fusionauth.FusionAuthTenant
Explore with Pulumi AI
# Tenant Resource
A FusionAuth Tenant is a named object that represents a discrete namespace for Users, Applications and Groups. A user is unique by email address or username within a tenant.
Tenants may be useful to support a multi-tenant application where you wish to use a single instance of FusionAuth but require the ability to have duplicate users across the tenants in your own application. In this scenario a user may exist multiple times with the same email address and different passwords across tenants.
Tenants may also be useful in a test or staging environment to allow multiple users to call APIs and create and modify users without possibility of collision.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fusionauth from "pulumi-fusionauth";
const example = new fusionauth.FusionAuthTenant("example", {
connectorPolicies: [{
connectorId: "b57b3d0f-f7a4-4831-a838-549717362ea8",
domains: ["*"],
migrate: false,
}],
emailConfiguration: {
forgotPasswordEmailTemplateId: fusionauth_email.ForgotPassword_Example.id,
host: "smtp.sendgrid.net",
password: "password",
passwordlessEmailTemplateId: fusionauth_email.PasswordlessLogin_Example.id,
port: 587,
security: "TLS",
setPasswordEmailTemplateId: fusionauth_email.SetupPassword_Example.id,
username: "username",
verifyEmail: true,
verifyEmailWhenChanged: true,
additionalHeaders: {
HeaderName1: "HeaderValue1",
HeaderName2: "HeaderValue2",
},
},
eventConfigurations: [
{
enabled: false,
event: "jwt.public-key.update",
transactionType: "None",
},
{
enabled: false,
event: "jwt.refresh-token.revoke",
transactionType: "None",
},
{
enabled: false,
event: "jwt.refresh",
transactionType: "None",
},
{
enabled: false,
event: "group.create",
transactionType: "None",
},
{
enabled: false,
event: "group.create.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.delete",
transactionType: "None",
},
{
enabled: false,
event: "group.delete.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.member.add",
transactionType: "None",
},
{
enabled: false,
event: "group.member.add.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.member.remove",
transactionType: "None",
},
{
enabled: false,
event: "group.member.remove.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.member.update",
transactionType: "None",
},
{
enabled: false,
event: "group.member.update.complete",
transactionType: "None",
},
{
enabled: false,
event: "group.update",
transactionType: "None",
},
{
enabled: false,
event: "group.update.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.action",
transactionType: "None",
},
{
event: "user.bulk.create",
enabled: false,
transactionType: "None",
},
{
enabled: false,
event: "user.create",
transactionType: "None",
},
{
enabled: false,
event: "user.create.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.deactivate",
transactionType: "None",
},
{
enabled: false,
event: "user.delete",
transactionType: "None",
},
{
enabled: false,
event: "user.delete.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.email.update",
transactionType: "None",
},
{
enabled: false,
event: "user.email.verified",
transactionType: "None",
},
{
enabled: false,
event: "user.identity-provider.link",
transactionType: "None",
},
{
enabled: false,
event: "user.identity-provider.unlink",
transactionType: "None",
},
{
enabled: false,
event: "user.loginId.duplicate.create",
transactionType: "None",
},
{
enabled: false,
event: "user.loginId.duplicate.update",
transactionType: "None",
},
{
enabled: false,
event: "user.login.failed",
transactionType: "None",
},
{
enabled: false,
event: "user.login.new-device",
transactionType: "None",
},
{
enabled: false,
event: "user.login.success",
transactionType: "None",
},
{
enabled: false,
event: "user.login.suspicious",
transactionType: "None",
},
{
enabled: false,
event: "user.password.breach",
transactionType: "None",
},
{
enabled: false,
event: "user.password.reset.send",
transactionType: "None",
},
{
enabled: false,
event: "user.password.reset.start",
transactionType: "None",
},
{
enabled: false,
event: "user.password.reset.success",
transactionType: "None",
},
{
enabled: false,
event: "user.password.update",
transactionType: "None",
},
{
enabled: false,
event: "user.reactivate",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.create",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.create.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.delete",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.delete.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.update",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.update.complete",
transactionType: "None",
},
{
enabled: false,
event: "user.registration.verified",
transactionType: "None",
},
{
enabled: false,
event: "user.two-factor.method.add",
transactionType: "None",
},
{
enabled: false,
event: "user.two-factor.method.remove",
transactionType: "None",
},
{
enabled: false,
event: "user.update",
transactionType: "None",
},
{
enabled: false,
event: "user.update.complete",
transactionType: "None",
},
],
externalIdentifierConfiguration: {
authorizationGrantIdTimeToLiveInSeconds: 30,
changePasswordIdGenerator: {
length: 32,
type: "randomBytes",
},
changePasswordIdTimeToLiveInSeconds: 600,
deviceCodeTimeToLiveInSeconds: 1800,
deviceUserCodeIdGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
emailVerificationIdGenerator: {
length: 32,
type: "randomBytes",
},
emailVerificationIdTimeToLiveInSeconds: 86400,
emailVerificationOneTimeCodeGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
externalAuthenticationIdTimeToLiveInSeconds: 300,
oneTimePasswordTimeToLiveInSeconds: 60,
passwordlessLoginGenerator: {
length: 32,
type: "randomBytes",
},
passwordlessLoginTimeToLiveInSeconds: 600,
registrationVerificationIdGenerator: {
length: 32,
type: "randomBytes",
},
registrationVerificationIdTimeToLiveInSeconds: 86400,
registrationVerificationOneTimeCodeGenerator: {
length: 6,
type: "randomAlphaNumeric",
},
samlV2AuthnRequestIdTtlSeconds: 300,
setupPasswordIdGenerator: {
length: 32,
type: "randomBytes",
},
setupPasswordIdTimeToLiveInSeconds: 86400,
twoFactorIdTimeToLiveInSeconds: 300,
twoFactorOneTimeCodeIdGenerator: {
length: 6,
type: "randomDigits",
},
twoFactorOneTimeCodeIdTimeToLiveInSeconds: 60,
twoFactorTrustIdTimeToLiveInSeconds: 2592000,
},
failedAuthenticationConfiguration: {
actionDuration: 3,
actionDurationUnit: "MINUTES",
resetCountInSeconds: 60,
tooManyAttempts: 5,
},
familyConfiguration: {
allowChildRegistrations: true,
deleteOrphanedAccounts: false,
deleteOrphanedAccountsDays: 30,
enabled: true,
maximumChildAge: 12,
minimumOwnerAge: 21,
parentEmailRequired: false,
},
formConfiguration: {
adminUserFormId: "e92751a5-25f4-4bca-ad91-66cdf67725d2",
},
httpSessionMaxInactiveInterval: 3600,
issuer: "https://example.com",
jwtConfigurations: [{
accessTokenKeyId: fusionauth_key.accesstoken.id,
idTokenKeyId: fusionauth_key.idtoken.id,
refreshTokenTimeToLiveInMinutes: 43200,
timeToLiveInSeconds: 3600,
}],
loginConfiguration: {
requireAuthentication: true,
},
maximumPasswordAge: {
days: 180,
enabled: false,
},
minimumPasswordAge: {
enabled: false,
seconds: 30,
},
oauthConfigurations: [{
clientCredentialsAccessTokenPopulateLambdaId: fusionauth_lambda.client_jwt_populate.id,
}],
passwordEncryptionConfigurations: [{
encryptionScheme: "salted-pbkdf2-hmac-sha256",
encryptionSchemeFactor: 24000,
modifyEncryptionSchemeOnLogin: false,
}],
passwordValidationRules: {
maxLength: 256,
minLength: 7,
rememberPreviousPasswords: {
count: 1,
enabled: false,
},
requiredMixedCase: false,
requireNonAlpha: false,
requireNumber: false,
validateOnLogin: false,
},
rateLimitConfiguration: {
failedLogin: {
enabled: true,
limit: 5,
timePeriodInSeconds: 60,
},
forgotPassword: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
sendEmailVerification: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
sendPasswordless: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
sendRegistrationVerification: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
sendTwoFactor: {
enabled: false,
limit: 5,
timePeriodInSeconds: 60,
},
},
registrationConfiguration: {
blockedDomains: ["example.com"],
},
captchaConfiguration: {
enabled: true,
captchaMethod: "GoogleRecaptchaV3",
siteKey: "captcha_site_key",
secretKey: "captcha_secret_key",
threshold: 0.5,
},
themeId: fusionauth_theme.example_theme.id,
userDeletePolicy: {
unverifiedEnabled: false,
unverifiedNumberOfDaysToRetain: 30,
},
});
import pulumi
import theogravity_pulumi-fusionauth as fusionauth
example = fusionauth.FusionAuthTenant("example",
connector_policies=[fusionauth.FusionAuthTenantConnectorPolicyArgs(
connector_id="b57b3d0f-f7a4-4831-a838-549717362ea8",
domains=["*"],
migrate=False,
)],
email_configuration=fusionauth.FusionAuthTenantEmailConfigurationArgs(
forgot_password_email_template_id=fusionauth_email["ForgotPassword_Example"]["id"],
host="smtp.sendgrid.net",
password="password",
passwordless_email_template_id=fusionauth_email["PasswordlessLogin_Example"]["id"],
port=587,
security="TLS",
set_password_email_template_id=fusionauth_email["SetupPassword_Example"]["id"],
username="username",
verify_email=True,
verify_email_when_changed=True,
additional_headers={
"HeaderName1": "HeaderValue1",
"HeaderName2": "HeaderValue2",
},
),
event_configurations=[
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="jwt.public-key.update",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="jwt.refresh-token.revoke",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="jwt.refresh",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.create",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.create.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.delete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.delete.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.member.add",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.member.add.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.member.remove",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.member.remove.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.member.update",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.member.update.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.update",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="group.update.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.action",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
event="user.bulk.create",
enabled=False,
