Docs
Packagesfusionauth.FusionAuthTenant
Explore with Pulumi AI
# Tenant Resource
A FusionAuth Tenant is a named object that represents a discrete namespace for Users, Applications and Groups. A user is unique by email address or username within a tenant.
Tenants may be useful to support a multi-tenant application where you wish to use a single instance of FusionAuth but require the ability to have duplicate users across the tenants in your own application. In this scenario a user may exist multiple times with the same email address and different passwords across tenants.
Tenants may also be useful in a test or staging environment to allow multiple users to call APIs and create and modify users without possibility of collision.
Example Usage
using System.Collections.Generic;
using Pulumi;
using Fusionauth = theogravity.Fusionauth;
return await Deployment.RunAsync(() =>
{
var example = new Fusionauth.FusionAuthTenant("example", new()
{
ConnectorPolicies = new[]
{
new Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs
{
ConnectorId = "b57b3d0f-f7a4-4831-a838-549717362ea8",
Domains = new[]
{
"*",
},
Migrate = false,
},
},
EmailConfiguration = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
{
ForgotPasswordEmailTemplateId = fusionauth_email.ForgotPassword_Example.Id,
Host = "smtp.sendgrid.net",
Password = "password",
PasswordlessEmailTemplateId = fusionauth_email.PasswordlessLogin_Example.Id,
Port = 587,
Security = "TLS",
SetPasswordEmailTemplateId = fusionauth_email.SetupPassword_Example.Id,
Username = "username",
VerifyEmail = true,
VerifyEmailWhenChanged = true,
},
EventConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.delete",
Enabled = true,
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.create",
Enabled = true,
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.update",
Enabled = true,
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.deactivate",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.bulk.create",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.reactivate",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "jwt.refresh-token.revoke",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "jwt.refresh",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "jwt.public-key.update",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.login.success",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.login.failed",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.registration.create",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.registration.update",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.registration.delete",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.registration.verified",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.email.verified",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.identity-provider.link",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.identity-provider.unlink",
Enabled = true,
TransactionType = "Any",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.password.breach",
Enabled = false,
TransactionType = "None",
},
},
ExternalIdentifierConfiguration = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
{
AuthorizationGrantIdTimeToLiveInSeconds = 30,
ChangePasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
ChangePasswordIdTimeToLiveInSeconds = 600,
DeviceCodeTimeToLiveInSeconds = 1800,
DeviceUserCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
EmailVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
EmailVerificationIdTimeToLiveInSeconds = 86400,
EmailVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
ExternalAuthenticationIdTimeToLiveInSeconds = 300,
OneTimePasswordTimeToLiveInSeconds = 60,
PasswordlessLoginGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
PasswordlessLoginTimeToLiveInSeconds = 600,
RegistrationVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
RegistrationVerificationIdTimeToLiveInSeconds = 86400,
RegistrationVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
SamlV2AuthnRequestIdTtlSeconds = 300,
SetupPasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
SetupPasswordIdTimeToLiveInSeconds = 86400,
TwoFactorIdTimeToLiveInSeconds = 300,
TwoFactorOneTimeCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
{
Length = 6,
Type = "randomDigits",
},
TwoFactorTrustIdTimeToLiveInSeconds = 2592000,
},
FailedAuthenticationConfiguration = new Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
{
ActionDuration = 3,
ActionDurationUnit = "MINUTES",
ResetCountInSeconds = 60,
TooManyAttempts = 5,
},
FamilyConfiguration = new Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
{
AllowChildRegistrations = true,
DeleteOrphanedAccounts = false,
DeleteOrphanedAccountsDays = 30,
Enabled = true,
MaximumChildAge = 12,
MinimumOwnerAge = 21,
ParentEmailRequired = false,
},
FormConfiguration = new Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
{
AdminUserFormId = "e92751a5-25f4-4bca-ad91-66cdf67725d2",
},
HttpSessionMaxInactiveInterval = 3600,
Issuer = "https://example.com",
JwtConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs
{
AccessTokenKeyId = fusionauth_key.Accesstoken.Id,
IdTokenKeyId = fusionauth_key.Idtoken.Id,
RefreshTokenTimeToLiveInMinutes = 43200,
TimeToLiveInSeconds = 3600,
},
},
LoginConfiguration = new Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
{
RequireAuthentication = true,
},
MaximumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
{
Days = 180,
Enabled = false,
},
MinimumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
{
Enabled = false,
Seconds = 30,
},
OauthConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs
{
ClientCredentialsAccessTokenPopulateLambdaId = fusionauth_lambda.Client_jwt_populate.Id,
},
},
PasswordEncryptionConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs
{
EncryptionScheme = "salted-pbkdf2-hmac-sha256",
EncryptionSchemeFactor = 24000,
ModifyEncryptionSchemeOnLogin = false,
},
},
PasswordValidationRules = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
{
MaxLength = 256,
MinLength = 7,
RememberPreviousPasswords = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
{
Count = 1,
Enabled = false,
},
RequiredMixedCase = false,
RequireNonAlpha = false,
RequireNumber = false,
ValidateOnLogin = false,
},
ThemeId = fusionauth_theme.Example_theme.Id,
UserDeletePolicy = new Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
{
UnverifiedEnabled = false,
UnverifiedNumberOfDaysToRetain = 30,
},
});
});
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/theogravity/pulumi-fusionauth/sdk/v3/go/fusionauth"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := fusionauth.NewFusionAuthTenant(ctx, "example", &fusionauth.FusionAuthTenantArgs{
ConnectorPolicies: fusionauth.FusionAuthTenantConnectorPolicyArray{
&fusionauth.FusionAuthTenantConnectorPolicyArgs{
ConnectorId: pulumi.String("b57b3d0f-f7a4-4831-a838-549717362ea8"),
Domains: pulumi.StringArray{
pulumi.String("*"),
},
Migrate: pulumi.Bool(false),
},
},
EmailConfiguration: &fusionauth.FusionAuthTenantEmailConfigurationArgs{
ForgotPasswordEmailTemplateId: pulumi.Any(fusionauth_email.ForgotPassword_Example.Id),
Host: pulumi.String("smtp.sendgrid.net"),
Password: pulumi.String("password"),
PasswordlessEmailTemplateId: pulumi.Any(fusionauth_email.PasswordlessLogin_Example.Id),
Port: pulumi.Int(587),
Security: pulumi.String("TLS"),
SetPasswordEmailTemplateId: pulumi.Any(fusionauth_email.SetupPassword_Example.Id),
Username: pulumi.String("username"),
VerifyEmail: pulumi.Bool(true),
VerifyEmailWhenChanged: pulumi.Bool(true),
},
EventConfigurations: fusionauth.FusionAuthTenantEventConfigurationArray{
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.delete"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.create"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.update"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.deactivate"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.bulk.create"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.reactivate"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("jwt.refresh-token.revoke"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("jwt.refresh"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("jwt.public-key.update"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.login.success"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.login.failed"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.registration.create"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.registration.update"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.registration.delete"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.registration.verified"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.email.verified"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.identity-provider.link"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.identity-provider.unlink"),
Enabled: pulumi.Bool(true),
TransactionType: pulumi.String("Any"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.password.breach"),
Enabled: pulumi.Bool(false),
TransactionType: pulumi.String("None"),
},
},
ExternalIdentifierConfiguration: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs{
AuthorizationGrantIdTimeToLiveInSeconds: pulumi.Int(30),
ChangePasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
ChangePasswordIdTimeToLiveInSeconds: pulumi.Int(600),
DeviceCodeTimeToLiveInSeconds: pulumi.Int(1800),
DeviceUserCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
EmailVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
EmailVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
EmailVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
ExternalAuthenticationIdTimeToLiveInSeconds: pulumi.Int(300),
OneTimePasswordTimeToLiveInSeconds: pulumi.Int(60),
PasswordlessLoginGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
PasswordlessLoginTimeToLiveInSeconds: pulumi.Int(600),
RegistrationVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
RegistrationVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
RegistrationVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
SamlV2AuthnRequestIdTtlSeconds: pulumi.Int(300),
SetupPasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
SetupPasswordIdTimeToLiveInSeconds: pulumi.Int(86400),
TwoFactorIdTimeToLiveInSeconds: pulumi.Int(300),
TwoFactorOneTimeCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomDigits"),
},
TwoFactorTrustIdTimeToLiveInSeconds: pulumi.Int(2592000),
},
FailedAuthenticationConfiguration: &fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs{
ActionDuration: pulumi.Int(3),
ActionDurationUnit: pulumi.String("MINUTES"),
ResetCountInSeconds: pulumi.Int(60),
TooManyAttempts: pulumi.Int(5),
},
FamilyConfiguration: &fusionauth.FusionAuthTenantFamilyConfigurationArgs{
AllowChildRegistrations: pulumi.Bool(true),
DeleteOrphanedAccounts: pulumi.Bool(false),
DeleteOrphanedAccountsDays: pulumi.Int(30),
Enabled: pulumi.Bool(true),
MaximumChildAge: pulumi.Int(12),
MinimumOwnerAge: pulumi.Int(21),
ParentEmailRequired: pulumi.Bool(false),
},
FormConfiguration: &fusionauth.FusionAuthTenantFormConfigurationArgs{
AdminUserFormId: pulumi.String("e92751a5-25f4-4bca-ad91-66cdf67725d2"),
},
HttpSessionMaxInactiveInterval: pulumi.Int(3600),
Issuer: pulumi.String("https://example.com"),
JwtConfigurations: fusionauth.FusionAuthTenantJwtConfigurationArray{
&fusionauth.FusionAuthTenantJwtConfigurationArgs{
AccessTokenKeyId: pulumi.Any(fusionauth_key.Accesstoken.Id),
IdTokenKeyId: pulumi.Any(fusionauth_key.Idtoken.Id),
RefreshTokenTimeToLiveInMinutes: pulumi.Int(43200),
TimeToLiveInSeconds: pulumi.Int(3600),
},
},
LoginConfiguration: &fusionauth.FusionAuthTenantLoginConfigurationArgs{
RequireAuthentication: pulumi.Bool(true),
},
MaximumPasswordAge: &fusionauth.FusionAuthTenantMaximumPasswordAgeArgs{
Days: pulumi.Int(180),
Enabled: pulumi.Bool(false),
},
MinimumPasswordAge: &fusionauth.FusionAuthTenantMinimumPasswordAgeArgs{
Enabled: pulumi.Bool(false),
Seconds: pulumi.Int(30),
},
OauthConfigurations: fusionauth.FusionAuthTenantOauthConfigurationArray{
&fusionauth.FusionAuthTenantOauthConfigurationArgs{
ClientCredentialsAccessTokenPopulateLambdaId: pulumi.Any(fusionauth_lambda.Client_jwt_populate.Id),
},
},
PasswordEncryptionConfigurations: fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArray{
&fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs{
EncryptionScheme: pulumi.String("salted-pbkdf2-hmac-sha256"),
EncryptionSchemeFactor: pulumi.Int(24000),
ModifyEncryptionSchemeOnLogin: pulumi.Bool(false),
},
},
PasswordValidationRules: &fusionauth.FusionAuthTenantPasswordValidationRulesArgs{
MaxLength: pulumi.Int(256),
MinLength: pulumi.Int(7),
RememberPreviousPasswords: &fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs{
Count: pulumi.Int(1),
Enabled: pulumi.Bool(false),
},
RequiredMixedCase: pulumi.Bool(false),
RequireNonAlpha: pulumi.Bool(false),
RequireNumber: pulumi.Bool(false),
ValidateOnLogin: pulumi.Bool(false),
},
ThemeId: pulumi.Any(fusionauth_theme.Example_theme.Id),
UserDeletePolicy: &fusionauth.FusionAuthTenantUserDeletePolicyArgs{
UnverifiedEnabled: pulumi.Bool(false),
UnverifiedNumberOfDaysToRetain: pulumi.Int(30),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fusionauth.FusionAuthTenant;
