifyUserEmailTemplateId string

The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.

OnLogin string

The behavior when detecting breaches at time of user login

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

matchMode String

The level of severity where Reactor will consider a breach.

notifyUserEmailTemplateId String

The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.

onLogin String

The behavior when detecting breaches at time of user login

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

matchMode string

The level of severity where Reactor will consider a breach.

notifyUserEmailTemplateId string

The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.

onLogin string

The behavior when detecting breaches at time of user login

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

match_mode str

The level of severity where Reactor will consider a breach.

notify_user_email_template_id str

The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.

on_login str

The behavior when detecting breaches at time of user login

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

matchMode String

The level of severity where Reactor will consider a breach.

notifyUserEmailTemplateId String

The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.

onLogin String

The behavior when detecting breaches at time of user login

FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords

Count int

The number of previous passwords to remember. Value must be greater than 0.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

Count int

The number of previous passwords to remember. Value must be greater than 0.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

count Integer

The number of previous passwords to remember. Value must be greater than 0.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

count number

The number of previous passwords to remember. Value must be greater than 0.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

count int

The number of previous passwords to remember. Value must be greater than 0.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

count Number

The number of previous passwords to remember. Value must be greater than 0.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

FusionAuthTenantUserDeletePolicy

UnverifiedEnabled bool

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

UnverifiedNumberOfDaysToRetain int
UnverifiedEnabled bool

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

UnverifiedNumberOfDaysToRetain int
unverifiedEnabled Boolean

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

unverifiedNumberOfDaysToRetain Integer
unverifiedEnabled boolean

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

unverifiedNumberOfDaysToRetain number
unverified_enabled bool

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

unverified_number_of_days_to_retain int
unverifiedEnabled Boolean

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

unverifiedNumberOfDaysToRetain Number

FusionAuthTenantUsernameConfiguration

Unique theogravity.Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationUnique

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

Unique FusionAuthTenantUsernameConfigurationUnique

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

unique FusionAuthTenantUsernameConfigurationUnique

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

unique FusionAuthTenantUsernameConfigurationUnique

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

unique FusionAuthTenantUsernameConfigurationUnique

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

unique Property Map

Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.

FusionAuthTenantUsernameConfigurationUnique

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

NumberOfDigits int

The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.

Separator string

A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.

Strategy string

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

Enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

NumberOfDigits int

The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.

Separator string

A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.

Strategy string

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

numberOfDigits Integer

The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.

separator String

A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.

strategy String

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

enabled boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

numberOfDigits number

The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.

separator string

A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.

strategy string

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

enabled bool

When true, FusionAuth will handle username collisions by generating a random suffix.

number_of_digits int

The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.

separator str

A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.

strategy str

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

enabled Boolean

When true, FusionAuth will handle username collisions by generating a random suffix.

numberOfDigits Number

The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.

separator String

A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.

strategy String

When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.

Package Details

Repository
fusionauth theogravity/pulumi-fusionauth
License
MIT
Notes

This Pulumi package is based on the fusionauth Terraform Provider.