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.create",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.create.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.deactivate",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.delete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.delete.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.email.update",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.email.verified",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.identity-provider.link",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.identity-provider.unlink",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.loginId.duplicate.create",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.loginId.duplicate.update",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.login.failed",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.login.new-device",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.login.success",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.login.suspicious",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.password.breach",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.password.reset.send",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.password.reset.start",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.password.reset.success",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.password.update",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.reactivate",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.registration.create",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.registration.create.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.registration.delete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.registration.delete.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.registration.update",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.registration.update.complete",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.registration.verified",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.two-factor.method.add",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.two-factor.method.remove",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.update",
transaction_type="None",
),
fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="user.update.complete",
transaction_type="None",
),
],
external_identifier_configuration=fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs(
authorization_grant_id_time_to_live_in_seconds=30,
change_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs(
length=32,
type="randomBytes",
),
change_password_id_time_to_live_in_seconds=600,
device_code_time_to_live_in_seconds=1800,
device_user_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs(
length=6,
type="randomAlphaNumeric",
),
email_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs(
length=32,
type="randomBytes",
),
email_verification_id_time_to_live_in_seconds=86400,
email_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs(
length=6,
type="randomAlphaNumeric",
),
external_authentication_id_time_to_live_in_seconds=300,
one_time_password_time_to_live_in_seconds=60,
passwordless_login_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs(
length=32,
type="randomBytes",
),
passwordless_login_time_to_live_in_seconds=600,
registration_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs(
length=32,
type="randomBytes",
),
registration_verification_id_time_to_live_in_seconds=86400,
registration_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs(
length=6,
type="randomAlphaNumeric",
),
saml_v2_authn_request_id_ttl_seconds=300,
setup_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs(
length=32,
type="randomBytes",
),
setup_password_id_time_to_live_in_seconds=86400,
two_factor_id_time_to_live_in_seconds=300,
two_factor_one_time_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs(
length=6,
type="randomDigits",
),
two_factor_one_time_code_id_time_to_live_in_seconds=60,
two_factor_trust_id_time_to_live_in_seconds=2592000,
),
failed_authentication_configuration=fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs(
action_duration=3,
action_duration_unit="MINUTES",
reset_count_in_seconds=60,
too_many_attempts=5,
),
family_configuration=fusionauth.FusionAuthTenantFamilyConfigurationArgs(
allow_child_registrations=True,
delete_orphaned_accounts=False,
delete_orphaned_accounts_days=30,
enabled=True,
maximum_child_age=12,
minimum_owner_age=21,
parent_email_required=False,
),
form_configuration=fusionauth.FusionAuthTenantFormConfigurationArgs(
admin_user_form_id="e92751a5-25f4-4bca-ad91-66cdf67725d2",
),
http_session_max_inactive_interval=3600,
issuer="https://example.com",
jwt_configurations=[fusionauth.FusionAuthTenantJwtConfigurationArgs(
access_token_key_id=fusionauth_key["accesstoken"]["id"],
id_token_key_id=fusionauth_key["idtoken"]["id"],
refresh_token_time_to_live_in_minutes=43200,
time_to_live_in_seconds=3600,
)],
login_configuration=fusionauth.FusionAuthTenantLoginConfigurationArgs(
require_authentication=True,
),
maximum_password_age=fusionauth.FusionAuthTenantMaximumPasswordAgeArgs(
days=180,
enabled=False,
),
minimum_password_age=fusionauth.FusionAuthTenantMinimumPasswordAgeArgs(
enabled=False,
seconds=30,
),
oauth_configurations=[fusionauth.FusionAuthTenantOauthConfigurationArgs(
client_credentials_access_token_populate_lambda_id=fusionauth_lambda["client_jwt_populate"]["id"],
)],
password_encryption_configurations=[fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs(
encryption_scheme="salted-pbkdf2-hmac-sha256",
encryption_scheme_factor=24000,
modify_encryption_scheme_on_login=False,
)],
password_validation_rules=fusionauth.FusionAuthTenantPasswordValidationRulesArgs(
max_length=256,
min_length=7,
remember_previous_passwords=fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs(
count=1,
enabled=False,
),
required_mixed_case=False,
require_non_alpha=False,
require_number=False,
validate_on_login=False,
),
rate_limit_configuration=fusionauth.FusionAuthTenantRateLimitConfigurationArgs(
failed_login=fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs(
enabled=True,
limit=5,
time_period_in_seconds=60,
),
forgot_password=fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs(
enabled=False,
limit=5,
time_period_in_seconds=60,
),
send_email_verification=fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs(
enabled=False,
limit=5,
time_period_in_seconds=60,
),
send_passwordless=fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs(
enabled=False,
limit=5,
time_period_in_seconds=60,
),
send_registration_verification=fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs(
enabled=False,
limit=5,
time_period_in_seconds=60,
),
send_two_factor=fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs(
enabled=False,
limit=5,
time_period_in_seconds=60,
),
),
registration_configuration=fusionauth.FusionAuthTenantRegistrationConfigurationArgs(
blocked_domains=["example.com"],
),
captcha_configuration=fusionauth.FusionAuthTenantCaptchaConfigurationArgs(
enabled=True,
captcha_method="GoogleRecaptchaV3",
site_key="captcha_site_key",
secret_key="captcha_secret_key",
threshold=0.5,
),
theme_id=fusionauth_theme["example_theme"]["id"],
user_delete_policy=fusionauth.FusionAuthTenantUserDeletePolicyArgs(
unverified_enabled=False,
unverified_number_of_days_to_retain=30,
))
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/theogravity/pulumi-fusionauth/sdk/go/fusionauth"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := fusionauth.NewFusionAuthTenant(ctx, "example", &fusionauth.FusionAuthTenantArgs{
ConnectorPolicies: fusionauth.FusionAuthTenantConnectorPolicyArray{
&fusionauth.FusionAuthTenantConnectorPolicyArgs{
ConnectorId: pulumi.String("b57b3d0f-f7a4-4831-a838-549717362ea8"),
Domains: pulumi.StringArray{
pulumi.String("*"),
},
Migrate: pulumi.Bool(false),
},
},
EmailConfiguration: &fusionauth.FusionAuthTenantEmailConfigurationArgs{
ForgotPasswordEmailTemplateId: pulumi.Any(fusionauth_email.ForgotPassword_Example.Id),
Host: pulumi.String("smtp.sendgrid.net"),
Password: pulumi.String("password"),
PasswordlessEmailTemplateId: pulumi.Any(fusionauth_email.PasswordlessLogin_Example.Id),
Port: pulumi.Int(587),
Security: pulumi.String("TLS"),
SetPasswordEmailTemplateId: pulumi.Any(fusionauth_email.SetupPassword_Example.Id),
Username: pulumi.String("username"),
VerifyEmail: pulumi.Bool(true),
VerifyEmailWhenChanged: pulumi.Bool(true),
AdditionalHeaders: pulumi.Map{
"HeaderName1": pulumi.Any("HeaderValue1"),
"HeaderName2": pulumi.Any("HeaderValue2"),
},
},
EventConfigurations: fusionauth.FusionAuthTenantEventConfigurationArray{
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("jwt.public-key.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("jwt.refresh-token.revoke"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("jwt.refresh"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.create"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.create.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.delete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.delete.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.add"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.add.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.remove"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.remove.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.member.update.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("group.update.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.action"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Event: pulumi.String("user.bulk.create"),
Enabled: pulumi.Bool(false),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.create"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.create.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.deactivate"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.delete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.delete.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.email.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.email.verified"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.identity-provider.link"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.identity-provider.unlink"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.loginId.duplicate.create"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.loginId.duplicate.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.login.failed"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.login.new-device"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.login.success"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.login.suspicious"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.breach"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.reset.send"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.reset.start"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.reset.success"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.password.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.reactivate"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.create"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.create.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.delete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.delete.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.update.complete"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.registration.verified"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.two-factor.method.add"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.two-factor.method.remove"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.update"),