import com.pulumi.fusionauth.FusionAuthTenantArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantConnectorPolicyArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantEmailConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantEventConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFamilyConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFormConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantJwtConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantLoginConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantMaximumPasswordAgeArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantMinimumPasswordAgeArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantOauthConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantUserDeletePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new FusionAuthTenant("example", FusionAuthTenantArgs.builder()
.connectorPolicies(FusionAuthTenantConnectorPolicyArgs.builder()
.connectorId("b57b3d0f-f7a4-4831-a838-549717362ea8")
.domains("*")
.migrate(false)
.build())
.emailConfiguration(FusionAuthTenantEmailConfigurationArgs.builder()
.forgotPasswordEmailTemplateId(fusionauth_email.ForgotPassword_Example().id())
.host("smtp.sendgrid.net")
.password("password")
.passwordlessEmailTemplateId(fusionauth_email.PasswordlessLogin_Example().id())
.port(587)
.security("TLS")
.setPasswordEmailTemplateId(fusionauth_email.SetupPassword_Example().id())
.username("username")
.verifyEmail(true)
.verifyEmailWhenChanged(true)
.build())
.eventConfigurations(
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.delete")
.enabled(true)
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.create")
.enabled(true)
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.update")
.enabled(true)
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.deactivate")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.bulk.create")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.reactivate")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("jwt.refresh-token.revoke")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("jwt.refresh")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("jwt.public-key.update")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.login.success")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.login.failed")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.registration.create")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.registration.update")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.registration.delete")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.registration.verified")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.email.verified")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.identity-provider.link")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.identity-provider.unlink")
.enabled(true)
.transactionType("Any")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.password.breach")
.enabled(false)
.transactionType("None")
.build())
.externalIdentifierConfiguration(FusionAuthTenantExternalIdentifierConfigurationArgs.builder()
.authorizationGrantIdTimeToLiveInSeconds(30)
.changePasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.changePasswordIdTimeToLiveInSeconds(600)
.deviceCodeTimeToLiveInSeconds(1800)
.deviceUserCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.emailVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.emailVerificationIdTimeToLiveInSeconds(86400)
.emailVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.externalAuthenticationIdTimeToLiveInSeconds(300)
.oneTimePasswordTimeToLiveInSeconds(60)
.passwordlessLoginGenerator(FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.passwordlessLoginTimeToLiveInSeconds(600)
.registrationVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.registrationVerificationIdTimeToLiveInSeconds(86400)
.registrationVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.samlV2AuthnRequestIdTtlSeconds(300)
.setupPasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.setupPasswordIdTimeToLiveInSeconds(86400)
.twoFactorIdTimeToLiveInSeconds(300)
.twoFactorOneTimeCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs.builder()
.length(6)
.type("randomDigits")
.build())
.twoFactorTrustIdTimeToLiveInSeconds(2592000)
.build())
.failedAuthenticationConfiguration(FusionAuthTenantFailedAuthenticationConfigurationArgs.builder()
.actionDuration(3)
.actionDurationUnit("MINUTES")
.resetCountInSeconds(60)
.tooManyAttempts(5)
.build())
.familyConfiguration(FusionAuthTenantFamilyConfigurationArgs.builder()
.allowChildRegistrations(true)
.deleteOrphanedAccounts(false)
.deleteOrphanedAccountsDays(30)
.enabled(true)
.maximumChildAge(12)
.minimumOwnerAge(21)
.parentEmailRequired(false)
.build())
.formConfiguration(FusionAuthTenantFormConfigurationArgs.builder()
.adminUserFormId("e92751a5-25f4-4bca-ad91-66cdf67725d2")
.build())
.httpSessionMaxInactiveInterval(3600)
.issuer("https://example.com")
.jwtConfigurations(FusionAuthTenantJwtConfigurationArgs.builder()
.accessTokenKeyId(fusionauth_key.accesstoken().id())
.idTokenKeyId(fusionauth_key.idtoken().id())
.refreshTokenTimeToLiveInMinutes(43200)
.timeToLiveInSeconds(3600)
.build())
.loginConfiguration(FusionAuthTenantLoginConfigurationArgs.builder()
.requireAuthentication(true)
.build())
.maximumPasswordAge(FusionAuthTenantMaximumPasswordAgeArgs.builder()
.days(180)
.enabled(false)
.build())
.minimumPasswordAge(FusionAuthTenantMinimumPasswordAgeArgs.builder()
.enabled(false)
.seconds(30)
.build())
.oauthConfigurations(FusionAuthTenantOauthConfigurationArgs.builder()
.clientCredentialsAccessTokenPopulateLambdaId(fusionauth_lambda.client_jwt_populate().id())
.build())
.passwordEncryptionConfigurations(FusionAuthTenantPasswordEncryptionConfigurationArgs.builder()
.encryptionScheme("salted-pbkdf2-hmac-sha256")
.encryptionSchemeFactor(24000)
.modifyEncryptionSchemeOnLogin(false)
.build())
.passwordValidationRules(FusionAuthTenantPasswordValidationRulesArgs.builder()
.maxLength(256)
.minLength(7)
.rememberPreviousPasswords(FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs.builder()
.count(1)
.enabled(false)
.build())
.requiredMixedCase(false)
.requireNonAlpha(false)
.requireNumber(false)
.validateOnLogin(false)
.build())
.themeId(fusionauth_theme.example_theme().id())
.userDeletePolicy(FusionAuthTenantUserDeletePolicyArgs.builder()
.unverifiedEnabled(false)
.unverifiedNumberOfDaysToRetain(30)
.build())
.build());
}
}
import pulumi
import theogravity_pulumi-fusionauth as fusionauth
example = fusionauth.FusionAuthTenant("example",
connector_policies=[fusionauth.FusionAuthTenantConnectorPolicyArgs(
connector_id="b57b3d0f-f7a4-4831-a838-549717362ea8",
domains=["*"],
migrate=False,
)],
email_configuration=fusionauth.FusionAuthTenantEmailConfigurationArgs(
forgot_password_email_template_id=fusionauth_email["ForgotPassword_Example"]["id"],
host="smtp.sendgrid.net",
password="password",
passwordless_email_template_id=fusionauth_email["PasswordlessLogin_Example"]["id"],
port=587,
security="TLS",
set_password_email_template_id=fusionauth_email["SetupPassword_Example"]["id"],
username="username",
verify_email=True,
verify_email_when_changed=True,
),
event_configurations=[
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.delete",
enabled=True,
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.create",
enabled=True,
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.update",
enabled=True,
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.deactivate",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.bulk.create",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.reactivate",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="jwt.refresh-token.revoke",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="jwt.refresh",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="jwt.public-key.update",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.login.success",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.login.failed",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.registration.create",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.registration.update",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.registration.delete",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.registration.verified",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.email.verified",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.identity-provider.link",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.identity-provider.unlink",
enabled=True,
transaction_type="Any",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.password.breach",
enabled=False,
transaction_type="None",
),
],
external_identifier_configuration=fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs(
authorization_grant_id_time_to_live_in_seconds=30,
change_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs(
length=32,
type="randomBytes",
),
change_password_id_time_to_live_in_seconds=600,
device_code_time_to_live_in_seconds=1800,
device_user_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs(
length=6,
type="randomAlphaNumeric",
),
email_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs(
length=32,
type="randomBytes",
),
email_verification_id_time_to_live_in_seconds=86400,
email_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs(
length=6,
type="randomAlphaNumeric",
),
external_authentication_id_time_to_live_in_seconds=300,
one_time_password_time_to_live_in_seconds=60,
passwordless_login_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs(
length=32,
type="randomBytes",
),
passwordless_login_time_to_live_in_seconds=600,
registration_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs(
length=32,
type="randomBytes",
),
registration_verification_id_time_to_live_in_seconds=86400,
registration_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs(
length=6,
type="randomAlphaNumeric",
),
saml_v2_authn_request_id_ttl_seconds=300,
setup_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs(
length=32,
type="randomBytes",
),
setup_password_id_time_to_live_in_seconds=86400,
two_factor_id_time_to_live_in_seconds=300,
two_factor_one_time_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs(
length=6,
type="randomDigits",
),
two_factor_trust_id_time_to_live_in_seconds=2592000,
),
failed_authentication_configuration=fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs(
action_duration=3,
action_duration_unit="MINUTES",
reset_count_in_seconds=60,
too_many_attempts=5,
),
family_configuration=fusionauth.FusionAuthTenantFamilyConfigurationArgs(
allow_child_registrations=True,
delete_orphaned_accounts=False,
delete_orphaned_accounts_days=30,
enabled=True,
maximum_child_age=12,
minimum_owner_age=21,
parent_email_required=False,
),
form_configuration=fusionauth.FusionAuthTenantFormConfigurationArgs(
admin_user_form_id="e92751a5-25f4-4bca-ad91-66cdf67725d2",
),
http_session_max_inactive_interval=3600,
issuer="https://example.com",
jwt_configurations=[fusionauth.FusionAuthTenantJwtConfigurationArgs(
access_token_key_id=fusionauth_key["accesstoken"]["id"],
id_token_key_id=fusionauth_key["idtoken"]["id"],
refresh_token_time_to_live_in_minutes=43200,
time_to_live_in_seconds=3600,
)],
login_configuration=fusionauth.FusionAuthTenantLoginConfigurationArgs(
require_authentication=True,
),
maximum_password_age=fusionauth.FusionAuthTenantMaximumPasswordAgeArgs(
days=180,
enabled=False,
),
minimum_password_age=fusionauth.FusionAuthTenantMinimumPasswordAgeArgs(
enabled=False,
seconds=30,
),
oauth_configurations=[fusionauth.FusionAuthTenantOauthConfigurationArgs(
client_credentials_access_token_populate_lambda_id=fusionauth_lambda["client_jwt_populate"]["id"],
)],
password_encryption_configurations=[fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs(
encryption_scheme="salted-pbkdf2-hmac-sha256",
encryption_scheme_factor=24000,
modify_encryption_scheme_on_login=False,
)],
password_validation_rules=fusionauth.FusionAuthTenantPasswordValidationRulesArgs(
max_length=256,
min_length=7,
remember_previous_passwords=fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs(
count=1,
enabled=False,
),
required_mixed_case=False,
require_non_alpha=False,
require_number=False,
validate_on_login=False,
),
theme_id=fusionauth_theme["example_theme"]["id"],
user_delete_policy=fusionauth.FusionAuthTenantUserDeletePolicyArgs(
unverified_enabled=False,
unverified_number_of_days_to_retain=30,
))
import * as pulumi from "@pulumi/pulumi";
import * as fusionauth from "pulumi-fusionauth";
const example = new fusionauth.FusionAuthTenant("example", {
connectorPolicies: [{
connectorId: "b57b3d0f-f7a4-4831-a838-549717362ea8",
domains: ["*"],
migrate: false,
}],
emailConfiguration: {
forgotPasswordEmailTemplateId: fusionauth_email.ForgotPassword_Example.id,
host: "smtp.sendgrid.net",
password: "password",
passwordlessEmailTemplateId: fusionauth_email.PasswordlessLogin_Example.id,
port: 587,
security: "TLS",
setPasswordEmailTemplateId: fusionauth_email.SetupPassword_Example.id,
username: "username",
verifyEmail: true,
verifyEmailWhenChanged: true,
},
eventConfigurations: [
{
event: "user.delete",
enabled: true,
transactionType: "None",
},
{
event: "user.create",
enabled: true,
transactionType: "None",
},
{
event: "user.update",
enabled: true,
transactionType: "None",
},
{
event: "user.deactivate",
enabled: true,
transactionType: "Any",
},