TransactionType: pulumi.String("None"),
},
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("user.update.complete"),
TransactionType: pulumi.String("None"),
},
},
ExternalIdentifierConfiguration: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs{
AuthorizationGrantIdTimeToLiveInSeconds: pulumi.Int(30),
ChangePasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
ChangePasswordIdTimeToLiveInSeconds: pulumi.Int(600),
DeviceCodeTimeToLiveInSeconds: pulumi.Int(1800),
DeviceUserCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
EmailVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
EmailVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
EmailVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
ExternalAuthenticationIdTimeToLiveInSeconds: pulumi.Int(300),
OneTimePasswordTimeToLiveInSeconds: pulumi.Int(60),
PasswordlessLoginGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
PasswordlessLoginTimeToLiveInSeconds: pulumi.Int(600),
RegistrationVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
RegistrationVerificationIdTimeToLiveInSeconds: pulumi.Int(86400),
RegistrationVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomAlphaNumeric"),
},
SamlV2AuthnRequestIdTtlSeconds: pulumi.Int(300),
SetupPasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs{
Length: pulumi.Int(32),
Type: pulumi.String("randomBytes"),
},
SetupPasswordIdTimeToLiveInSeconds: pulumi.Int(86400),
TwoFactorIdTimeToLiveInSeconds: pulumi.Int(300),
TwoFactorOneTimeCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs{
Length: pulumi.Int(6),
Type: pulumi.String("randomDigits"),
},
TwoFactorOneTimeCodeIdTimeToLiveInSeconds: pulumi.Int(60),
TwoFactorTrustIdTimeToLiveInSeconds: pulumi.Int(2592000),
},
FailedAuthenticationConfiguration: &fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs{
ActionDuration: pulumi.Int(3),
ActionDurationUnit: pulumi.String("MINUTES"),
ResetCountInSeconds: pulumi.Int(60),
TooManyAttempts: pulumi.Int(5),
},
FamilyConfiguration: &fusionauth.FusionAuthTenantFamilyConfigurationArgs{
AllowChildRegistrations: pulumi.Bool(true),
DeleteOrphanedAccounts: pulumi.Bool(false),
DeleteOrphanedAccountsDays: pulumi.Int(30),
Enabled: pulumi.Bool(true),
MaximumChildAge: pulumi.Int(12),
MinimumOwnerAge: pulumi.Int(21),
ParentEmailRequired: pulumi.Bool(false),
},
FormConfiguration: &fusionauth.FusionAuthTenantFormConfigurationArgs{
AdminUserFormId: pulumi.String("e92751a5-25f4-4bca-ad91-66cdf67725d2"),
},
HttpSessionMaxInactiveInterval: pulumi.Int(3600),
Issuer: pulumi.String("https://example.com"),
JwtConfigurations: fusionauth.FusionAuthTenantJwtConfigurationArray{
&fusionauth.FusionAuthTenantJwtConfigurationArgs{
AccessTokenKeyId: pulumi.Any(fusionauth_key.Accesstoken.Id),
IdTokenKeyId: pulumi.Any(fusionauth_key.Idtoken.Id),
RefreshTokenTimeToLiveInMinutes: pulumi.Int(43200),
TimeToLiveInSeconds: pulumi.Int(3600),
},
},
LoginConfiguration: &fusionauth.FusionAuthTenantLoginConfigurationArgs{
RequireAuthentication: pulumi.Bool(true),
},
MaximumPasswordAge: &fusionauth.FusionAuthTenantMaximumPasswordAgeArgs{
Days: pulumi.Int(180),
Enabled: pulumi.Bool(false),
},
MinimumPasswordAge: &fusionauth.FusionAuthTenantMinimumPasswordAgeArgs{
Enabled: pulumi.Bool(false),
Seconds: pulumi.Int(30),
},
OauthConfigurations: fusionauth.FusionAuthTenantOauthConfigurationArray{
&fusionauth.FusionAuthTenantOauthConfigurationArgs{
ClientCredentialsAccessTokenPopulateLambdaId: pulumi.Any(fusionauth_lambda.Client_jwt_populate.Id),
},
},
PasswordEncryptionConfigurations: fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArray{
&fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs{
EncryptionScheme: pulumi.String("salted-pbkdf2-hmac-sha256"),
EncryptionSchemeFactor: pulumi.Int(24000),
ModifyEncryptionSchemeOnLogin: pulumi.Bool(false),
},
},
PasswordValidationRules: &fusionauth.FusionAuthTenantPasswordValidationRulesArgs{
MaxLength: pulumi.Int(256),
MinLength: pulumi.Int(7),
RememberPreviousPasswords: &fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs{
Count: pulumi.Int(1),
Enabled: pulumi.Bool(false),
},
RequiredMixedCase: pulumi.Bool(false),
RequireNonAlpha: pulumi.Bool(false),
RequireNumber: pulumi.Bool(false),
ValidateOnLogin: pulumi.Bool(false),
},
RateLimitConfiguration: &fusionauth.FusionAuthTenantRateLimitConfigurationArgs{
FailedLogin: &fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs{
Enabled: pulumi.Bool(true),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
ForgotPassword: &fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
SendEmailVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
SendPasswordless: &fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
SendRegistrationVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
SendTwoFactor: &fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(5),
TimePeriodInSeconds: pulumi.Int(60),
},
},
RegistrationConfiguration: &fusionauth.FusionAuthTenantRegistrationConfigurationArgs{
BlockedDomains: pulumi.StringArray{
pulumi.String("example.com"),
},
},
CaptchaConfiguration: &fusionauth.FusionAuthTenantCaptchaConfigurationArgs{
Enabled: pulumi.Bool(true),
CaptchaMethod: pulumi.String("GoogleRecaptchaV3"),
SiteKey: pulumi.String("captcha_site_key"),
SecretKey: pulumi.String("captcha_secret_key"),
Threshold: pulumi.Float64(0.5),
},
ThemeId: pulumi.Any(fusionauth_theme.Example_theme.Id),
UserDeletePolicy: &fusionauth.FusionAuthTenantUserDeletePolicyArgs{
UnverifiedEnabled: pulumi.Bool(false),
UnverifiedNumberOfDaysToRetain: pulumi.Int(30),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fusionauth = theogravity.Fusionauth;
return await Deployment.RunAsync(() =>
{
var example = new Fusionauth.FusionAuthTenant("example", new()
{
ConnectorPolicies = new[]
{
new Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs
{
ConnectorId = "b57b3d0f-f7a4-4831-a838-549717362ea8",
Domains = new[]
{
"*",
},
Migrate = false,
},
},
EmailConfiguration = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
{
ForgotPasswordEmailTemplateId = fusionauth_email.ForgotPassword_Example.Id,
Host = "smtp.sendgrid.net",
Password = "password",
PasswordlessEmailTemplateId = fusionauth_email.PasswordlessLogin_Example.Id,
Port = 587,
Security = "TLS",
SetPasswordEmailTemplateId = fusionauth_email.SetupPassword_Example.Id,
Username = "username",
VerifyEmail = true,
VerifyEmailWhenChanged = true,
AdditionalHeaders =
{
{ "HeaderName1", "HeaderValue1" },
{ "HeaderName2", "HeaderValue2" },
},
},
EventConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "jwt.public-key.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "jwt.refresh-token.revoke",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "jwt.refresh",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.create",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.create.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.delete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.delete.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.add",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.add.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.remove",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.remove.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.member.update.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "group.update.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.action",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Event = "user.bulk.create",
Enabled = false,
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.create",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.create.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.deactivate",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.delete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.delete.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.email.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.email.verified",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.identity-provider.link",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.identity-provider.unlink",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.loginId.duplicate.create",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.loginId.duplicate.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.login.failed",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.login.new-device",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.login.success",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.login.suspicious",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.breach",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.reset.send",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.reset.start",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.reset.success",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.password.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.reactivate",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.create",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.create.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.delete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.delete.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.update.complete",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.registration.verified",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.two-factor.method.add",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.two-factor.method.remove",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.update",
TransactionType = "None",
},
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "user.update.complete",
TransactionType = "None",
},
},
ExternalIdentifierConfiguration = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
{
AuthorizationGrantIdTimeToLiveInSeconds = 30,
ChangePasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
ChangePasswordIdTimeToLiveInSeconds = 600,
DeviceCodeTimeToLiveInSeconds = 1800,
DeviceUserCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
EmailVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
EmailVerificationIdTimeToLiveInSeconds = 86400,
EmailVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
ExternalAuthenticationIdTimeToLiveInSeconds = 300,
OneTimePasswordTimeToLiveInSeconds = 60,
PasswordlessLoginGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
PasswordlessLoginTimeToLiveInSeconds = 600,
RegistrationVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
RegistrationVerificationIdTimeToLiveInSeconds = 86400,
RegistrationVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
{
Length = 6,
Type = "randomAlphaNumeric",
},
SamlV2AuthnRequestIdTtlSeconds = 300,
SetupPasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
{
Length = 32,
Type = "randomBytes",
},
SetupPasswordIdTimeToLiveInSeconds = 86400,
TwoFactorIdTimeToLiveInSeconds = 300,
TwoFactorOneTimeCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
{
Length = 6,
Type = "randomDigits",
},
TwoFactorOneTimeCodeIdTimeToLiveInSeconds = 60,
TwoFactorTrustIdTimeToLiveInSeconds = 2592000,
},
FailedAuthenticationConfiguration = new Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
{
ActionDuration = 3,
ActionDurationUnit = "MINUTES",
ResetCountInSeconds = 60,
TooManyAttempts = 5,
},
FamilyConfiguration = new Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
{
AllowChildRegistrations = true,
DeleteOrphanedAccounts = false,
DeleteOrphanedAccountsDays = 30,
Enabled = true,
MaximumChildAge = 12,
MinimumOwnerAge = 21,
ParentEmailRequired = false,
},
FormConfiguration = new Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
{
AdminUserFormId = "e92751a5-25f4-4bca-ad91-66cdf67725d2",
},
HttpSessionMaxInactiveInterval = 3600,
Issuer = "https://example.com",
JwtConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs
{
AccessTokenKeyId = fusionauth_key.Accesstoken.Id,
IdTokenKeyId = fusionauth_key.Idtoken.Id,
RefreshTokenTimeToLiveInMinutes = 43200,
TimeToLiveInSeconds = 3600,
},
},
LoginConfiguration = new Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
{
RequireAuthentication = true,
},
MaximumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
{
Days = 180,
Enabled = false,
},
MinimumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
{
Enabled = false,
Seconds = 30,
},
OauthConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs
{
ClientCredentialsAccessTokenPopulateLambdaId = fusionauth_lambda.Client_jwt_populate.Id,
},
},
PasswordEncryptionConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs
{
EncryptionScheme = "salted-pbkdf2-hmac-sha256",
EncryptionSchemeFactor = 24000,
ModifyEncryptionSchemeOnLogin = false,
},
},
PasswordValidationRules = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
{
MaxLength = 256,
MinLength = 7,
RememberPreviousPasswords = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
{
Count = 1,
Enabled = false,
},
RequiredMixedCase = false,
RequireNonAlpha = false,
RequireNumber = false,
ValidateOnLogin = false,
},
RateLimitConfiguration = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationArgs
{
FailedLogin = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs
{
Enabled = true,
Limit = 5,
TimePeriodInSeconds = 60,
},
ForgotPassword = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
SendEmailVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
SendPasswordless = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
SendRegistrationVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
SendTwoFactor = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs
{
Enabled = false,
Limit = 5,
TimePeriodInSeconds = 60,
},
},
RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthTenantRegistrationConfigurationArgs
{
BlockedDomains = new[]
{
"example.com",
},
},
CaptchaConfiguration = new Fusionauth.Inputs.FusionAuthTenantCaptchaConfigurationArgs
{
Enabled = true,
CaptchaMethod = "GoogleRecaptchaV3",
SiteKey = "captcha_site_key",
SecretKey = "captcha_secret_key",
Threshold = 0.5,
},
ThemeId = fusionauth_theme.Example_theme.Id,
UserDeletePolicy = new Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
{
UnverifiedEnabled = false,
UnverifiedNumberOfDaysToRetain = 30,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fusionauth.FusionAuthTenant;
import com.pulumi.fusionauth.FusionAuthTenantArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantConnectorPolicyArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantEmailConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantEventConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFamilyConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantFormConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantJwtConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantLoginConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantMaximumPasswordAgeArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantMinimumPasswordAgeArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantOauthConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantRegistrationConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantCaptchaConfigurationArgs;
import com.pulumi.fusionauth.inputs.FusionAuthTenantUserDeletePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new FusionAuthTenant("example", FusionAuthTenantArgs.builder()
.connectorPolicies(FusionAuthTenantConnectorPolicyArgs.builder()
.connectorId("b57b3d0f-f7a4-4831-a838-549717362ea8")
.domains("*")
.migrate(false)
.build())
.emailConfiguration(FusionAuthTenantEmailConfigurationArgs.builder()
.forgotPasswordEmailTemplateId(fusionauth_email.ForgotPassword_Example().id())
.host("smtp.sendgrid.net")
.password("password")
.passwordlessEmailTemplateId(fusionauth_email.PasswordlessLogin_Example().id())
.port(587)
.security("TLS")
.setPasswordEmailTemplateId(fusionauth_email.SetupPassword_Example().id())
.username("username")
.verifyEmail(true)
.verifyEmailWhenChanged(true)
.additionalHeaders(Map.ofEntries(
Map.entry("HeaderName1", "HeaderValue1"),
Map.entry("HeaderName2", "HeaderValue2")
))
.build())
.eventConfigurations(
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("jwt.public-key.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("jwt.refresh-token.revoke")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("jwt.refresh")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.create")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.create.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.delete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.delete.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.add")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.add.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.remove")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.remove.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.member.update.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("group.update.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.action")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.event("user.bulk.create")
.enabled(false)
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.create")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.create.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.deactivate")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.delete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.delete.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.email.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.email.verified")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.identity-provider.link")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.identity-provider.unlink")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.loginId.duplicate.create")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.loginId.duplicate.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.login.failed")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.login.new-device")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.login.success")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.login.suspicious")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.breach")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.reset.send")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.reset.start")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.reset.success")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.password.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.reactivate")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.create")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.create.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.delete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.delete.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.update.complete")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.registration.verified")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.two-factor.method.add")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.two-factor.method.remove")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.update")
.transactionType("None")
.build(),
FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("user.update.complete")
.transactionType("None")
.build())
.externalIdentifierConfiguration(FusionAuthTenantExternalIdentifierConfigurationArgs.builder()
.authorizationGrantIdTimeToLiveInSeconds(30)
.changePasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.changePasswordIdTimeToLiveInSeconds(600)
.deviceCodeTimeToLiveInSeconds(1800)
.deviceUserCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.emailVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.emailVerificationIdTimeToLiveInSeconds(86400)
.emailVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.externalAuthenticationIdTimeToLiveInSeconds(300)
.oneTimePasswordTimeToLiveInSeconds(60)
.passwordlessLoginGenerator(FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.passwordlessLoginTimeToLiveInSeconds(600)
.registrationVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.registrationVerificationIdTimeToLiveInSeconds(86400)
.registrationVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs.builder()
.length(6)
.type("randomAlphaNumeric")
.build())
.samlV2AuthnRequestIdTtlSeconds(300)
.setupPasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs.builder()
.length(32)
.type("randomBytes")
.build())
.setupPasswordIdTimeToLiveInSeconds(86400)
.twoFactorIdTimeToLiveInSeconds(300)
.twoFactorOneTimeCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs.builder()
.length(6)
.type("randomDigits")
.build())
.twoFactorOneTimeCodeIdTimeToLiveInSeconds(60)
.twoFactorTrustIdTimeToLiveInSeconds(2592000)
.build())
.failedAuthenticationConfiguration(FusionAuthTenantFailedAuthenticationConfigurationArgs.builder()
.actionDuration(3)
.actionDurationUnit("MINUTES")
.resetCountInSeconds(60)
.tooManyAttempts(5)
.build())
.familyConfiguration(FusionAuthTenantFamilyConfigurationArgs.builder()
.allowChildRegistrations(true)
.deleteOrphanedAccounts(false)
.deleteOrphanedAccountsDays(30)
.enabled(true)
.maximumChildAge(12)
.minimumOwnerAge(21)
.parentEmailRequired(false)
.build())
.formConfiguration(FusionAuthTenantFormConfigurationArgs.builder()
.adminUserFormId("e92751a5-25f4-4bca-ad91-66cdf67725d2")
.build())
.httpSessionMaxInactiveInterval(3600)
.issuer("https://example.com")
.jwtConfigurations(FusionAuthTenantJwtConfigurationArgs.builder()
.accessTokenKeyId(fusionauth_key.accesstoken().id())
.idTokenKeyId(fusionauth_key.idtoken().id())
.refreshTokenTimeToLiveInMinutes(43200)
.timeToLiveInSeconds(3600)
.build())
.loginConfiguration(FusionAuthTenantLoginConfigurationArgs.builder()
.requireAuthentication(true)
.build())
.maximumPasswordAge(FusionAuthTenantMaximumPasswordAgeArgs.builder()
.days(180)
.enabled(false)
.build())
.minimumPasswordAge(FusionAuthTenantMinimumPasswordAgeArgs.builder()
.enabled(false)
.seconds(30)
.build())
.oauthConfigurations(FusionAuthTenantOauthConfigurationArgs.builder()
.clientCredentialsAccessTokenPopulateLambdaId(fusionauth_lambda.client_jwt_populate().id())
.build())