{
event: "user.bulk.create",
enabled: true,
transactionType: "Any",
},
{
event: "user.reactivate",
enabled: true,
transactionType: "Any",
},
{
event: "jwt.refresh-token.revoke",
enabled: true,
transactionType: "Any",
},
{
event: "jwt.refresh",
enabled: true,
transactionType: "Any",
},
{
event: "jwt.public-key.update",
enabled: true,
transactionType: "Any",
},
{
event: "user.login.success",
enabled: true,
transactionType: "Any",
},
{
event: "user.login.failed",
enabled: true,
transactionType: "Any",
},
{
event: "user.registration.create",
enabled: true,
transactionType: "Any",
},
{
event: "user.registration.update",
enabled: true,
transactionType: "Any",
},
{
event: "user.registration.delete",
enabled: true,
transactionType: "Any",
},
{
event: "user.registration.verified",
enabled: true,
transactionType: "Any",
},
{
event: "user.email.verified",
enabled: true,
transactionType: "Any",
},
{
event: "user.identity-provider.link",
enabled: true,
transactionType: "Any",
},
{
event: "user.identity-provider.unlink",
enabled: true,
transactionType: "Any",
},
{
event: "user.password.breach",
enabled: false,
transactionType: "None",
},
],
externalIdentifierConfiguration: {
authorizationGrantIdTimeToLiveInSeconds: 30,
changePasswordIdGenerator: {
length: 32,
type: "randomBytes",
},
changePasswordIdTimeToLiveInSeconds: 600,
deviceCodeTimeToLiveInSeconds: 1800,
deviceUserCodeIdGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
emailVerificationIdGenerator: {
length: 32,
type: "randomBytes",
},
emailVerificationIdTimeToLiveInSeconds: 86400,
emailVerificationOneTimeCodeGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
externalAuthenticationIdTimeToLiveInSeconds: 300,
oneTimePasswordTimeToLiveInSeconds: 60,
passwordlessLoginGenerator: {
length: 32,
type: "randomBytes",
},
passwordlessLoginTimeToLiveInSeconds: 600,
registrationVerificationIdGenerator: {
length: 32,
type: "randomBytes",
},
registrationVerificationIdTimeToLiveInSeconds: 86400,
registrationVerificationOneTimeCodeGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
samlV2AuthnRequestIdTtlSeconds: 300,
setupPasswordIdGenerator: {
length: 32,
type: "randomBytes",
},
setupPasswordIdTimeToLiveInSeconds: 86400,
twoFactorIdTimeToLiveInSeconds: 300,
twoFactorOneTimeCodeIdGenerator: {
length: 6,
type: "randomDigits",
},
twoFactorTrustIdTimeToLiveInSeconds: 2592000,
},
failedAuthenticationConfiguration: {
actionDuration: 3,
actionDurationUnit: "MINUTES",
resetCountInSeconds: 60,
tooManyAttempts: 5,
},
familyConfiguration: {
allowChildRegistrations: true,
deleteOrphanedAccounts: false,
deleteOrphanedAccountsDays: 30,
enabled: true,
maximumChildAge: 12,
minimumOwnerAge: 21,
parentEmailRequired: false,
},
formConfiguration: {
adminUserFormId: "e92751a5-25f4-4bca-ad91-66cdf67725d2",
},
httpSessionMaxInactiveInterval: 3600,
issuer: "https://example.com",
jwtConfigurations: [{
accessTokenKeyId: fusionauth_key.accesstoken.id,
idTokenKeyId: fusionauth_key.idtoken.id,
refreshTokenTimeToLiveInMinutes: 43200,
timeToLiveInSeconds: 3600,
}],
loginConfiguration: {
requireAuthentication: true,
},
maximumPasswordAge: {
days: 180,
enabled: false,
},
minimumPasswordAge: {
enabled: false,
seconds: 30,
},
oauthConfigurations: [{
clientCredentialsAccessTokenPopulateLambdaId: fusionauth_lambda.client_jwt_populate.id,
}],
passwordEncryptionConfigurations: [{
encryptionScheme: "salted-pbkdf2-hmac-sha256",
encryptionSchemeFactor: 24000,
modifyEncryptionSchemeOnLogin: false,
}],
passwordValidationRules: {
maxLength: 256,
minLength: 7,
rememberPreviousPasswords: {
count: 1,
enabled: false,
},
requiredMixedCase: false,
requireNonAlpha: false,
requireNumber: false,
validateOnLogin: false,
},
themeId: fusionauth_theme.example_theme.id,
userDeletePolicy: {
unverifiedEnabled: false,
unverifiedNumberOfDaysToRetain: 30,
},
});
resources:
example:
type: fusionauth:FusionAuthTenant
properties:
connectorPolicies:
- connectorId: b57b3d0f-f7a4-4831-a838-549717362ea8
domains:
- '*'
migrate: false
emailConfiguration:
forgotPasswordEmailTemplateId: ${fusionauth_email.ForgotPassword_Example.id}
host: smtp.sendgrid.net
password: password
passwordlessEmailTemplateId: ${fusionauth_email.PasswordlessLogin_Example.id}
port: 587
security: TLS
setPasswordEmailTemplateId: ${fusionauth_email.SetupPassword_Example.id}
username: username
verifyEmail: true
verifyEmailWhenChanged: true
eventConfigurations:
- event: user.delete
enabled: true
transactionType: None
- event: user.create
enabled: true
transactionType: None
- event: user.update
enabled: true
transactionType: None
- event: user.deactivate
enabled: true
transactionType: Any
- event: user.bulk.create
enabled: true
transactionType: Any
- event: user.reactivate
enabled: true
transactionType: Any
- event: jwt.refresh-token.revoke
enabled: true
transactionType: Any
- event: jwt.refresh
enabled: true
transactionType: Any
- event: jwt.public-key.update
enabled: true
transactionType: Any
- event: user.login.success
enabled: true
transactionType: Any
- event: user.login.failed
enabled: true
transactionType: Any
- event: user.registration.create
enabled: true
transactionType: Any
- event: user.registration.update
enabled: true
transactionType: Any
- event: user.registration.delete
enabled: true
transactionType: Any
- event: user.registration.verified
enabled: true
transactionType: Any
- event: user.email.verified
enabled: true
transactionType: Any
- event: user.identity-provider.link
enabled: true
transactionType: Any
- event: user.identity-provider.unlink
enabled: true
transactionType: Any
- event: user.password.breach
enabled: false
transactionType: None
externalIdentifierConfiguration:
authorizationGrantIdTimeToLiveInSeconds: 30
changePasswordIdGenerator:
length: 32
type: randomBytes
changePasswordIdTimeToLiveInSeconds: 600
deviceCodeTimeToLiveInSeconds: 1800
deviceUserCodeIdGenerator:
length: 6
type: randomAlphaNumeric
emailVerificationIdGenerator:
length: 32
type: randomBytes
emailVerificationIdTimeToLiveInSeconds: 86400
emailVerificationOneTimeCodeGenerator:
length: 6
type: randomAlphaNumeric
externalAuthenticationIdTimeToLiveInSeconds: 300
oneTimePasswordTimeToLiveInSeconds: 60
passwordlessLoginGenerator:
length: 32
type: randomBytes
passwordlessLoginTimeToLiveInSeconds: 600
registrationVerificationIdGenerator:
length: 32
type: randomBytes
registrationVerificationIdTimeToLiveInSeconds: 86400
registrationVerificationOneTimeCodeGenerator:
length: 6
type: randomAlphaNumeric
samlV2AuthnRequestIdTtlSeconds: 300
setupPasswordIdGenerator:
length: 32
type: randomBytes
setupPasswordIdTimeToLiveInSeconds: 86400
twoFactorIdTimeToLiveInSeconds: 300
twoFactorOneTimeCodeIdGenerator:
length: 6
type: randomDigits
twoFactorTrustIdTimeToLiveInSeconds: 2.592e+06
failedAuthenticationConfiguration:
actionDuration: 3
actionDurationUnit: MINUTES
resetCountInSeconds: 60
tooManyAttempts: 5
familyConfiguration:
allowChildRegistrations: true
deleteOrphanedAccounts: false
deleteOrphanedAccountsDays: 30
enabled: true
maximumChildAge: 12
minimumOwnerAge: 21
parentEmailRequired: false
formConfiguration:
adminUserFormId: e92751a5-25f4-4bca-ad91-66cdf67725d2
httpSessionMaxInactiveInterval: 3600
issuer: https://example.com
jwtConfigurations:
- accessTokenKeyId: ${fusionauth_key.accesstoken.id}
idTokenKeyId: ${fusionauth_key.idtoken.id}
refreshTokenTimeToLiveInMinutes: 43200
timeToLiveInSeconds: 3600
loginConfiguration:
requireAuthentication: true
maximumPasswordAge:
days: 180
enabled: false
minimumPasswordAge:
enabled: false
seconds: 30
oauthConfigurations:
- clientCredentialsAccessTokenPopulateLambdaId: ${fusionauth_lambda.client_jwt_populate.id}
passwordEncryptionConfigurations:
- encryptionScheme: salted-pbkdf2-hmac-sha256
encryptionSchemeFactor: 24000
modifyEncryptionSchemeOnLogin: false
passwordValidationRules:
maxLength: 256
minLength: 7
rememberPreviousPasswords:
count: 1
enabled: false
requiredMixedCase: false
requireNonAlpha: false
requireNumber: false
validateOnLogin: false
themeId: ${fusionauth_theme.example_theme.id}
userDeletePolicy:
unverifiedEnabled: false
unverifiedNumberOfDaysToRetain: 30
Create FusionAuthTenant Resource
new FusionAuthTenant(name: string, args: FusionAuthTenantArgs, opts?: CustomResourceOptions);@overload
def FusionAuthTenant(resource_name: str,
opts: Optional[ResourceOptions] = None,
access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
data: Optional[Mapping[str, Any]] = None,
email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
http_session_max_inactive_interval: Optional[int] = None,
issuer: Optional[str] = None,
jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
logout_url: Optional[str] = None,
maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
name: Optional[str] = None,
oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
source_tenant_id: Optional[str] = None,
tenant_id: Optional[str] = None,
theme_id: Optional[str] = None,
user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None)
@overload
def FusionAuthTenant(resource_name: str,
args: FusionAuthTenantArgs,
opts: Optional[ResourceOptions] = None)func NewFusionAuthTenant(ctx *Context, name string, args FusionAuthTenantArgs, opts ...ResourceOption) (*FusionAuthTenant, error)public FusionAuthTenant(string name, FusionAuthTenantArgs args, CustomResourceOptions? opts = null)
public FusionAuthTenant(String name, FusionAuthTenantArgs args)
public FusionAuthTenant(String name, FusionAuthTenantArgs args, CustomResourceOptions options)
type: fusionauth:FusionAuthTenant
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
FusionAuthTenant Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The FusionAuthTenant resource accepts the following input properties:
- Email
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Email Configuration - External
Identifier theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration - Issuer string
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Jwt Configuration> - Theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- Access
Control theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Access Control Configuration - Captcha
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Captcha Configuration - Connector
Policies List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Connector Policy> A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data Dictionary<string, object>
An object that can hold any information about the Tenant that should be persisted.
- Event
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Event Configuration> - Failed
Authentication theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Failed Authentication Configuration - Family
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Family Configuration - Form
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Form Configuration - Http
Session intMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Login
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Login Configuration - Logout
Url string The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Maximum Password Age - Minimum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Minimum Password Age - Multi
Factor theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration - Name string
The unique name of the Tenant.
- Oauth
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Oauth Configuration> - Password
Encryption List<theogravity.Configurations Fusionauth. Inputs. Fusion Auth Tenant Password Encryption Configuration> - Password
Validation theogravity.Rules Fusionauth. Inputs. Fusion Auth Tenant Password Validation Rules - Source
Tenant stringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Tenant
Id string The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- User
Delete theogravity.Policy Fusionauth. Inputs. Fusion Auth Tenant User Delete Policy - Username
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Username Configuration
- Email
Configuration FusionAuth Tenant Email Configuration Args - External
Identifier FusionConfiguration Auth Tenant External Identifier Configuration Args - Issuer string
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations []FusionAuth Tenant Jwt Configuration Args - Theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- Access
Control FusionConfiguration Auth Tenant Access Control Configuration Args - Captcha
Configuration FusionAuth Tenant Captcha Configuration Args - Connector
Policies []FusionAuth Tenant Connector Policy Args A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data map[string]interface{}
An object that can hold any information about the Tenant that should be persisted.
- Event
Configurations []FusionAuth Tenant Event Configuration Args - Failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration Args - Family
Configuration FusionAuth Tenant Family Configuration Args - Form
Configuration FusionAuth Tenant Form Configuration Args - Http
Session intMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Login
Configuration FusionAuth Tenant Login Configuration Args - Logout
Url string The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password FusionAge Auth Tenant Maximum Password Age Args - Minimum
Password FusionAge Auth Tenant Minimum Password Age Args - Multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration Args - Name string
The unique name of the Tenant.
- Oauth
Configurations []FusionAuth Tenant Oauth Configuration Args - Password
Encryption []FusionConfigurations Auth Tenant Password Encryption Configuration Args - Password
Validation FusionRules Auth Tenant Password Validation Rules Args - Source
Tenant stringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Tenant
Id string The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- User
Delete FusionPolicy Auth Tenant User Delete Policy Args - Username
Configuration FusionAuth Tenant Username Configuration Args
- email
Configuration FusionAuth Tenant Email Configuration - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - issuer String
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<FusionAuth Tenant Jwt Configuration> - theme
Id String The unique Id of the theme to be used to style the login page and other end user templates.
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies List<FusionAuth Tenant Connector Policy> A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<String,Object>
An object that can hold any information about the Tenant that should be persisted.
- event
Configurations List<FusionAuth Tenant Event Configuration> - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session IntegerMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- login
Configuration FusionAuth Tenant Login Configuration - logout
Url String The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name String
The unique name of the Tenant.
- oauth
Configurations List<FusionAuth Tenant Oauth Configuration> - password
Encryption List<FusionConfigurations Auth Tenant Password Encryption Configuration> - password
Validation FusionRules Auth Tenant Password Validation Rules - source
Tenant StringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id String The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration
- email
Configuration FusionAuth Tenant Email Configuration - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - issuer string
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations FusionAuth Tenant Jwt Configuration[] - theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies FusionAuth Tenant Connector Policy[] A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data {[key: string]: any}
An object that can hold any information about the Tenant that should be persisted.
- event
Configurations FusionAuth Tenant Event Configuration[] - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session numberMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- login
Configuration FusionAuth Tenant Login Configuration - logout
Url string The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name string
The unique name of the Tenant.
- oauth
Configurations FusionAuth Tenant Oauth Configuration[] - password
Encryption FusionConfigurations Auth Tenant Password Encryption Configuration[] - password
Validation FusionRules Auth Tenant Password Validation Rules - source
Tenant stringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id string The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration
- email_
configuration FusionAuth Tenant Email Configuration Args - external_
identifier_ Fusionconfiguration Auth Tenant External Identifier Configuration Args - issuer str
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt_
configurations Sequence[FusionAuth Tenant Jwt Configuration Args] - theme_
id str The unique Id of the theme to be used to style the login page and other end user templates.
- access_
control_ Fusionconfiguration Auth Tenant Access Control Configuration Args - captcha_
configuration FusionAuth Tenant Captcha Configuration Args - connector_
policies Sequence[FusionAuth Tenant Connector Policy Args] A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Mapping[str, Any]
An object that can hold any information about the Tenant that should be persisted.
- event_
configurations Sequence[FusionAuth Tenant Event Configuration Args] - failed_
authentication_ Fusionconfiguration Auth Tenant Failed Authentication Configuration Args - family_
configuration FusionAuth Tenant Family Configuration Args - form_
configuration FusionAuth Tenant Form Configuration Args - http_
session_ intmax_ inactive_ interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- login_
configuration FusionAuth Tenant Login Configuration Args - logout_
url str The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum_
password_ Fusionage Auth Tenant Maximum Password Age Args - minimum_
password_ Fusionage Auth Tenant Minimum Password Age Args - multi_
factor_ Fusionconfiguration Auth Tenant Multi Factor Configuration Args - name str
The unique name of the Tenant.
- oauth_
configurations Sequence[FusionAuth Tenant Oauth Configuration Args] - password_
encryption_ Sequence[Fusionconfigurations Auth Tenant Password Encryption Configuration Args] - password_
validation_ Fusionrules Auth Tenant Password Validation Rules Args - source_
tenant_ strid The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant_
id str The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- user_
delete_ Fusionpolicy Auth Tenant User Delete Policy Args - username_
configuration FusionAuth Tenant Username Configuration Args
- email
Configuration Property Map - external
Identifier Property MapConfiguration - issuer String
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<Property Map> - theme
Id String The unique Id of the theme to be used to style the login page and other end user templates.
- access
Control Property MapConfiguration - captcha
Configuration Property Map - connector
Policies List<Property Map> A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<Any>
An object that can hold any information about the Tenant that should be persisted.
- event
Configurations List<Property Map> - failed
Authentication Property MapConfiguration - family
Configuration Property Map - form
Configuration Property Map - http
Session NumberMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- login
Configuration Property Map - logout
Url String The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password Property MapAge - minimum
Password Property MapAge - multi
Factor Property MapConfiguration - name String
The unique name of the Tenant.
- oauth
Configurations List<Property Map> - password
Encryption List<Property Map>Configurations - password
Validation Property MapRules - source
Tenant StringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id String The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- user
Delete Property MapPolicy - username
Configuration Property Map
Outputs
All input properties are implicitly available as output properties. Additionally, the FusionAuthTenant resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing FusionAuthTenant Resource
Get an existing FusionAuthTenant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FusionAuthTenantState, opts?: CustomResourceOptions): FusionAuthTenant@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
data: Optional[Mapping[str, Any]] = None,
email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
http_session_max_inactive_interval: Optional[int] = None,
issuer: Optional[str] = None,
jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
logout_url: Optional[str] = None,
maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
name: Optional[str] = None,
oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
source_tenant_id: Optional[str] = None,
tenant_id: Optional[str] = None,
theme_id: Optional[str] = None,
user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None) -> FusionAuthTenantfunc GetFusionAuthTenant(ctx *Context, name string, id IDInput, state *FusionAuthTenantState, opts ...ResourceOption) (*FusionAuthTenant, error)public static FusionAuthTenant Get(string name, Input<string> id, FusionAuthTenantState? state, CustomResourceOptions? opts = null)public static FusionAuthTenant get(String name, Output<String> id, FusionAuthTenantState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access
Control theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Access Control Configuration - Captcha
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Captcha Configuration - Connector
Policies List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Connector Policy> A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data Dictionary<string, object>
An object that can hold any information about the Tenant that should be persisted.
- Email
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Email Configuration - Event
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Event Configuration> - External
Identifier theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration - Failed
Authentication theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Failed Authentication Configuration - Family
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Family Configuration - Form
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Form Configuration - Http
Session intMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Issuer string
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Jwt Configuration> - Login
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Login Configuration - Logout
Url string The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Maximum Password Age - Minimum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Minimum Password Age - Multi
Factor theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration - Name string
The unique name of the Tenant.
- Oauth
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Oauth Configuration> - Password
Encryption List<theogravity.Configurations Fusionauth. Inputs. Fusion Auth Tenant Password Encryption Configuration> - Password
Validation theogravity.Rules Fusionauth. Inputs. Fusion Auth Tenant Password Validation Rules - Source
Tenant stringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Tenant
Id string The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- Theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- User
Delete theogravity.Policy Fusionauth. Inputs. Fusion Auth Tenant User Delete Policy - Username
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Username Configuration
- Access
Control FusionConfiguration Auth Tenant Access Control Configuration Args - Captcha
Configuration FusionAuth Tenant Captcha Configuration Args - Connector
Policies []FusionAuth Tenant Connector Policy Args A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data map[string]interface{}
An object that can hold any information about the Tenant that should be persisted.
- Email
Configuration FusionAuth Tenant Email Configuration Args - Event
Configurations []FusionAuth Tenant Event Configuration Args - External
Identifier FusionConfiguration Auth Tenant External Identifier Configuration Args - Failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration Args - Family
Configuration FusionAuth Tenant Family Configuration Args - Form
Configuration FusionAuth Tenant Form Configuration Args - Http
Session intMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Issuer string
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations []FusionAuth Tenant Jwt Configuration Args - Login
Configuration FusionAuth Tenant Login Configuration Args - Logout
Url string The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password FusionAge Auth Tenant Maximum Password Age Args - Minimum
Password FusionAge Auth Tenant Minimum Password Age Args - Multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration Args - Name string
The unique name of the Tenant.
- Oauth
Configurations []FusionAuth Tenant Oauth Configuration Args - Password
Encryption []FusionConfigurations Auth Tenant Password Encryption Configuration Args - Password
Validation FusionRules Auth Tenant Password Validation Rules Args - Source
Tenant stringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Tenant
Id string The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- Theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- User
Delete FusionPolicy Auth Tenant User Delete Policy Args - Username
Configuration FusionAuth Tenant Username Configuration Args
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies List<FusionAuth Tenant Connector Policy> A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<String,Object>
An object that can hold any information about the Tenant that should be persisted.
- email
Configuration FusionAuth Tenant Email Configuration - event
Configurations List<FusionAuth Tenant Event Configuration> - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session IntegerMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer String
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<FusionAuth Tenant Jwt Configuration> - login
Configuration FusionAuth Tenant Login Configuration - logout
Url String The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name String
The unique name of the Tenant.
- oauth
Configurations List<FusionAuth Tenant Oauth Configuration> - password
Encryption List<FusionConfigurations Auth Tenant Password Encryption Configuration> - password
Validation FusionRules Auth Tenant Password Validation Rules - source
Tenant StringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id String The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id String The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies FusionAuth Tenant Connector Policy[] A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data {[key: string]: any}
An object that can hold any information about the Tenant that should be persisted.
- email
Configuration FusionAuth Tenant Email Configuration - event
Configurations FusionAuth Tenant Event Configuration[] - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session numberMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer string
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations FusionAuth Tenant Jwt Configuration[] - login
Configuration FusionAuth Tenant Login Configuration - logout
Url string The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name string
The unique name of the Tenant.
- oauth
Configurations FusionAuth Tenant Oauth Configuration[] - password
Encryption FusionConfigurations Auth Tenant Password Encryption Configuration[] - password
Validation FusionRules Auth Tenant Password Validation Rules - source
Tenant stringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id string The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id string The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration
- access_
control_ Fusionconfiguration Auth Tenant Access Control Configuration Args - captcha_
configuration FusionAuth Tenant Captcha Configuration Args - connector_
policies Sequence[FusionAuth Tenant Connector Policy Args] A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Mapping[str, Any]
An object that can hold any information about the Tenant that should be persisted.
- email_
configuration FusionAuth Tenant Email Configuration Args - event_
configurations Sequence[FusionAuth Tenant Event Configuration Args] - external_
identifier_ Fusionconfiguration Auth Tenant External Identifier Configuration Args - failed_
authentication_ Fusionconfiguration Auth Tenant Failed Authentication Configuration Args - family_
configuration FusionAuth Tenant Family Configuration Args - form_
configuration FusionAuth Tenant Form Configuration Args - http_
session_ intmax_ inactive_ interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer str
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt_
configurations Sequence[FusionAuth Tenant Jwt Configuration Args] - login_
configuration FusionAuth Tenant Login Configuration Args - logout_
url str The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum_
password_ Fusionage Auth Tenant Maximum Password Age Args - minimum_
password_ Fusionage Auth Tenant Minimum Password Age Args - multi_
factor_ Fusionconfiguration Auth Tenant Multi Factor Configuration Args - name str
The unique name of the Tenant.
- oauth_
configurations Sequence[FusionAuth Tenant Oauth Configuration Args] - password_
encryption_ Sequence[Fusionconfigurations Auth Tenant Password Encryption Configuration Args] - password_
validation_ Fusionrules Auth Tenant Password Validation Rules Args - source_
tenant_ strid The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant_
id str The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme_
id str The unique Id of the theme to be used to style the login page and other end user templates.
- user_
delete_ Fusionpolicy Auth Tenant User Delete Policy Args - username_
configuration FusionAuth Tenant Username Configuration Args
- access
Control Property MapConfiguration - captcha
Configuration Property Map - connector
Policies List<Property Map> A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<Any>
An object that can hold any information about the Tenant that should be persisted.
- email
Configuration Property Map - event
Configurations List<Property Map> - external
Identifier Property MapConfiguration - failed
Authentication Property MapConfiguration - family
Configuration Property Map - form
Configuration Property Map - http
Session NumberMax Inactive Interval Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer String
The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<Property Map> - login
Configuration Property Map - logout
Url String The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password Property MapAge - minimum
Password Property MapAge - multi
Factor Property MapConfiguration - name String
The unique name of the Tenant.