.passwordEncryptionConfigurations(FusionAuthTenantPasswordEncryptionConfigurationArgs.builder()
.encryptionScheme("salted-pbkdf2-hmac-sha256")
.encryptionSchemeFactor(24000)
.modifyEncryptionSchemeOnLogin(false)
.build())
.passwordValidationRules(FusionAuthTenantPasswordValidationRulesArgs.builder()
.maxLength(256)
.minLength(7)
.rememberPreviousPasswords(FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs.builder()
.count(1)
.enabled(false)
.build())
.requiredMixedCase(false)
.requireNonAlpha(false)
.requireNumber(false)
.validateOnLogin(false)
.build())
.rateLimitConfiguration(FusionAuthTenantRateLimitConfigurationArgs.builder()
.failedLogin(FusionAuthTenantRateLimitConfigurationFailedLoginArgs.builder()
.enabled(true)
.limit(5)
.timePeriodInSeconds(60)
.build())
.forgotPassword(FusionAuthTenantRateLimitConfigurationForgotPasswordArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.sendEmailVerification(FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.sendPasswordless(FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.sendRegistrationVerification(FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.sendTwoFactor(FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs.builder()
.enabled(false)
.limit(5)
.timePeriodInSeconds(60)
.build())
.build())
.registrationConfiguration(FusionAuthTenantRegistrationConfigurationArgs.builder()
.blockedDomains("example.com")
.build())
.captchaConfiguration(FusionAuthTenantCaptchaConfigurationArgs.builder()
.enabled(true)
.captchaMethod("GoogleRecaptchaV3")
.siteKey("captcha_site_key")
.secretKey("captcha_secret_key")
.threshold(0.5)
.build())
.themeId(fusionauth_theme.example_theme().id())
.userDeletePolicy(FusionAuthTenantUserDeletePolicyArgs.builder()
.unverifiedEnabled(false)
.unverifiedNumberOfDaysToRetain(30)
.build())
.build());
}
}
resources:
example:
type: fusionauth:FusionAuthTenant
properties:
connectorPolicies:
- connectorId: b57b3d0f-f7a4-4831-a838-549717362ea8
domains:
- '*'
migrate: false
emailConfiguration:
forgotPasswordEmailTemplateId: ${fusionauth_email.ForgotPassword_Example.id}
host: smtp.sendgrid.net
password: password
passwordlessEmailTemplateId: ${fusionauth_email.PasswordlessLogin_Example.id}
port: 587
security: TLS
setPasswordEmailTemplateId: ${fusionauth_email.SetupPassword_Example.id}
username: username
verifyEmail: true
verifyEmailWhenChanged: true
additionalHeaders:
HeaderName1: HeaderValue1
HeaderName2: HeaderValue2
eventConfigurations:
- enabled: false
event: jwt.public-key.update
transactionType: None
- enabled: false
event: jwt.refresh-token.revoke
transactionType: None
- enabled: false
event: jwt.refresh
transactionType: None
- enabled: false
event: group.create
transactionType: None
- enabled: false
event: group.create.complete
transactionType: None
- enabled: false
event: group.delete
transactionType: None
- enabled: false
event: group.delete.complete
transactionType: None
- enabled: false
event: group.member.add
transactionType: None
- enabled: false
event: group.member.add.complete
transactionType: None
- enabled: false
event: group.member.remove
transactionType: None
- enabled: false
event: group.member.remove.complete
transactionType: None
- enabled: false
event: group.member.update
transactionType: None
- enabled: false
event: group.member.update.complete
transactionType: None
- enabled: false
event: group.update
transactionType: None
- enabled: false
event: group.update.complete
transactionType: None
- enabled: false
event: user.action
transactionType: None
- event: user.bulk.create
enabled: false
transactionType: None
- enabled: false
event: user.create
transactionType: None
- enabled: false
event: user.create.complete
transactionType: None
- enabled: false
event: user.deactivate
transactionType: None
- enabled: false
event: user.delete
transactionType: None
- enabled: false
event: user.delete.complete
transactionType: None
- enabled: false
event: user.email.update
transactionType: None
- enabled: false
event: user.email.verified
transactionType: None
- enabled: false
event: user.identity-provider.link
transactionType: None
- enabled: false
event: user.identity-provider.unlink
transactionType: None
- enabled: false
event: user.loginId.duplicate.create
transactionType: None
- enabled: false
event: user.loginId.duplicate.update
transactionType: None
- enabled: false
event: user.login.failed
transactionType: None
- enabled: false
event: user.login.new-device
transactionType: None
- enabled: false
event: user.login.success
transactionType: None
- enabled: false
event: user.login.suspicious
transactionType: None
- enabled: false
event: user.password.breach
transactionType: None
- enabled: false
event: user.password.reset.send
transactionType: None
- enabled: false
event: user.password.reset.start
transactionType: None
- enabled: false
event: user.password.reset.success
transactionType: None
- enabled: false
event: user.password.update
transactionType: None
- enabled: false
event: user.reactivate
transactionType: None
- enabled: false
event: user.registration.create
transactionType: None
- enabled: false
event: user.registration.create.complete
transactionType: None
- enabled: false
event: user.registration.delete
transactionType: None
- enabled: false
event: user.registration.delete.complete
transactionType: None
- enabled: false
event: user.registration.update
transactionType: None
- enabled: false
event: user.registration.update.complete
transactionType: None
- enabled: false
event: user.registration.verified
transactionType: None
- enabled: false
event: user.two-factor.method.add
transactionType: None
- enabled: false
event: user.two-factor.method.remove
transactionType: None
- enabled: false
event: user.update
transactionType: None
- enabled: false
event: user.update.complete
transactionType: None
externalIdentifierConfiguration:
authorizationGrantIdTimeToLiveInSeconds: 30
changePasswordIdGenerator:
length: 32
type: randomBytes
changePasswordIdTimeToLiveInSeconds: 600
deviceCodeTimeToLiveInSeconds: 1800
deviceUserCodeIdGenerator:
length: 6
type: randomAlphaNumeric
emailVerificationIdGenerator:
length: 32
type: randomBytes
emailVerificationIdTimeToLiveInSeconds: 86400
emailVerificationOneTimeCodeGenerator:
length: 6
type: randomAlphaNumeric
externalAuthenticationIdTimeToLiveInSeconds: 300
oneTimePasswordTimeToLiveInSeconds: 60
passwordlessLoginGenerator:
length: 32
type: randomBytes
passwordlessLoginTimeToLiveInSeconds: 600
registrationVerificationIdGenerator:
length: 32
type: randomBytes
registrationVerificationIdTimeToLiveInSeconds: 86400
registrationVerificationOneTimeCodeGenerator:
length: 6
type: randomAlphaNumeric
samlV2AuthnRequestIdTtlSeconds: 300
setupPasswordIdGenerator:
length: 32
type: randomBytes
setupPasswordIdTimeToLiveInSeconds: 86400
twoFactorIdTimeToLiveInSeconds: 300
twoFactorOneTimeCodeIdGenerator:
length: 6
type: randomDigits
twoFactorOneTimeCodeIdTimeToLiveInSeconds: 60
twoFactorTrustIdTimeToLiveInSeconds: 2.592e+06
failedAuthenticationConfiguration:
actionDuration: 3
actionDurationUnit: MINUTES
resetCountInSeconds: 60
tooManyAttempts: 5
familyConfiguration:
allowChildRegistrations: true
deleteOrphanedAccounts: false
deleteOrphanedAccountsDays: 30
enabled: true
maximumChildAge: 12
minimumOwnerAge: 21
parentEmailRequired: false
formConfiguration:
adminUserFormId: e92751a5-25f4-4bca-ad91-66cdf67725d2
httpSessionMaxInactiveInterval: 3600
issuer: https://example.com
jwtConfigurations:
- accessTokenKeyId: ${fusionauth_key.accesstoken.id}
idTokenKeyId: ${fusionauth_key.idtoken.id}
refreshTokenTimeToLiveInMinutes: 43200
timeToLiveInSeconds: 3600
loginConfiguration:
requireAuthentication: true
maximumPasswordAge:
days: 180
enabled: false
minimumPasswordAge:
enabled: false
seconds: 30
oauthConfigurations:
- clientCredentialsAccessTokenPopulateLambdaId: ${fusionauth_lambda.client_jwt_populate.id}
passwordEncryptionConfigurations:
- encryptionScheme: salted-pbkdf2-hmac-sha256
encryptionSchemeFactor: 24000
modifyEncryptionSchemeOnLogin: false
passwordValidationRules:
maxLength: 256
minLength: 7
rememberPreviousPasswords:
count: 1
enabled: false
requiredMixedCase: false
requireNonAlpha: false
requireNumber: false
validateOnLogin: false
rateLimitConfiguration:
failedLogin:
enabled: true
limit: 5
timePeriodInSeconds: 60
forgotPassword:
enabled: false
limit: 5
timePeriodInSeconds: 60
sendEmailVerification:
enabled: false
limit: 5
timePeriodInSeconds: 60
sendPasswordless:
enabled: false
limit: 5
timePeriodInSeconds: 60
sendRegistrationVerification:
enabled: false
limit: 5
timePeriodInSeconds: 60
sendTwoFactor:
enabled: false
limit: 5
timePeriodInSeconds: 60
registrationConfiguration:
blockedDomains:
- example.com
captchaConfiguration:
enabled: true
captchaMethod: GoogleRecaptchaV3
siteKey: captcha_site_key
secretKey: captcha_secret_key
threshold: 0.5
themeId: ${fusionauth_theme.example_theme.id}
userDeletePolicy:
unverifiedEnabled: false
unverifiedNumberOfDaysToRetain: 30
Create FusionAuthTenant Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new FusionAuthTenant(name: string, args: FusionAuthTenantArgs, opts?: CustomResourceOptions);
@overload
def FusionAuthTenant(resource_name: str,
args: FusionAuthTenantArgs,
opts: Optional[ResourceOptions] = None)
@overload
def FusionAuthTenant(resource_name: str,
opts: Optional[ResourceOptions] = None,
external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
theme_id: Optional[str] = None,
jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
issuer: Optional[str] = None,
email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
logout_url: Optional[str] = None,
minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
http_session_max_inactive_interval: Optional[int] = None,
data: Optional[Mapping[str, Any]] = None,
connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
name: Optional[str] = None,
oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
rate_limit_configuration: Optional[FusionAuthTenantRateLimitConfigurationArgs] = None,
registration_configuration: Optional[FusionAuthTenantRegistrationConfigurationArgs] = None,
source_tenant_id: Optional[str] = None,
tenant_id: Optional[str] = None,
captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None)
func NewFusionAuthTenant(ctx *Context, name string, args FusionAuthTenantArgs, opts ...ResourceOption) (*FusionAuthTenant, error)
public FusionAuthTenant(string name, FusionAuthTenantArgs args, CustomResourceOptions? opts = null)
public FusionAuthTenant(String name, FusionAuthTenantArgs args)
public FusionAuthTenant(String name, FusionAuthTenantArgs args, CustomResourceOptions options)
type: fusionauth:FusionAuthTenant
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FusionAuthTenantArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var fusionAuthTenantResource = new Fusionauth.FusionAuthTenant("fusionAuthTenantResource", new()
{
ExternalIdentifierConfiguration = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationArgs
{
SetupPasswordIdTimeToLiveInSeconds = 0,
TwoFactorOneTimeCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs
{
Length = 0,