- oauth
Configurations List<Property Map> - password
Encryption List<Property Map>Configurations - password
Validation Property MapRules - source
Tenant StringId The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id String The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id String The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete Property MapPolicy - username
Configuration Property Map
Supporting Types
FusionAuthTenantAccessControlConfiguration, FusionAuthTenantAccessControlConfigurationArgs
- Ui
Ip stringAccess Control List Id The Id of the IP Access Control List limiting access to all applications in this tenant.
- Ui
Ip stringAccess Control List Id The Id of the IP Access Control List limiting access to all applications in this tenant.
- ui
Ip StringAccess Control List Id The Id of the IP Access Control List limiting access to all applications in this tenant.
- ui
Ip stringAccess Control List Id The Id of the IP Access Control List limiting access to all applications in this tenant.
- ui_
ip_ straccess_ control_ list_ id The Id of the IP Access Control List limiting access to all applications in this tenant.
- ui
Ip StringAccess Control List Id The Id of the IP Access Control List limiting access to all applications in this tenant.
FusionAuthTenantCaptchaConfiguration, FusionAuthTenantCaptchaConfigurationArgs
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Secret
Key string The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Site
Key string The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Threshold double
The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Secret
Key string The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Site
Key string The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Threshold float64
The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- secret
Key String The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- site
Key String The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- threshold Double
The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- secret
Key string The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- site
Key string The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- threshold number
The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- secret_
key str The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- site_
key str The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- threshold float
The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- secret
Key String The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- site
Key String The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- threshold Number
The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
FusionAuthTenantConnectorPolicy, FusionAuthTenantConnectorPolicyArgs
- Connector
Id string The identifier of the Connector to which this policy refers.
- Domains List<string>
A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- Migrate bool
If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- Connector
Id string The identifier of the Connector to which this policy refers.
- Domains []string
A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- Migrate bool
If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- connector
Id String The identifier of the Connector to which this policy refers.
- domains List<String>
A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- migrate Boolean
If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- connector
Id string The identifier of the Connector to which this policy refers.
- domains string[]
A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- migrate boolean
If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- connector_
id str The identifier of the Connector to which this policy refers.
- domains Sequence[str]
A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- migrate bool
If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- connector
Id String The identifier of the Connector to which this policy refers.
- domains List<String>
A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- migrate Boolean
If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
FusionAuthTenantEmailConfiguration, FusionAuthTenantEmailConfigurationArgs
- Host string
The host name of the SMTP server that FusionAuth will use.
- Port int
The port of the SMTP server that FusionAuth will use.
- Additional
Headers Dictionary<string, object> The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- Default
From stringEmail The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- Default
From stringName The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- Email
Update stringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- Email
Verified stringEmail Template Id The Id of the Email Template used to verify user emails.
- Forgot
Password stringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- Implicit
Email boolVerification Allowed When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- Login
Id stringIn Use On Create Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- Login
Id stringIn Use On Update Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- Login
New stringDevice Email Template Id The Id of the Email Template used to send emails to users when they log in on a new device.
- Login
Suspicious stringEmail Template Id The Id of the Email Template used to send emails to users when a suspicious login occurs.
- Password string
An optional password FusionAuth will use to authenticate with the SMTP server.
- Password
Reset stringSuccess Email Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- Password
Update stringEmail Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- Passwordless
Email stringTemplate Id The Id of the Passwordless Email Template.
- Properties string
Additional Email Configuration in a properties file formatted String.
- Security string
The type of security protocol FusionAuth will use when connecting to the SMTP server.
- Set
Password stringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- Two
Factor stringMethod Add Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- Two
Factor stringMethod Remove Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- Unverified
theogravity.
Fusionauth. Inputs. Fusion Auth Tenant Email Configuration Unverified - Username string
An optional username FusionAuth will to authenticate with the SMTP server.
- Verification
Email stringTemplate Id The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- Verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField.- Verify
Email bool Whether the user’s email addresses are verified when the registers with your application.
- Verify
Email boolWhen Changed Whether the user’s email addresses are verified when the user changes them.
- Host string
The host name of the SMTP server that FusionAuth will use.
- Port int
The port of the SMTP server that FusionAuth will use.
- Additional
Headers map[string]interface{} The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- Default
From stringEmail The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- Default
From stringName The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- Email
Update stringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- Email
Verified stringEmail Template Id The Id of the Email Template used to verify user emails.
- Forgot
Password stringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- Implicit
Email boolVerification Allowed When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- Login
Id stringIn Use On Create Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- Login
Id stringIn Use On Update Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- Login
New stringDevice Email Template Id The Id of the Email Template used to send emails to users when they log in on a new device.
- Login
Suspicious stringEmail Template Id The Id of the Email Template used to send emails to users when a suspicious login occurs.
- Password string
An optional password FusionAuth will use to authenticate with the SMTP server.
- Password
Reset stringSuccess Email Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- Password
Update stringEmail Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- Passwordless
Email stringTemplate Id The Id of the Passwordless Email Template.
- Properties string
Additional Email Configuration in a properties file formatted String.
- Security string
The type of security protocol FusionAuth will use when connecting to the SMTP server.
- Set
Password stringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- Two
Factor stringMethod Add Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- Two
Factor stringMethod Remove Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- Unverified
Fusion
Auth Tenant Email Configuration Unverified - Username string
An optional username FusionAuth will to authenticate with the SMTP server.
- Verification
Email stringTemplate Id The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- Verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField.- Verify
Email bool Whether the user’s email addresses are verified when the registers with your application.
- Verify
Email boolWhen Changed Whether the user’s email addresses are verified when the user changes them.
- host String
The host name of the SMTP server that FusionAuth will use.
- port Integer
The port of the SMTP server that FusionAuth will use.
- additional
Headers Map<String,Object> The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- default
From StringEmail The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- default
From StringName The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- email
Update StringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- email
Verified StringEmail Template Id The Id of the Email Template used to verify user emails.
- forgot
Password StringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- implicit
Email BooleanVerification Allowed When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- login
Id StringIn Use On Create Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
Id StringIn Use On Update Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
New StringDevice Email Template Id The Id of the Email Template used to send emails to users when they log in on a new device.
- login
Suspicious StringEmail Template Id The Id of the Email Template used to send emails to users when a suspicious login occurs.
- password String
An optional password FusionAuth will use to authenticate with the SMTP server.
- password
Reset StringSuccess Email Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- password
Update StringEmail Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- passwordless
Email StringTemplate Id The Id of the Passwordless Email Template.
- properties String
Additional Email Configuration in a properties file formatted String.
- security String
The type of security protocol FusionAuth will use when connecting to the SMTP server.
- set
Password StringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- two
Factor StringMethod Add Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- two
Factor StringMethod Remove Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- unverified
Fusion
Auth Tenant Email Configuration Unverified - username String
An optional username FusionAuth will to authenticate with the SMTP server.
- verification
Email StringTemplate Id The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- verification
Strategy String The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField.- verify
Email Boolean Whether the user’s email addresses are verified when the registers with your application.
- verify
Email BooleanWhen Changed Whether the user’s email addresses are verified when the user changes them.
- host string
The host name of the SMTP server that FusionAuth will use.
- port number
The port of the SMTP server that FusionAuth will use.
- additional
Headers {[key: string]: any} The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- default
From stringEmail The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- default
From stringName The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- email
Update stringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- email
Verified stringEmail Template Id The Id of the Email Template used to verify user emails.
- forgot
Password stringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- implicit
Email booleanVerification Allowed When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- login
Id stringIn Use On Create Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
Id stringIn Use On Update Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
New stringDevice Email Template Id The Id of the Email Template used to send emails to users when they log in on a new device.
- login
Suspicious stringEmail Template Id The Id of the Email Template used to send emails to users when a suspicious login occurs.
- password string
An optional password FusionAuth will use to authenticate with the SMTP server.
- password
Reset stringSuccess Email Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- password
Update stringEmail Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- passwordless
Email stringTemplate Id The Id of the Passwordless Email Template.
- properties string
Additional Email Configuration in a properties file formatted String.
- security string
The type of security protocol FusionAuth will use when connecting to the SMTP server.
- set
Password stringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- two
Factor stringMethod Add Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- two
Factor stringMethod Remove Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- unverified
Fusion
Auth Tenant Email Configuration Unverified - username string
An optional username FusionAuth will to authenticate with the SMTP server.
- verification
Email stringTemplate Id The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- verification
Strategy string The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField.- verify
Email boolean Whether the user’s email addresses are verified when the registers with your application.
- verify
Email booleanWhen Changed Whether the user’s email addresses are verified when the user changes them.
- host str
The host name of the SMTP server that FusionAuth will use.
- port int
The port of the SMTP server that FusionAuth will use.
- additional_
headers Mapping[str, Any] The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- default_
from_ stremail The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- default_
from_ strname The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- email_
update_ stremail_ template_ id The Id of the Email Template that is used when a user is sent a forgot password email.
- email_
verified_ stremail_ template_ id The Id of the Email Template used to verify user emails.
- forgot_
password_ stremail_ template_ id The Id of the Email Template that is used when a user is sent a forgot password email.
- implicit_
email_ boolverification_ allowed When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- login_
id_ strin_ use_ on_ create_ email_ template_ id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login_
id_ strin_ use_ on_ update_ email_ template_ id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login_
new_ strdevice_ email_ template_ id The Id of the Email Template used to send emails to users when they log in on a new device.
- login_
suspicious_ stremail_ template_ id The Id of the Email Template used to send emails to users when a suspicious login occurs.
- password str
An optional password FusionAuth will use to authenticate with the SMTP server.
- password_
reset_ strsuccess_ email_ template_ id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- password_
update_ stremail_ template_ id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- passwordless_
email_ strtemplate_ id The Id of the Passwordless Email Template.
- properties str
Additional Email Configuration in a properties file formatted String.
- security str
The type of security protocol FusionAuth will use when connecting to the SMTP server.
- set_
password_ stremail_ template_ id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- two_
factor_ strmethod_ add_ email_ template_ id The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- two_
factor_ strmethod_ remove_ email_ template_ id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- unverified
Fusion
Auth Tenant Email Configuration Unverified - username str
An optional username FusionAuth will to authenticate with the SMTP server.
- verification_
email_ strtemplate_ id The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- verification_
strategy str The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField.- verify_
email bool Whether the user’s email addresses are verified when the registers with your application.
- verify_
email_ boolwhen_ changed Whether the user’s email addresses are verified when the user changes them.
- host String
The host name of the SMTP server that FusionAuth will use.
- port Number
The port of the SMTP server that FusionAuth will use.
- additional
Headers Map<Any> The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- default
From StringEmail The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- default
From StringName The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- email
Update StringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- email
Verified StringEmail Template Id The Id of the Email Template used to verify user emails.
- forgot
Password StringEmail Template Id The Id of the Email Template that is used when a user is sent a forgot password email.
- implicit
Email BooleanVerification Allowed When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- login
Id StringIn Use On Create Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
Id StringIn Use On Update Email Template Id The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
New StringDevice Email Template Id The Id of the Email Template used to send emails to users when they log in on a new device.
- login
Suspicious StringEmail Template Id The Id of the Email Template used to send emails to users when a suspicious login occurs.
- password String
An optional password FusionAuth will use to authenticate with the SMTP server.
- password
Reset StringSuccess Email Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- password
Update StringEmail Template Id The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- passwordless
Email StringTemplate Id The Id of the Passwordless Email Template.
- properties String
Additional Email Configuration in a properties file formatted String.
- security String
The type of security protocol FusionAuth will use when connecting to the SMTP server.
- set
Password StringEmail Template Id The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- two
Factor StringMethod Add Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- two
Factor StringMethod Remove Email Template Id The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- unverified Property Map
- username String
An optional username FusionAuth will to authenticate with the SMTP server.
- verification
Email StringTemplate Id The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- verification
Strategy String The process by which the user will verify their email address. Possible values are
ClickableLinkorFormField.- verify
Email Boolean Whether the user’s email addresses are verified when the registers with your application.
- verify
Email BooleanWhen Changed Whether the user’s email addresses are verified when the user changes them.
FusionAuthTenantEmailConfigurationUnverified, FusionAuthTenantEmailConfigurationUnverifiedArgs
- Allow
Email boolChange When Gated When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
- Behavior string
= (Optional) The behavior when detecting breaches at time of user login
- Allow
Email boolChange When Gated When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
- Behavior string
= (Optional) The behavior when detecting breaches at time of user login
- allow
Email BooleanChange When Gated When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
- behavior String
= (Optional) The behavior when detecting breaches at time of user login
- allow
Email booleanChange When Gated When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
- behavior string
= (Optional) The behavior when detecting breaches at time of user login
- allow_
email_ boolchange_ when_ gated When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
- behavior str
= (Optional) The behavior when detecting breaches at time of user login
- allow
Email BooleanChange When Gated When this value is set to true, the user is allowed to change their email address when they are gated because they haven’t verified their email address.