Type = "string",
},
ChangePasswordIdTimeToLiveInSeconds = 0,
DeviceCodeTimeToLiveInSeconds = 0,
DeviceUserCodeIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs
{
Length = 0,
Type = "string",
},
EmailVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs
{
Length = 0,
Type = "string",
},
EmailVerificationIdTimeToLiveInSeconds = 0,
EmailVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs
{
Length = 0,
Type = "string",
},
ExternalAuthenticationIdTimeToLiveInSeconds = 0,
OneTimePasswordTimeToLiveInSeconds = 0,
TwoFactorTrustIdTimeToLiveInSeconds = 0,
ChangePasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs
{
Length = 0,
Type = "string",
},
RegistrationVerificationIdTimeToLiveInSeconds = 0,
RegistrationVerificationIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs
{
Length = 0,
Type = "string",
},
PasswordlessLoginGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs
{
Length = 0,
Type = "string",
},
RegistrationVerificationOneTimeCodeGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs
{
Length = 0,
Type = "string",
},
PasswordlessLoginTimeToLiveInSeconds = 0,
SetupPasswordIdGenerator = new Fusionauth.Inputs.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs
{
Length = 0,
Type = "string",
},
AuthorizationGrantIdTimeToLiveInSeconds = 0,
TwoFactorIdTimeToLiveInSeconds = 0,
TrustTokenTimeToLiveInSeconds = 0,
SamlV2AuthnRequestIdTtlSeconds = 0,
TwoFactorOneTimeCodeIdTimeToLiveInSeconds = 0,
PendingAccountLinkTimeToLiveInSeconds = 0,
},
ThemeId = "string",
JwtConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantJwtConfigurationArgs
{
RefreshTokenTimeToLiveInMinutes = 0,
TimeToLiveInSeconds = 0,
AccessTokenKeyId = "string",
IdTokenKeyId = "string",
RefreshTokenExpirationPolicy = "string",
RefreshTokenRevocationPolicyOnLoginPrevented = false,
RefreshTokenRevocationPolicyOnPasswordChange = false,
RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes = 0,
RefreshTokenUsagePolicy = "string",
},
},
Issuer = "string",
EmailConfiguration = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationArgs
{
Host = "string",
Port = 0,
PasswordUpdateEmailTemplateId = "string",
EmailVerifiedEmailTemplateId = "string",
PasswordlessEmailTemplateId = "string",
DefaultFromEmail = "string",
DefaultFromName = "string",
ImplicitEmailVerificationAllowed = false,
LoginIdInUseOnCreateEmailTemplateId = "string",
LoginIdInUseOnUpdateEmailTemplateId = "string",
LoginNewDeviceEmailTemplateId = "string",
LoginSuspiciousEmailTemplateId = "string",
Password = "string",
PasswordResetSuccessEmailTemplateId = "string",
VerifyEmailWhenChanged = false,
EmailUpdateEmailTemplateId = "string",
ForgotPasswordEmailTemplateId = "string",
Properties = "string",
Security = "string",
SetPasswordEmailTemplateId = "string",
TwoFactorMethodAddEmailTemplateId = "string",
TwoFactorMethodRemoveEmailTemplateId = "string",
Unverified = new Fusionauth.Inputs.FusionAuthTenantEmailConfigurationUnverifiedArgs
{
AllowEmailChangeWhenGated = false,
Behavior = "string",
},
Username = "string",
VerificationEmailTemplateId = "string",
VerificationStrategy = "string",
VerifyEmail = false,
AdditionalHeaders =
{
{ "string", "any" },
},
},
LogoutUrl = "string",
MinimumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMinimumPasswordAgeArgs
{
Enabled = false,
Seconds = 0,
},
FailedAuthenticationConfiguration = new Fusionauth.Inputs.FusionAuthTenantFailedAuthenticationConfigurationArgs
{
ActionCancelPolicyOnPasswordReset = false,
ActionDuration = 0,
ActionDurationUnit = "string",
EmailUser = false,
ResetCountInSeconds = 0,
TooManyAttempts = 0,
UserActionId = "string",
},
FamilyConfiguration = new Fusionauth.Inputs.FusionAuthTenantFamilyConfigurationArgs
{
AllowChildRegistrations = false,
ConfirmChildEmailTemplateId = "string",
DeleteOrphanedAccounts = false,
DeleteOrphanedAccountsDays = 0,
Enabled = false,
FamilyRequestEmailTemplateId = "string",
MaximumChildAge = 0,
MinimumOwnerAge = 0,
ParentEmailRequired = false,
ParentRegistrationEmailTemplateId = "string",
},
FormConfiguration = new Fusionauth.Inputs.FusionAuthTenantFormConfigurationArgs
{
AdminUserFormId = "string",
},
HttpSessionMaxInactiveInterval = 0,
Data =
{
{ "string", "any" },
},
ConnectorPolicies = new[]
{
new Fusionauth.Inputs.FusionAuthTenantConnectorPolicyArgs
{
ConnectorId = "string",
Domains = new[]
{
"string",
},
Migrate = false,
},
},
LoginConfiguration = new Fusionauth.Inputs.FusionAuthTenantLoginConfigurationArgs
{
RequireAuthentication = false,
},
AccessControlConfiguration = new Fusionauth.Inputs.FusionAuthTenantAccessControlConfigurationArgs
{
UiIpAccessControlListId = "string",
},
MaximumPasswordAge = new Fusionauth.Inputs.FusionAuthTenantMaximumPasswordAgeArgs
{
Days = 0,
Enabled = false,
},
EventConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantEventConfigurationArgs
{
Enabled = false,
Event = "string",
TransactionType = "string",
},
},
MultiFactorConfiguration = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationArgs
{
Authenticator = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs
{
Enabled = false,
},
Email = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationEmailArgs
{
Enabled = false,
TemplateId = "string",
},
LoginPolicy = "string",
Sms = new Fusionauth.Inputs.FusionAuthTenantMultiFactorConfigurationSmsArgs
{
Enabled = false,
MessengerId = "string",
TemplateId = "string",
},
},
Name = "string",
OauthConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantOauthConfigurationArgs
{
ClientCredentialsAccessTokenPopulateLambdaId = "string",
},
},
PasswordEncryptionConfigurations = new[]
{
new Fusionauth.Inputs.FusionAuthTenantPasswordEncryptionConfigurationArgs
{
EncryptionScheme = "string",
EncryptionSchemeFactor = 0,
ModifyEncryptionSchemeOnLogin = false,
},
},
PasswordValidationRules = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesArgs
{
BreachDetection = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesBreachDetectionArgs
{
Enabled = false,
MatchMode = "string",
NotifyUserEmailTemplateId = "string",
OnLogin = "string",
},
MaxLength = 0,
MinLength = 0,
RememberPreviousPasswords = new Fusionauth.Inputs.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs
{
Count = 0,
Enabled = false,
},
RequireNonAlpha = false,
RequireNumber = false,
RequiredMixedCase = false,
ValidateOnLogin = false,
},
RateLimitConfiguration = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationArgs
{
FailedLogin = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationFailedLoginArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
ForgotPassword = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
SendEmailVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
SendPasswordless = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
SendRegistrationVerification = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
SendTwoFactor = new Fusionauth.Inputs.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs
{
Enabled = false,
Limit = 0,
TimePeriodInSeconds = 0,
},
},
RegistrationConfiguration = new Fusionauth.Inputs.FusionAuthTenantRegistrationConfigurationArgs
{
BlockedDomains = new[]
{
"string",
},
},
SourceTenantId = "string",
TenantId = "string",
CaptchaConfiguration = new Fusionauth.Inputs.FusionAuthTenantCaptchaConfigurationArgs
{
CaptchaMethod = "string",
Enabled = false,
SecretKey = "string",
SiteKey = "string",
Threshold = 0,
},
UserDeletePolicy = new Fusionauth.Inputs.FusionAuthTenantUserDeletePolicyArgs
{
UnverifiedEnabled = false,
UnverifiedNumberOfDaysToRetain = 0,
},
UsernameConfiguration = new Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationArgs
{
Unique = new Fusionauth.Inputs.FusionAuthTenantUsernameConfigurationUniqueArgs
{
Enabled = false,
NumberOfDigits = 0,
Separator = "string",
Strategy = "string",
},
},
});
example, err := fusionauth.NewFusionAuthTenant(ctx, "fusionAuthTenantResource", &fusionauth.FusionAuthTenantArgs{
ExternalIdentifierConfiguration: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs{
SetupPasswordIdTimeToLiveInSeconds: pulumi.Int(0),
TwoFactorOneTimeCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
ChangePasswordIdTimeToLiveInSeconds: pulumi.Int(0),
DeviceCodeTimeToLiveInSeconds: pulumi.Int(0),
DeviceUserCodeIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
EmailVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
EmailVerificationIdTimeToLiveInSeconds: pulumi.Int(0),
EmailVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
ExternalAuthenticationIdTimeToLiveInSeconds: pulumi.Int(0),
OneTimePasswordTimeToLiveInSeconds: pulumi.Int(0),
TwoFactorTrustIdTimeToLiveInSeconds: pulumi.Int(0),
ChangePasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
RegistrationVerificationIdTimeToLiveInSeconds: pulumi.Int(0),
RegistrationVerificationIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
PasswordlessLoginGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
RegistrationVerificationOneTimeCodeGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
PasswordlessLoginTimeToLiveInSeconds: pulumi.Int(0),
SetupPasswordIdGenerator: &fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs{
Length: pulumi.Int(0),
Type: pulumi.String("string"),
},
AuthorizationGrantIdTimeToLiveInSeconds: pulumi.Int(0),
TwoFactorIdTimeToLiveInSeconds: pulumi.Int(0),
TrustTokenTimeToLiveInSeconds: pulumi.Int(0),
SamlV2AuthnRequestIdTtlSeconds: pulumi.Int(0),
TwoFactorOneTimeCodeIdTimeToLiveInSeconds: pulumi.Int(0),
PendingAccountLinkTimeToLiveInSeconds: pulumi.Int(0),
},
ThemeId: pulumi.String("string"),
JwtConfigurations: fusionauth.FusionAuthTenantJwtConfigurationArray{
&fusionauth.FusionAuthTenantJwtConfigurationArgs{
RefreshTokenTimeToLiveInMinutes: pulumi.Int(0),
TimeToLiveInSeconds: pulumi.Int(0),
AccessTokenKeyId: pulumi.String("string"),
IdTokenKeyId: pulumi.String("string"),
RefreshTokenExpirationPolicy: pulumi.String("string"),
RefreshTokenRevocationPolicyOnLoginPrevented: pulumi.Bool(false),
RefreshTokenRevocationPolicyOnPasswordChange: pulumi.Bool(false),
RefreshTokenSlidingWindowMaximumTimeToLiveInMinutes: pulumi.Int(0),
RefreshTokenUsagePolicy: pulumi.String("string"),
},
},
Issuer: pulumi.String("string"),
EmailConfiguration: &fusionauth.FusionAuthTenantEmailConfigurationArgs{
Host: pulumi.String("string"),
Port: pulumi.Int(0),
PasswordUpdateEmailTemplateId: pulumi.String("string"),
EmailVerifiedEmailTemplateId: pulumi.String("string"),
PasswordlessEmailTemplateId: pulumi.String("string"),
DefaultFromEmail: pulumi.String("string"),
DefaultFromName: pulumi.String("string"),
ImplicitEmailVerificationAllowed: pulumi.Bool(false),
LoginIdInUseOnCreateEmailTemplateId: pulumi.String("string"),
LoginIdInUseOnUpdateEmailTemplateId: pulumi.String("string"),
LoginNewDeviceEmailTemplateId: pulumi.String("string"),
LoginSuspiciousEmailTemplateId: pulumi.String("string"),
Password: pulumi.String("string"),
PasswordResetSuccessEmailTemplateId: pulumi.String("string"),
VerifyEmailWhenChanged: pulumi.Bool(false),
EmailUpdateEmailTemplateId: pulumi.String("string"),
ForgotPasswordEmailTemplateId: pulumi.String("string"),
Properties: pulumi.String("string"),
Security: pulumi.String("string"),
SetPasswordEmailTemplateId: pulumi.String("string"),
TwoFactorMethodAddEmailTemplateId: pulumi.String("string"),
TwoFactorMethodRemoveEmailTemplateId: pulumi.String("string"),
Unverified: &fusionauth.FusionAuthTenantEmailConfigurationUnverifiedArgs{
AllowEmailChangeWhenGated: pulumi.Bool(false),
Behavior: pulumi.String("string"),
},
Username: pulumi.String("string"),
VerificationEmailTemplateId: pulumi.String("string"),
VerificationStrategy: pulumi.String("string"),
VerifyEmail: pulumi.Bool(false),
AdditionalHeaders: pulumi.Map{
"string": pulumi.Any("any"),
},
},
LogoutUrl: pulumi.String("string"),
MinimumPasswordAge: &fusionauth.FusionAuthTenantMinimumPasswordAgeArgs{
Enabled: pulumi.Bool(false),
Seconds: pulumi.Int(0),
},
FailedAuthenticationConfiguration: &fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs{
ActionCancelPolicyOnPasswordReset: pulumi.Bool(false),
ActionDuration: pulumi.Int(0),
ActionDurationUnit: pulumi.String("string"),
EmailUser: pulumi.Bool(false),
ResetCountInSeconds: pulumi.Int(0),
TooManyAttempts: pulumi.Int(0),
UserActionId: pulumi.String("string"),
},
FamilyConfiguration: &fusionauth.FusionAuthTenantFamilyConfigurationArgs{
AllowChildRegistrations: pulumi.Bool(false),
ConfirmChildEmailTemplateId: pulumi.String("string"),
DeleteOrphanedAccounts: pulumi.Bool(false),
DeleteOrphanedAccountsDays: pulumi.Int(0),
Enabled: pulumi.Bool(false),
FamilyRequestEmailTemplateId: pulumi.String("string"),
MaximumChildAge: pulumi.Int(0),
MinimumOwnerAge: pulumi.Int(0),
ParentEmailRequired: pulumi.Bool(false),
ParentRegistrationEmailTemplateId: pulumi.String("string"),
},
FormConfiguration: &fusionauth.FusionAuthTenantFormConfigurationArgs{
AdminUserFormId: pulumi.String("string"),
},
HttpSessionMaxInactiveInterval: pulumi.Int(0),
Data: pulumi.Map{
"string": pulumi.Any("any"),
},
ConnectorPolicies: fusionauth.FusionAuthTenantConnectorPolicyArray{
&fusionauth.FusionAuthTenantConnectorPolicyArgs{
ConnectorId: pulumi.String("string"),
Domains: pulumi.StringArray{
pulumi.String("string"),
},
Migrate: pulumi.Bool(false),
},
},
LoginConfiguration: &fusionauth.FusionAuthTenantLoginConfigurationArgs{
RequireAuthentication: pulumi.Bool(false),
},
AccessControlConfiguration: &fusionauth.FusionAuthTenantAccessControlConfigurationArgs{
UiIpAccessControlListId: pulumi.String("string"),
},
MaximumPasswordAge: &fusionauth.FusionAuthTenantMaximumPasswordAgeArgs{
Days: pulumi.Int(0),
Enabled: pulumi.Bool(false),
},
EventConfigurations: fusionauth.FusionAuthTenantEventConfigurationArray{
&fusionauth.FusionAuthTenantEventConfigurationArgs{
Enabled: pulumi.Bool(false),
Event: pulumi.String("string"),
TransactionType: pulumi.String("string"),
},
},
MultiFactorConfiguration: &fusionauth.FusionAuthTenantMultiFactorConfigurationArgs{
Authenticator: &fusionauth.FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs{
Enabled: pulumi.Bool(false),
},
Email: &fusionauth.FusionAuthTenantMultiFactorConfigurationEmailArgs{
Enabled: pulumi.Bool(false),
TemplateId: pulumi.String("string"),
},
LoginPolicy: pulumi.String("string"),
Sms: &fusionauth.FusionAuthTenantMultiFactorConfigurationSmsArgs{
Enabled: pulumi.Bool(false),
MessengerId: pulumi.String("string"),
TemplateId: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
OauthConfigurations: fusionauth.FusionAuthTenantOauthConfigurationArray{
&fusionauth.FusionAuthTenantOauthConfigurationArgs{
ClientCredentialsAccessTokenPopulateLambdaId: pulumi.String("string"),
},
},
PasswordEncryptionConfigurations: fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArray{
&fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs{
EncryptionScheme: pulumi.String("string"),
EncryptionSchemeFactor: pulumi.Int(0),
ModifyEncryptionSchemeOnLogin: pulumi.Bool(false),
},
},
PasswordValidationRules: &fusionauth.FusionAuthTenantPasswordValidationRulesArgs{
BreachDetection: &fusionauth.FusionAuthTenantPasswordValidationRulesBreachDetectionArgs{
Enabled: pulumi.Bool(false),
MatchMode: pulumi.String("string"),
NotifyUserEmailTemplateId: pulumi.String("string"),
OnLogin: pulumi.String("string"),
},
MaxLength: pulumi.Int(0),
MinLength: pulumi.Int(0),
RememberPreviousPasswords: &fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs{
Count: pulumi.Int(0),
Enabled: pulumi.Bool(false),
},
RequireNonAlpha: pulumi.Bool(false),
RequireNumber: pulumi.Bool(false),
RequiredMixedCase: pulumi.Bool(false),
ValidateOnLogin: pulumi.Bool(false),
},
RateLimitConfiguration: &fusionauth.FusionAuthTenantRateLimitConfigurationArgs{
FailedLogin: &fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
ForgotPassword: &fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
SendEmailVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
SendPasswordless: &fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
SendRegistrationVerification: &fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
SendTwoFactor: &fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs{
Enabled: pulumi.Bool(false),
Limit: pulumi.Int(0),
TimePeriodInSeconds: pulumi.Int(0),
},
},
RegistrationConfiguration: &fusionauth.FusionAuthTenantRegistrationConfigurationArgs{
BlockedDomains: pulumi.StringArray{
pulumi.String("string"),
},
},
SourceTenantId: pulumi.String("string"),
TenantId: pulumi.String("string"),
CaptchaConfiguration: &fusionauth.FusionAuthTenantCaptchaConfigurationArgs{
CaptchaMethod: pulumi.String("string"),
Enabled: pulumi.Bool(false),
SecretKey: pulumi.String("string"),
SiteKey: pulumi.String("string"),
Threshold: pulumi.Float64(0),
},
UserDeletePolicy: &fusionauth.FusionAuthTenantUserDeletePolicyArgs{
UnverifiedEnabled: pulumi.Bool(false),
UnverifiedNumberOfDaysToRetain: pulumi.Int(0),
},
UsernameConfiguration: &fusionauth.FusionAuthTenantUsernameConfigurationArgs{
Unique: &fusionauth.FusionAuthTenantUsernameConfigurationUniqueArgs{
Enabled: pulumi.Bool(false),
NumberOfDigits: pulumi.Int(0),
Separator: pulumi.String("string"),
Strategy: pulumi.String("string"),
},
},
})
var fusionAuthTenantResource = new FusionAuthTenant("fusionAuthTenantResource", FusionAuthTenantArgs.builder()
.externalIdentifierConfiguration(FusionAuthTenantExternalIdentifierConfigurationArgs.builder()
.setupPasswordIdTimeToLiveInSeconds(0)
.twoFactorOneTimeCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.changePasswordIdTimeToLiveInSeconds(0)
.deviceCodeTimeToLiveInSeconds(0)
.deviceUserCodeIdGenerator(FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.emailVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.emailVerificationIdTimeToLiveInSeconds(0)
.emailVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.externalAuthenticationIdTimeToLiveInSeconds(0)
.oneTimePasswordTimeToLiveInSeconds(0)
.twoFactorTrustIdTimeToLiveInSeconds(0)
.changePasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.registrationVerificationIdTimeToLiveInSeconds(0)
.registrationVerificationIdGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.passwordlessLoginGenerator(FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.registrationVerificationOneTimeCodeGenerator(FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.passwordlessLoginTimeToLiveInSeconds(0)
.setupPasswordIdGenerator(FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs.builder()
.length(0)
.type("string")
.build())
.authorizationGrantIdTimeToLiveInSeconds(0)
.twoFactorIdTimeToLiveInSeconds(0)
.trustTokenTimeToLiveInSeconds(0)
.samlV2AuthnRequestIdTtlSeconds(0)
.twoFactorOneTimeCodeIdTimeToLiveInSeconds(0)
.pendingAccountLinkTimeToLiveInSeconds(0)
.build())
.themeId("string")
.jwtConfigurations(FusionAuthTenantJwtConfigurationArgs.builder()
.refreshTokenTimeToLiveInMinutes(0)
.timeToLiveInSeconds(0)
.accessTokenKeyId("string")
.idTokenKeyId("string")
.refreshTokenExpirationPolicy("string")
.refreshTokenRevocationPolicyOnLoginPrevented(false)
.refreshTokenRevocationPolicyOnPasswordChange(false)
.refreshTokenSlidingWindowMaximumTimeToLiveInMinutes(0)
.refreshTokenUsagePolicy("string")
.build())
.issuer("string")
.emailConfiguration(FusionAuthTenantEmailConfigurationArgs.builder()
.host("string")
.port(0)
.passwordUpdateEmailTemplateId("string")
.emailVerifiedEmailTemplateId("string")
.passwordlessEmailTemplateId("string")
.defaultFromEmail("string")
.defaultFromName("string")
.implicitEmailVerificationAllowed(false)
.loginIdInUseOnCreateEmailTemplateId("string")
.loginIdInUseOnUpdateEmailTemplateId("string")
.loginNewDeviceEmailTemplateId("string")
.loginSuspiciousEmailTemplateId("string")
.password("string")
.passwordResetSuccessEmailTemplateId("string")
.verifyEmailWhenChanged(false)
.emailUpdateEmailTemplateId("string")
.forgotPasswordEmailTemplateId("string")
.properties("string")
.security("string")
.setPasswordEmailTemplateId("string")
.twoFactorMethodAddEmailTemplateId("string")
.twoFactorMethodRemoveEmailTemplateId("string")
.unverified(FusionAuthTenantEmailConfigurationUnverifiedArgs.builder()
.allowEmailChangeWhenGated(false)
.behavior("string")
.build())
.username("string")
.verificationEmailTemplateId("string")
.verificationStrategy("string")
.verifyEmail(false)
.additionalHeaders(Map.of("string", "any"))
.build())
.logoutUrl("string")
.minimumPasswordAge(FusionAuthTenantMinimumPasswordAgeArgs.builder()
.enabled(false)
.seconds(0)
.build())
.failedAuthenticationConfiguration(FusionAuthTenantFailedAuthenticationConfigurationArgs.builder()
.actionCancelPolicyOnPasswordReset(false)
.actionDuration(0)
.actionDurationUnit("string")
.emailUser(false)
.resetCountInSeconds(0)
.tooManyAttempts(0)
.userActionId("string")
.build())
.familyConfiguration(FusionAuthTenantFamilyConfigurationArgs.builder()
.allowChildRegistrations(false)
.confirmChildEmailTemplateId("string")
.deleteOrphanedAccounts(false)
.deleteOrphanedAccountsDays(0)
.enabled(false)
.familyRequestEmailTemplateId("string")
.maximumChildAge(0)
.minimumOwnerAge(0)
.parentEmailRequired(false)
.parentRegistrationEmailTemplateId("string")
.build())
.formConfiguration(FusionAuthTenantFormConfigurationArgs.builder()
.adminUserFormId("string")
.build())
.httpSessionMaxInactiveInterval(0)
.data(Map.of("string", "any"))
.connectorPolicies(FusionAuthTenantConnectorPolicyArgs.builder()
.connectorId("string")
.domains("string")
.migrate(false)
.build())
.loginConfiguration(FusionAuthTenantLoginConfigurationArgs.builder()
.requireAuthentication(false)
.build())
.accessControlConfiguration(FusionAuthTenantAccessControlConfigurationArgs.builder()
.uiIpAccessControlListId("string")
.build())
.maximumPasswordAge(FusionAuthTenantMaximumPasswordAgeArgs.builder()
.days(0)
.enabled(false)
.build())
.eventConfigurations(FusionAuthTenantEventConfigurationArgs.builder()
.enabled(false)
.event("string")
.transactionType("string")
.build())
.multiFactorConfiguration(FusionAuthTenantMultiFactorConfigurationArgs.builder()
.authenticator(FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs.builder()
.enabled(false)
.build())
.email(FusionAuthTenantMultiFactorConfigurationEmailArgs.builder()
.enabled(false)
.templateId("string")
.build())