- behavior String
= (Optional) The behavior when detecting breaches at time of user login
FusionAuthTenantEventConfiguration, FusionAuthTenantEventConfigurationArgs
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Event string
The event type
- Transaction
Type string The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Event string
The event type
- Transaction
Type string The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- event String
The event type
- transaction
Type String The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- event string
The event type
- transaction
Type string The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- event str
The event type
- transaction_
type str The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- event String
The event type
- transaction
Type String The transaction type that FusionAuth uses when sending these types of events to any configured Webhooks.
FusionAuthTenantExternalIdentifierConfiguration, FusionAuthTenantExternalIdentifierConfigurationArgs
- int
The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
- Change
Password theogravity.Id Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Change Password Id Generator - Change
Password intId Time To Live In Seconds The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- Device
Code intTime To Live In Seconds The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- Device
User theogravity.Code Id Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Device User Code Id Generator - Email
Verification theogravity.Id Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Email Verification Id Generator - Email
Verification intId Time To Live In Seconds The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
- Email
Verification theogravity.One Time Code Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Email Verification One Time Code Generator - External
Authentication intId Time To Live In Seconds The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- One
Time intPassword Time To Live In Seconds The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
- Passwordless
Login theogravity.Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Passwordless Login Generator - Passwordless
Login intTime To Live In Seconds The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
- Registration
Verification theogravity.Id Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Registration Verification Id Generator - Registration
Verification intId Time To Live In Seconds The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
- Registration
Verification theogravity.One Time Code Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Registration Verification One Time Code Generator - Setup
Password theogravity.Id Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Setup Password Id Generator - Setup
Password intId Time To Live In Seconds The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- Two
Factor intId Time To Live In Seconds The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
- Two
Factor theogravity.One Time Code Id Generator Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration Two Factor One Time Code Id Generator - Two
Factor intTrust Id Time To Live In Seconds The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
- Pending
Account intLink Time To Live In Seconds The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
- Saml
V2Authn intRequest Id Ttl Seconds The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
- Trust
Token intTime To Live In Seconds The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
- int
The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
- Change
Password FusionId Generator Auth Tenant External Identifier Configuration Change Password Id Generator - Change
Password intId Time To Live In Seconds The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- Device
Code intTime To Live In Seconds The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- Device
User FusionCode Id Generator Auth Tenant External Identifier Configuration Device User Code Id Generator - Email
Verification FusionId Generator Auth Tenant External Identifier Configuration Email Verification Id Generator - Email
Verification intId Time To Live In Seconds The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
- Email
Verification FusionOne Time Code Generator Auth Tenant External Identifier Configuration Email Verification One Time Code Generator - External
Authentication intId Time To Live In Seconds The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- One
Time intPassword Time To Live In Seconds The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
- Passwordless
Login FusionGenerator Auth Tenant External Identifier Configuration Passwordless Login Generator - Passwordless
Login intTime To Live In Seconds The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
- Registration
Verification FusionId Generator Auth Tenant External Identifier Configuration Registration Verification Id Generator - Registration
Verification intId Time To Live In Seconds The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
- Registration
Verification FusionOne Time Code Generator Auth Tenant External Identifier Configuration Registration Verification One Time Code Generator - Setup
Password FusionId Generator Auth Tenant External Identifier Configuration Setup Password Id Generator - Setup
Password intId Time To Live In Seconds The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- Two
Factor intId Time To Live In Seconds The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
- Two
Factor FusionOne Time Code Id Generator Auth Tenant External Identifier Configuration Two Factor One Time Code Id Generator - Two
Factor intTrust Id Time To Live In Seconds The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
- Pending
Account intLink Time To Live In Seconds The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
- Saml
V2Authn intRequest Id Ttl Seconds The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
- Trust
Token intTime To Live In Seconds The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
- Integer
The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
- change
Password FusionId Generator Auth Tenant External Identifier Configuration Change Password Id Generator - change
Password IntegerId Time To Live In Seconds The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- device
Code IntegerTime To Live In Seconds The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- device
User FusionCode Id Generator Auth Tenant External Identifier Configuration Device User Code Id Generator - email
Verification FusionId Generator Auth Tenant External Identifier Configuration Email Verification Id Generator - email
Verification IntegerId Time To Live In Seconds The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
- email
Verification FusionOne Time Code Generator Auth Tenant External Identifier Configuration Email Verification One Time Code Generator - external
Authentication IntegerId Time To Live In Seconds The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- one
Time IntegerPassword Time To Live In Seconds The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
- passwordless
Login FusionGenerator Auth Tenant External Identifier Configuration Passwordless Login Generator - passwordless
Login IntegerTime To Live In Seconds The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
- registration
Verification FusionId Generator Auth Tenant External Identifier Configuration Registration Verification Id Generator - registration
Verification IntegerId Time To Live In Seconds The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
- registration
Verification FusionOne Time Code Generator Auth Tenant External Identifier Configuration Registration Verification One Time Code Generator - setup
Password FusionId Generator Auth Tenant External Identifier Configuration Setup Password Id Generator - setup
Password IntegerId Time To Live In Seconds The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- two
Factor IntegerId Time To Live In Seconds The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
- two
Factor FusionOne Time Code Id Generator Auth Tenant External Identifier Configuration Two Factor One Time Code Id Generator - two
Factor IntegerTrust Id Time To Live In Seconds The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
- pending
Account IntegerLink Time To Live In Seconds The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
- saml
V2Authn IntegerRequest Id Ttl Seconds The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
- trust
Token IntegerTime To Live In Seconds The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
- number
The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
- change
Password FusionId Generator Auth Tenant External Identifier Configuration Change Password Id Generator - change
Password numberId Time To Live In Seconds The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- device
Code numberTime To Live In Seconds The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- device
User FusionCode Id Generator Auth Tenant External Identifier Configuration Device User Code Id Generator - email
Verification FusionId Generator Auth Tenant External Identifier Configuration Email Verification Id Generator - email
Verification numberId Time To Live In Seconds The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
- email
Verification FusionOne Time Code Generator Auth Tenant External Identifier Configuration Email Verification One Time Code Generator - external
Authentication numberId Time To Live In Seconds The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- one
Time numberPassword Time To Live In Seconds The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
- passwordless
Login FusionGenerator Auth Tenant External Identifier Configuration Passwordless Login Generator - passwordless
Login numberTime To Live In Seconds The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
- registration
Verification FusionId Generator Auth Tenant External Identifier Configuration Registration Verification Id Generator - registration
Verification numberId Time To Live In Seconds The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
- registration
Verification FusionOne Time Code Generator Auth Tenant External Identifier Configuration Registration Verification One Time Code Generator - setup
Password FusionId Generator Auth Tenant External Identifier Configuration Setup Password Id Generator - setup
Password numberId Time To Live In Seconds The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- two
Factor numberId Time To Live In Seconds The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
- two
Factor FusionOne Time Code Id Generator Auth Tenant External Identifier Configuration Two Factor One Time Code Id Generator - two
Factor numberTrust Id Time To Live In Seconds The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
- pending
Account numberLink Time To Live In Seconds The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
- saml
V2Authn numberRequest Id Ttl Seconds The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
- trust
Token numberTime To Live In Seconds The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
- int
The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
- change_
password_ Fusionid_ generator Auth Tenant External Identifier Configuration Change Password Id Generator - change_
password_ intid_ time_ to_ live_ in_ seconds The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- device_
code_ inttime_ to_ live_ in_ seconds The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- device_
user_ Fusioncode_ id_ generator Auth Tenant External Identifier Configuration Device User Code Id Generator - email_
verification_ Fusionid_ generator Auth Tenant External Identifier Configuration Email Verification Id Generator - email_
verification_ intid_ time_ to_ live_ in_ seconds The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
- email_
verification_ Fusionone_ time_ code_ generator Auth Tenant External Identifier Configuration Email Verification One Time Code Generator - external_
authentication_ intid_ time_ to_ live_ in_ seconds The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- one_
time_ intpassword_ time_ to_ live_ in_ seconds The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
- passwordless_
login_ Fusiongenerator Auth Tenant External Identifier Configuration Passwordless Login Generator - passwordless_
login_ inttime_ to_ live_ in_ seconds The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
- registration_
verification_ Fusionid_ generator Auth Tenant External Identifier Configuration Registration Verification Id Generator - registration_
verification_ intid_ time_ to_ live_ in_ seconds The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
- registration_
verification_ Fusionone_ time_ code_ generator Auth Tenant External Identifier Configuration Registration Verification One Time Code Generator - setup_
password_ Fusionid_ generator Auth Tenant External Identifier Configuration Setup Password Id Generator - setup_
password_ intid_ time_ to_ live_ in_ seconds The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- two_
factor_ intid_ time_ to_ live_ in_ seconds The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
- two_
factor_ Fusionone_ time_ code_ id_ generator Auth Tenant External Identifier Configuration Two Factor One Time Code Id Generator - two_
factor_ inttrust_ id_ time_ to_ live_ in_ seconds The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
- pending_
account_ intlink_ time_ to_ live_ in_ seconds The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
- saml_
v2_ intauthn_ request_ id_ ttl_ seconds The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
- trust_
token_ inttime_ to_ live_ in_ seconds The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
- Number
The time in seconds until a OAuth authorization code in no longer valid to be exchanged for an access token. This is essentially the time allowed between the start of an Authorization request during the Authorization code grant and when you request an access token using this authorization code on the Token endpoint.
- change
Password Property MapId Generator - change
Password NumberId Time To Live In Seconds The time in seconds until a change password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- device
Code NumberTime To Live In Seconds The time in seconds until a device code Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- device
User Property MapCode Id Generator - email
Verification Property MapId Generator - email
Verification NumberId Time To Live In Seconds The time in seconds until a email verification Id is no longer valid and cannot be used by the Verify Email API. Value must be greater than 0.
- email
Verification Property MapOne Time Code Generator - external
Authentication NumberId Time To Live In Seconds The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.
- one
Time NumberPassword Time To Live In Seconds The time in seconds until a One Time Password is no longer valid and cannot be used by the Login API. Value must be greater than 0.
- passwordless
Login Property MapGenerator - passwordless
Login NumberTime To Live In Seconds The time in seconds until a passwordless code is no longer valid and cannot be used by the Passwordless API. Value must be greater than 0.
- registration
Verification Property MapId Generator - registration
Verification NumberId Time To Live In Seconds The time in seconds until a registration verification Id is no longer valid and cannot be used by the Verify Registration API. Value must be greater than 0.
- registration
Verification Property MapOne Time Code Generator - setup
Password Property MapId Generator - setup
Password NumberId Time To Live In Seconds The time in seconds until a setup password Id is no longer valid and cannot be used by the Change Password API. Value must be greater than 0.
- two
Factor NumberId Time To Live In Seconds The time in seconds until a two factor Id is no longer valid and cannot be used by the Two Factor Login API. Value must be greater than 0.
- two
Factor Property MapOne Time Code Id Generator - two
Factor NumberTrust Id Time To Live In Seconds The time in seconds until an issued Two Factor trust Id is no longer valid and the User will be required to complete Two Factor authentication during the next authentication attempt. Value must be greater than 0.
- pending
Account NumberLink Time To Live In Seconds The number of seconds before the pending account link identifier is no longer valid to complete an account link request. Value must be greater than 0.
- saml
V2Authn NumberRequest Id Ttl Seconds The time in seconds that a SAML AuthN request will be eligible for use to authenticate with FusionAuth.
- trust
Token NumberTime To Live In Seconds The number of seconds before the Trust Token is no longer valid to complete a request that requires trust. Value must be greater than 0.
FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGenerator, FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGenerator, FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGenerator, FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGenerator, FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGenerator, FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGenerator, FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGenerator, FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGenerator, FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGenerator, FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
FusionAuthTenantFailedAuthenticationConfiguration, FusionAuthTenantFailedAuthenticationConfigurationArgs
- Action
Duration int The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
- Action
Duration stringUnit The unit of time associated with a duration.
- Reset
Count intIn Seconds The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
- Too
Many intAttempts The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
- User
Action stringId The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
- Action
Duration int The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
- Action
Duration stringUnit The unit of time associated with a duration.
- Reset
Count intIn Seconds The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
- Too
Many intAttempts The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
- User
Action stringId The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
- action
Duration Integer The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
- action
Duration StringUnit The unit of time associated with a duration.
- reset
Count IntegerIn Seconds The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
- too
Many IntegerAttempts The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
- user
Action StringId The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
- action
Duration number The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
- action
Duration stringUnit The unit of time associated with a duration.
- reset
Count numberIn Seconds The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
- too
Many numberAttempts The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
- user
Action stringId The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
- action_
duration int The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
- action_
duration_ strunit The unit of time associated with a duration.
- reset_
count_ intin_ seconds The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
- too_
many_ intattempts The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
- user_
action_ strid The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
- action
Duration Number The duration of the User Action. This value along with the actionDurationUnit will be used to set the duration of the User Action. Value must be greater than 0.
- action
Duration StringUnit The unit of time associated with a duration.
- reset
Count NumberIn Seconds The length of time in seconds before the failed authentication count will be reset. Value must be greater than 0.
- too
Many NumberAttempts The number of failed attempts considered to be too many. Once this threshold is reached the specified User Action will be applied to the user for the duration specified. Value must be greater than 0.
- user
Action StringId The Id of the User Action that is applied when the threshold is reached for too many failed authentication attempts.
FusionAuthTenantFamilyConfiguration, FusionAuthTenantFamilyConfigurationArgs
- Allow
Child boolRegistrations Whether to allow child registrations.
- Confirm
Child stringEmail Template Id The unique Id of the email template to use when confirming a child.
- Delete
Orphaned boolAccounts Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
- Delete
Orphaned intAccounts Days The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Family
Request stringEmail Template Id The unique Id of the email template to use when a family request is made.
- Maximum
Child intAge The maximum age of a child. Value must be greater than 0.
- Minimum
Owner intAge The minimum age to be an owner. Value must be greater than 0.
- Parent
Email boolRequired Whether a parent email is required.
- Parent
Registration stringEmail Template Id The unique Id of the email template to use for parent registration.
- Allow
Child boolRegistrations Whether to allow child registrations.
- Confirm
Child stringEmail Template Id The unique Id of the email template to use when confirming a child.
- Delete
Orphaned boolAccounts Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
- Delete
Orphaned intAccounts Days The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Family
Request stringEmail Template Id The unique Id of the email template to use when a family request is made.
- Maximum
Child intAge The maximum age of a child. Value must be greater than 0.
- Minimum
Owner intAge The minimum age to be an owner. Value must be greater than 0.
- Parent
Email boolRequired Whether a parent email is required.
- Parent
Registration stringEmail Template Id The unique Id of the email template to use for parent registration.
- allow
Child BooleanRegistrations Whether to allow child registrations.
- confirm
Child StringEmail Template Id The unique Id of the email template to use when confirming a child.
- delete
Orphaned BooleanAccounts Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
- delete
Orphaned IntegerAccounts Days The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- family
Request StringEmail Template Id The unique Id of the email template to use when a family request is made.
- maximum
Child IntegerAge The maximum age of a child. Value must be greater than 0.
- minimum
Owner IntegerAge The minimum age to be an owner. Value must be greater than 0.
- parent
Email BooleanRequired Whether a parent email is required.
- parent
Registration StringEmail Template Id The unique Id of the email template to use for parent registration.
- allow
Child booleanRegistrations Whether to allow child registrations.
- confirm
Child stringEmail Template Id The unique Id of the email template to use when confirming a child.
- delete
Orphaned booleanAccounts Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
- delete
Orphaned numberAccounts Days The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- family
Request stringEmail Template Id The unique Id of the email template to use when a family request is made.
- maximum
Child numberAge The maximum age of a child. Value must be greater than 0.
- minimum
Owner numberAge The minimum age to be an owner. Value must be greater than 0.
- parent
Email booleanRequired Whether a parent email is required.
- parent
Registration stringEmail Template Id The unique Id of the email template to use for parent registration.
- allow_
child_ boolregistrations Whether to allow child registrations.
- confirm_
child_ stremail_ template_ id The unique Id of the email template to use when confirming a child.
- delete_
orphaned_ boolaccounts Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
- delete_
orphaned_ intaccounts_ days The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- family_
request_ stremail_ template_ id The unique Id of the email template to use when a family request is made.
- maximum_
child_ intage The maximum age of a child. Value must be greater than 0.
- minimum_
owner_ intage The minimum age to be an owner. Value must be greater than 0.
- parent_
email_ boolrequired Whether a parent email is required.
- parent_
registration_ stremail_ template_ id The unique Id of the email template to use for parent registration.
- allow
Child BooleanRegistrations Whether to allow child registrations.
- confirm
Child StringEmail Template Id The unique Id of the email template to use when confirming a child.
- delete
Orphaned BooleanAccounts Indicates that child users without parental verification will be permanently deleted after tenant.familyConfiguration.deleteOrphanedAccountsDays days.
- delete
Orphaned NumberAccounts Days The number of days from creation child users will be retained before being deleted for not completing parental verification. Value must be greater than 0.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- family
Request StringEmail Template Id The unique Id of the email template to use when a family request is made.
- maximum
Child NumberAge The maximum age of a child. Value must be greater than 0.
- minimum
Owner NumberAge The minimum age to be an owner. Value must be greater than 0.
- parent
Email BooleanRequired Whether a parent email is required.
- parent
Registration StringEmail Template Id The unique Id of the email template to use for parent registration.
FusionAuthTenantFormConfiguration, FusionAuthTenantFormConfigurationArgs
- Admin
User stringForm Id The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
- Admin
User stringForm Id The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
- admin
User StringForm Id The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
- admin
User stringForm Id The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
- admin_
user_ strform_ id The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
- admin
User StringForm Id The unique Id of the form to use for the Add and Edit User form when used in the FusionAuth admin UI.
FusionAuthTenantJwtConfiguration, FusionAuthTenantJwtConfigurationArgs
- Refresh
Token intTime To Live In Minutes The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
- Time
To intLive In Seconds The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
- Access
Token stringKey Id The unique id of the signing key used to sign the access token. Required prior to
1.30.0.- Id
Token stringKey Id The unique id of the signing key used to sign the Id token. Required prior to
1.30.0.- Refresh
Token stringExpiration Policy The refresh token expiration policy.
- Refresh
Token boolRevocation Policy On Login Prevented When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
- Refresh
Token boolRevocation Policy On Password Change When enabled, the refresh token will be revoked when a user changes their password."
- Refresh
Token stringUsage Policy The refresh token usage policy.
- Refresh
Token intTime To Live In Minutes The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
- Time
To intLive In Seconds The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
- Access
Token stringKey Id The unique id of the signing key used to sign the access token. Required prior to
1.30.0.- Id
Token stringKey Id The unique id of the signing key used to sign the Id token. Required prior to
1.30.0.- Refresh
Token stringExpiration Policy The refresh token expiration policy.
- Refresh
Token boolRevocation Policy On Login Prevented When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
- Refresh
Token boolRevocation Policy On Password Change When enabled, the refresh token will be revoked when a user changes their password."
- Refresh
Token stringUsage Policy The refresh token usage policy.
- refresh
Token IntegerTime To Live In Minutes The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
- time
To IntegerLive In Seconds The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
- access
Token StringKey Id The unique id of the signing key used to sign the access token. Required prior to
1.30.0.- id
Token StringKey Id The unique id of the signing key used to sign the Id token. Required prior to
1.30.0.- refresh
Token StringExpiration Policy The refresh token expiration policy.
- refresh
Token BooleanRevocation Policy On Login Prevented When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
- refresh
Token BooleanRevocation Policy On Password Change When enabled, the refresh token will be revoked when a user changes their password."
- refresh
Token StringUsage Policy The refresh token usage policy.
- refresh
Token numberTime To Live In Minutes The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
- time
To numberLive In Seconds The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
- access
Token stringKey Id The unique id of the signing key used to sign the access token. Required prior to
1.30.0.- id
Token stringKey Id The unique id of the signing key used to sign the Id token. Required prior to
1.30.0.- refresh
Token stringExpiration Policy The refresh token expiration policy.
- refresh
Token booleanRevocation Policy On Login Prevented When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
- refresh
Token booleanRevocation Policy On Password Change When enabled, the refresh token will be revoked when a user changes their password."
- refresh
Token stringUsage Policy The refresh token usage policy.
- refresh_
token_ inttime_ to_ live_ in_ minutes The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
- time_
to_ intlive_ in_ seconds The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
- access_
token_ strkey_ id The unique id of the signing key used to sign the access token. Required prior to
1.30.0.- id_
token_ strkey_ id The unique id of the signing key used to sign the Id token. Required prior to
1.30.0.- refresh_
token_ strexpiration_ policy The refresh token expiration policy.
- refresh_
token_ boolrevocation_ policy_ on_ login_ prevented When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
- refresh_
token_ boolrevocation_ policy_ on_ password_ change When enabled, the refresh token will be revoked when a user changes their password."
- refresh_
token_ strusage_ policy The refresh token usage policy.
- refresh
Token NumberTime To Live In Minutes The length of time in minutes a Refresh Token is valid from the time it was issued. Value must be greater than 0.
- time
To NumberLive In Seconds The length of time in seconds this JWT is valid from the time it was issued. Value must be greater than 0.
- access
Token StringKey Id The unique id of the signing key used to sign the access token. Required prior to
1.30.0.- id
Token StringKey Id The unique id of the signing key used to sign the Id token. Required prior to
1.30.0.- refresh
Token StringExpiration Policy The refresh token expiration policy.
- refresh
Token BooleanRevocation Policy On Login Prevented When enabled, the refresh token will be revoked when a user action, such as locking an account based on a number of failed login attempts, prevents user login.
- refresh
Token BooleanRevocation Policy On Password Change When enabled, the refresh token will be revoked when a user changes their password."
- refresh
Token StringUsage Policy The refresh token usage policy.
FusionAuthTenantLoginConfiguration, FusionAuthTenantLoginConfigurationArgs
- Require
Authentication bool Indicates whether to require an API key for the Login API when an
applicationIdis not provided. When anapplicationIdis provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to betrue.
- Require
Authentication bool Indicates whether to require an API key for the Login API when an
applicationIdis not provided. When anapplicationIdis provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to betrue.
- require
Authentication Boolean Indicates whether to require an API key for the Login API when an
applicationIdis not provided. When anapplicationIdis provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to betrue.
- require
Authentication boolean Indicates whether to require an API key for the Login API when an
applicationIdis not provided. When anapplicationIdis provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to betrue.
- require_
authentication bool Indicates whether to require an API key for the Login API when an
applicationIdis not provided. When anapplicationIdis provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to betrue.
- require
Authentication Boolean Indicates whether to require an API key for the Login API when an
applicationIdis not provided. When anapplicationIdis provided to the Login API call, the application configuration will take precedence. In almost all cases, you will want to this to betrue.
FusionAuthTenantMaximumPasswordAge, FusionAuthTenantMaximumPasswordAgeArgs
- Days int
The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Days int
The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- days Integer
The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- days number
The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- days int
The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- days Number
The password maximum age in days. The number of days after which FusionAuth will require a user to change their password. Required when systemConfiguration.maximumPasswordAge.enabled is set to true.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
FusionAuthTenantMinimumPasswordAge, FusionAuthTenantMinimumPasswordAgeArgs
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Seconds int
The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Seconds int
The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- seconds Integer
The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- seconds number
The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- seconds int
The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- seconds Number
The password minimum age in seconds. When enabled FusionAuth will not allow a password to be changed until it reaches this minimum age. Required when systemConfiguration.minimumPasswordAge.enabled is set to true.
FusionAuthTenantMultiFactorConfiguration, FusionAuthTenantMultiFactorConfigurationArgs
- Authenticator
theogravity.
Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration Authenticator - Email
theogravity.
Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration Email - Login
Policy string When set to
Enabledand a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set toDisabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.- Sms
theogravity.
Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration Sms
- Authenticator
Fusion
Auth Tenant Multi Factor Configuration Authenticator - Email
Fusion
Auth Tenant Multi Factor Configuration Email - Login
Policy string When set to
Enabledand a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set toDisabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.- Sms
Fusion
Auth Tenant Multi Factor Configuration Sms
- authenticator
Fusion
Auth Tenant Multi Factor Configuration Authenticator - email
Fusion
Auth Tenant Multi Factor Configuration Email - login
Policy String When set to
Enabledand a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set toDisabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.- sms
Fusion
Auth Tenant Multi Factor Configuration Sms
- authenticator
Fusion
Auth Tenant Multi Factor Configuration Authenticator - email
Fusion
Auth Tenant Multi Factor Configuration Email - login
Policy string When set to
Enabledand a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set toDisabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.- sms
Fusion
Auth Tenant Multi Factor Configuration Sms
- authenticator
Fusion
Auth Tenant Multi Factor Configuration Authenticator - email
Fusion
Auth Tenant Multi Factor Configuration Email - login_
policy str When set to
Enabledand a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set toDisabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.- sms
Fusion
Auth Tenant Multi Factor Configuration Sms
- authenticator Property Map
- email Property Map
- login
Policy String When set to
Enabledand a user has one or more two-factor methods configured, the user will be required to complete a two-factor challenge during login. When set toDisabled, even when a user has configured one or more two-factor methods, the user will not be required to complete a two-factor challenge during login.- sms Property Map
FusionAuthTenantMultiFactorConfigurationAuthenticator, FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
FusionAuthTenantMultiFactorConfigurationEmail, FusionAuthTenantMultiFactorConfigurationEmailArgs
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Template
Id string The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Template
Id string The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- template
Id String The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- template
Id string The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- template_
id str The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- template
Id String The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
FusionAuthTenantMultiFactorConfigurationSms, FusionAuthTenantMultiFactorConfigurationSmsArgs
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Messenger
Id string The messenger that is used to deliver a SMS multi-factor authentication request.
- Template
Id string The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Messenger
Id string The messenger that is used to deliver a SMS multi-factor authentication request.
- Template
Id string The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- messenger
Id String The messenger that is used to deliver a SMS multi-factor authentication request.
- template
Id String The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- messenger
Id string The messenger that is used to deliver a SMS multi-factor authentication request.
- template
Id string The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- messenger_
id str The messenger that is used to deliver a SMS multi-factor authentication request.
- template_
id str The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- messenger
Id String The messenger that is used to deliver a SMS multi-factor authentication request.
- template
Id String The Id of the SMS template that is used when notifying a user to complete a multi-factor authentication request.
FusionAuthTenantOauthConfiguration, FusionAuthTenantOauthConfigurationArgs
- Client
Credentials stringAccess Token Populate Lambda Id The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
- Client
Credentials stringAccess Token Populate Lambda Id The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
- client
Credentials StringAccess Token Populate Lambda Id The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
- client
Credentials stringAccess Token Populate Lambda Id The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
- client_
credentials_ straccess_ token_ populate_ lambda_ id The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
- client
Credentials StringAccess Token Populate Lambda Id The Id of a lambda that will be called to populate the JWT during a client credentials grant. Note: A paid edition of FusionAuth is required to utilize client credentials grant.
FusionAuthTenantPasswordEncryptionConfiguration, FusionAuthTenantPasswordEncryptionConfigurationArgs
- Encryption
Scheme string The default method for encrypting the User’s password.
- Encryption
Scheme intFactor The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
- Modify
Encryption boolScheme On Login When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
- Encryption
Scheme string The default method for encrypting the User’s password.
- Encryption
Scheme intFactor The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
- Modify
Encryption boolScheme On Login When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
- encryption
Scheme String The default method for encrypting the User’s password.
- encryption
Scheme IntegerFactor The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
- modify
Encryption BooleanScheme On Login When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
- encryption
Scheme string The default method for encrypting the User’s password.
- encryption
Scheme numberFactor The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
- modify
Encryption booleanScheme On Login When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
- encryption_
scheme str The default method for encrypting the User’s password.
- encryption_
scheme_ intfactor The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
- modify_
encryption_ boolscheme_ on_ login When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
- encryption
Scheme String The default method for encrypting the User’s password.
- encryption
Scheme NumberFactor The factor used by the password encryption scheme. If not provided, the PasswordEncryptor provides a default value. Generally this will be used as an iteration count to generate the hash. The actual use of this value is up to the PasswordEncryptor implementation.
- modify
Encryption BooleanScheme On Login When enabled a user’s hash configuration will be modified to match these configured settings. This can be useful to increase a password hash strength over time or upgrade imported users to a more secure encryption scheme after an initial import.
FusionAuthTenantPasswordValidationRules, FusionAuthTenantPasswordValidationRulesArgs
- Breach
Detection theogravity.Fusionauth. Inputs. Fusion Auth Tenant Password Validation Rules Breach Detection - Max
Length int The maximum length of a password when a new user is created or a user requests a password change.
- Min
Length int The minimum length of a password when a new user is created or a user requests a password change.
- Remember
Previous theogravity.Passwords Fusionauth. Inputs. Fusion Auth Tenant Password Validation Rules Remember Previous Passwords - Require
Non boolAlpha Whether to force the user to use at least one non-alphanumeric character.
- Require
Number bool Whether to force the user to use at least one number.
- Required
Mixed boolCase Whether to force the user to use at least one uppercase and one lowercase character.
- Validate
On boolLogin When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- Breach
Detection FusionAuth Tenant Password Validation Rules Breach Detection - Max
Length int The maximum length of a password when a new user is created or a user requests a password change.
- Min
Length int The minimum length of a password when a new user is created or a user requests a password change.
- Remember
Previous FusionPasswords Auth Tenant Password Validation Rules Remember Previous Passwords - Require
Non boolAlpha Whether to force the user to use at least one non-alphanumeric character.
- Require
Number bool Whether to force the user to use at least one number.
- Required
Mixed boolCase Whether to force the user to use at least one uppercase and one lowercase character.
- Validate
On boolLogin When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- breach
Detection FusionAuth Tenant Password Validation Rules Breach Detection - max
Length Integer The maximum length of a password when a new user is created or a user requests a password change.
- min
Length Integer The minimum length of a password when a new user is created or a user requests a password change.
- remember
Previous FusionPasswords Auth Tenant Password Validation Rules Remember Previous Passwords - require
Non BooleanAlpha Whether to force the user to use at least one non-alphanumeric character.
- require
Number Boolean Whether to force the user to use at least one number.
- required
Mixed BooleanCase Whether to force the user to use at least one uppercase and one lowercase character.
- validate
On BooleanLogin When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- breach
Detection FusionAuth Tenant Password Validation Rules Breach Detection - max
Length number The maximum length of a password when a new user is created or a user requests a password change.
- min
Length number The minimum length of a password when a new user is created or a user requests a password change.
- remember
Previous FusionPasswords Auth Tenant Password Validation Rules Remember Previous Passwords - require
Non booleanAlpha Whether to force the user to use at least one non-alphanumeric character.
- require
Number boolean Whether to force the user to use at least one number.
- required
Mixed booleanCase Whether to force the user to use at least one uppercase and one lowercase character.
- validate
On booleanLogin When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- breach_
detection FusionAuth Tenant Password Validation Rules Breach Detection - max_
length int The maximum length of a password when a new user is created or a user requests a password change.
- min_
length int The minimum length of a password when a new user is created or a user requests a password change.
- remember_
previous_ Fusionpasswords Auth Tenant Password Validation Rules Remember Previous Passwords - require_
non_ boolalpha Whether to force the user to use at least one non-alphanumeric character.
- require_
number bool Whether to force the user to use at least one number.
- required_
mixed_ boolcase Whether to force the user to use at least one uppercase and one lowercase character.
- validate_
on_ boollogin When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- breach
Detection Property Map - max
Length Number The maximum length of a password when a new user is created or a user requests a password change.
- min
Length Number The minimum length of a password when a new user is created or a user requests a password change.
- remember
Previous Property MapPasswords - require
Non BooleanAlpha Whether to force the user to use at least one non-alphanumeric character.
- require
Number Boolean Whether to force the user to use at least one number.
- required
Mixed BooleanCase Whether to force the user to use at least one uppercase and one lowercase character.
- validate
On BooleanLogin When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
FusionAuthTenantPasswordValidationRulesBreachDetection, FusionAuthTenantPasswordValidationRulesBreachDetectionArgs
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Match
Mode string The level of severity where Reactor will consider a breach.
- Notify
User stringEmail Template Id The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
- On
Login string The behavior when detecting breaches at time of user login
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Match
Mode string The level of severity where Reactor will consider a breach.
- Notify
User stringEmail Template Id The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
- On
Login string The behavior when detecting breaches at time of user login
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- match
Mode String The level of severity where Reactor will consider a breach.
- notify
User StringEmail Template Id The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
- on
Login String The behavior when detecting breaches at time of user login
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- match
Mode string The level of severity where Reactor will consider a breach.
- notify
User stringEmail Template Id The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
- on
Login string The behavior when detecting breaches at time of user login
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- match_
mode str The level of severity where Reactor will consider a breach.
- notify_
user_ stremail_ template_ id The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
- on_
login str The behavior when detecting breaches at time of user login
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- match
Mode String The level of severity where Reactor will consider a breach.
- notify
User StringEmail Template Id The Id of the email template to use when notifying user of breached password. Required if tenant.passwordValidationRules.breachDetection.onLogin is set to NotifyUser.
- on
Login String The behavior when detecting breaches at time of user login
FusionAuthTenantPasswordValidationRulesRememberPreviousPasswords, FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
FusionAuthTenantUserDeletePolicy, FusionAuthTenantUserDeletePolicyArgs
- Unverified
Enabled bool Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- Unverified
Number intOf Days To Retain
- Unverified
Enabled bool Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- Unverified
Number intOf Days To Retain
- unverified
Enabled Boolean Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- unverified
Number IntegerOf Days To Retain
- unverified
Enabled boolean Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- unverified
Number numberOf Days To Retain
- unverified_
enabled bool Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- unverified_
number_ intof_ days_ to_ retain
- unverified
Enabled Boolean Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- unverified
Number NumberOf Days To Retain
FusionAuthTenantUsernameConfiguration, FusionAuthTenantUsernameConfigurationArgs
- Unique
theogravity.
Fusionauth. Inputs. Fusion Auth Tenant Username Configuration Unique Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- Unique
Fusion
Auth Tenant Username Configuration Unique Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- unique
Fusion
Auth Tenant Username Configuration Unique Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- unique
Fusion
Auth Tenant Username Configuration Unique Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- unique
Fusion
Auth Tenant Username Configuration Unique Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
- unique Property Map
Indicates that users without a verified email address will be permanently deleted after tenant.userDeletePolicy.unverified.numberOfDaysToRetain days.
FusionAuthTenantUsernameConfigurationUnique, FusionAuthTenantUsernameConfigurationUniqueArgs
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Number
Of intDigits The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
- Separator string
A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
- Strategy string
When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- Enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- Number
Of intDigits The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
- Separator string
A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
- Strategy string
When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- number
Of IntegerDigits The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
- separator String
A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
- strategy String
When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- enabled boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- number
Of numberDigits The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
- separator string
A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
- strategy string
When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- enabled bool
When true, FusionAuth will handle username collisions by generating a random suffix.
- number_
of_ intdigits The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
- separator str
A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
- strategy str
When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
- enabled Boolean
When true, FusionAuth will handle username collisions by generating a random suffix.
- number
Of NumberDigits The maximum number of digits to use when building a unique suffix for a username. A number will be randomly selected and will be 1 or more digits up to this configured value in length. For example, if this value is 5, the suffix will be a number between 00001 and 99999, inclusive.
- separator String
A single character to use as a separator from the requested username and a unique suffix that is added when a duplicate username is detected. This value can be a single non-alphanumeric ASCII character.
- strategy String
When enabled the user’s password will be validated during login. If the password does not meet the currently configured validation rules the user will be required to change their password.
Package Details
- Repository
- fusionauth theogravity/pulumi-fusionauth
- License
- MIT
- Notes
This Pulumi package is based on the
fusionauthTerraform Provider.