.loginPolicy("string")
.sms(FusionAuthTenantMultiFactorConfigurationSmsArgs.builder()
.enabled(false)
.messengerId("string")
.templateId("string")
.build())
.build())
.name("string")
.oauthConfigurations(FusionAuthTenantOauthConfigurationArgs.builder()
.clientCredentialsAccessTokenPopulateLambdaId("string")
.build())
.passwordEncryptionConfigurations(FusionAuthTenantPasswordEncryptionConfigurationArgs.builder()
.encryptionScheme("string")
.encryptionSchemeFactor(0)
.modifyEncryptionSchemeOnLogin(false)
.build())
.passwordValidationRules(FusionAuthTenantPasswordValidationRulesArgs.builder()
.breachDetection(FusionAuthTenantPasswordValidationRulesBreachDetectionArgs.builder()
.enabled(false)
.matchMode("string")
.notifyUserEmailTemplateId("string")
.onLogin("string")
.build())
.maxLength(0)
.minLength(0)
.rememberPreviousPasswords(FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs.builder()
.count(0)
.enabled(false)
.build())
.requireNonAlpha(false)
.requireNumber(false)
.requiredMixedCase(false)
.validateOnLogin(false)
.build())
.rateLimitConfiguration(FusionAuthTenantRateLimitConfigurationArgs.builder()
.failedLogin(FusionAuthTenantRateLimitConfigurationFailedLoginArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.forgotPassword(FusionAuthTenantRateLimitConfigurationForgotPasswordArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.sendEmailVerification(FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.sendPasswordless(FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.sendRegistrationVerification(FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.sendTwoFactor(FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs.builder()
.enabled(false)
.limit(0)
.timePeriodInSeconds(0)
.build())
.build())
.registrationConfiguration(FusionAuthTenantRegistrationConfigurationArgs.builder()
.blockedDomains("string")
.build())
.sourceTenantId("string")
.tenantId("string")
.captchaConfiguration(FusionAuthTenantCaptchaConfigurationArgs.builder()
.captchaMethod("string")
.enabled(false)
.secretKey("string")
.siteKey("string")
.threshold(0)
.build())
.userDeletePolicy(FusionAuthTenantUserDeletePolicyArgs.builder()
.unverifiedEnabled(false)
.unverifiedNumberOfDaysToRetain(0)
.build())
.usernameConfiguration(FusionAuthTenantUsernameConfigurationArgs.builder()
.unique(FusionAuthTenantUsernameConfigurationUniqueArgs.builder()
.enabled(false)
.numberOfDigits(0)
.separator("string")
.strategy("string")
.build())
.build())
.build());
fusion_auth_tenant_resource = fusionauth.FusionAuthTenant("fusionAuthTenantResource",
external_identifier_configuration=fusionauth.FusionAuthTenantExternalIdentifierConfigurationArgs(
setup_password_id_time_to_live_in_seconds=0,
two_factor_one_time_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationTwoFactorOneTimeCodeIdGeneratorArgs(
length=0,
type="string",
),
change_password_id_time_to_live_in_seconds=0,
device_code_time_to_live_in_seconds=0,
device_user_code_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationDeviceUserCodeIdGeneratorArgs(
length=0,
type="string",
),
email_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationIdGeneratorArgs(
length=0,
type="string",
),
email_verification_id_time_to_live_in_seconds=0,
email_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationEmailVerificationOneTimeCodeGeneratorArgs(
length=0,
type="string",
),
external_authentication_id_time_to_live_in_seconds=0,
one_time_password_time_to_live_in_seconds=0,
two_factor_trust_id_time_to_live_in_seconds=0,
change_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationChangePasswordIdGeneratorArgs(
length=0,
type="string",
),
registration_verification_id_time_to_live_in_seconds=0,
registration_verification_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationIdGeneratorArgs(
length=0,
type="string",
),
passwordless_login_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationPasswordlessLoginGeneratorArgs(
length=0,
type="string",
),
registration_verification_one_time_code_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationRegistrationVerificationOneTimeCodeGeneratorArgs(
length=0,
type="string",
),
passwordless_login_time_to_live_in_seconds=0,
setup_password_id_generator=fusionauth.FusionAuthTenantExternalIdentifierConfigurationSetupPasswordIdGeneratorArgs(
length=0,
type="string",
),
authorization_grant_id_time_to_live_in_seconds=0,
two_factor_id_time_to_live_in_seconds=0,
trust_token_time_to_live_in_seconds=0,
saml_v2_authn_request_id_ttl_seconds=0,
two_factor_one_time_code_id_time_to_live_in_seconds=0,
pending_account_link_time_to_live_in_seconds=0,
),
theme_id="string",
jwt_configurations=[fusionauth.FusionAuthTenantJwtConfigurationArgs(
refresh_token_time_to_live_in_minutes=0,
time_to_live_in_seconds=0,
access_token_key_id="string",
id_token_key_id="string",
refresh_token_expiration_policy="string",
refresh_token_revocation_policy_on_login_prevented=False,
refresh_token_revocation_policy_on_password_change=False,
refresh_token_sliding_window_maximum_time_to_live_in_minutes=0,
refresh_token_usage_policy="string",
)],
issuer="string",
email_configuration=fusionauth.FusionAuthTenantEmailConfigurationArgs(
host="string",
port=0,
password_update_email_template_id="string",
email_verified_email_template_id="string",
passwordless_email_template_id="string",
default_from_email="string",
default_from_name="string",
implicit_email_verification_allowed=False,
login_id_in_use_on_create_email_template_id="string",
login_id_in_use_on_update_email_template_id="string",
login_new_device_email_template_id="string",
login_suspicious_email_template_id="string",
password="string",
password_reset_success_email_template_id="string",
verify_email_when_changed=False,
email_update_email_template_id="string",
forgot_password_email_template_id="string",
properties="string",
security="string",
set_password_email_template_id="string",
two_factor_method_add_email_template_id="string",
two_factor_method_remove_email_template_id="string",
unverified=fusionauth.FusionAuthTenantEmailConfigurationUnverifiedArgs(
allow_email_change_when_gated=False,
behavior="string",
),
username="string",
verification_email_template_id="string",
verification_strategy="string",
verify_email=False,
additional_headers={
"string": "any",
},
),
logout_url="string",
minimum_password_age=fusionauth.FusionAuthTenantMinimumPasswordAgeArgs(
enabled=False,
seconds=0,
),
failed_authentication_configuration=fusionauth.FusionAuthTenantFailedAuthenticationConfigurationArgs(
action_cancel_policy_on_password_reset=False,
action_duration=0,
action_duration_unit="string",
email_user=False,
reset_count_in_seconds=0,
too_many_attempts=0,
user_action_id="string",
),
family_configuration=fusionauth.FusionAuthTenantFamilyConfigurationArgs(
allow_child_registrations=False,
confirm_child_email_template_id="string",
delete_orphaned_accounts=False,
delete_orphaned_accounts_days=0,
enabled=False,
family_request_email_template_id="string",
maximum_child_age=0,
minimum_owner_age=0,
parent_email_required=False,
parent_registration_email_template_id="string",
),
form_configuration=fusionauth.FusionAuthTenantFormConfigurationArgs(
admin_user_form_id="string",
),
http_session_max_inactive_interval=0,
data={
"string": "any",
},
connector_policies=[fusionauth.FusionAuthTenantConnectorPolicyArgs(
connector_id="string",
domains=["string"],
migrate=False,
)],
login_configuration=fusionauth.FusionAuthTenantLoginConfigurationArgs(
require_authentication=False,
),
access_control_configuration=fusionauth.FusionAuthTenantAccessControlConfigurationArgs(
ui_ip_access_control_list_id="string",
),
maximum_password_age=fusionauth.FusionAuthTenantMaximumPasswordAgeArgs(
days=0,
enabled=False,
),
event_configurations=[fusionauth.FusionAuthTenantEventConfigurationArgs(
enabled=False,
event="string",
transaction_type="string",
)],
multi_factor_configuration=fusionauth.FusionAuthTenantMultiFactorConfigurationArgs(
authenticator=fusionauth.FusionAuthTenantMultiFactorConfigurationAuthenticatorArgs(
enabled=False,
),
email=fusionauth.FusionAuthTenantMultiFactorConfigurationEmailArgs(
enabled=False,
template_id="string",
),
login_policy="string",
sms=fusionauth.FusionAuthTenantMultiFactorConfigurationSmsArgs(
enabled=False,
messenger_id="string",
template_id="string",
),
),
name="string",
oauth_configurations=[fusionauth.FusionAuthTenantOauthConfigurationArgs(
client_credentials_access_token_populate_lambda_id="string",
)],
password_encryption_configurations=[fusionauth.FusionAuthTenantPasswordEncryptionConfigurationArgs(
encryption_scheme="string",
encryption_scheme_factor=0,
modify_encryption_scheme_on_login=False,
)],
password_validation_rules=fusionauth.FusionAuthTenantPasswordValidationRulesArgs(
breach_detection=fusionauth.FusionAuthTenantPasswordValidationRulesBreachDetectionArgs(
enabled=False,
match_mode="string",
notify_user_email_template_id="string",
on_login="string",
),
max_length=0,
min_length=0,
remember_previous_passwords=fusionauth.FusionAuthTenantPasswordValidationRulesRememberPreviousPasswordsArgs(
count=0,
enabled=False,
),
require_non_alpha=False,
require_number=False,
required_mixed_case=False,
validate_on_login=False,
),
rate_limit_configuration=fusionauth.FusionAuthTenantRateLimitConfigurationArgs(
failed_login=fusionauth.FusionAuthTenantRateLimitConfigurationFailedLoginArgs(
enabled=False,
limit=0,
time_period_in_seconds=0,
),
forgot_password=fusionauth.FusionAuthTenantRateLimitConfigurationForgotPasswordArgs(
enabled=False,
limit=0,
time_period_in_seconds=0,
),
send_email_verification=fusionauth.FusionAuthTenantRateLimitConfigurationSendEmailVerificationArgs(
enabled=False,
limit=0,
time_period_in_seconds=0,
),
send_passwordless=fusionauth.FusionAuthTenantRateLimitConfigurationSendPasswordlessArgs(
enabled=False,
limit=0,
time_period_in_seconds=0,
),
send_registration_verification=fusionauth.FusionAuthTenantRateLimitConfigurationSendRegistrationVerificationArgs(
enabled=False,
limit=0,
time_period_in_seconds=0,
),
send_two_factor=fusionauth.FusionAuthTenantRateLimitConfigurationSendTwoFactorArgs(
enabled=False,
limit=0,
time_period_in_seconds=0,
),
),
registration_configuration=fusionauth.FusionAuthTenantRegistrationConfigurationArgs(
blocked_domains=["string"],
),
source_tenant_id="string",
tenant_id="string",
captcha_configuration=fusionauth.FusionAuthTenantCaptchaConfigurationArgs(
captcha_method="string",
enabled=False,
secret_key="string",
site_key="string",
threshold=0,
),
user_delete_policy=fusionauth.FusionAuthTenantUserDeletePolicyArgs(
unverified_enabled=False,
unverified_number_of_days_to_retain=0,
),
username_configuration=fusionauth.FusionAuthTenantUsernameConfigurationArgs(
unique=fusionauth.FusionAuthTenantUsernameConfigurationUniqueArgs(
enabled=False,
number_of_digits=0,
separator="string",
strategy="string",
),
))
const fusionAuthTenantResource = new fusionauth.FusionAuthTenant("fusionAuthTenantResource", {
externalIdentifierConfiguration: {
setupPasswordIdTimeToLiveInSeconds: 0,
twoFactorOneTimeCodeIdGenerator: {
length: 0,
type: "string",
},
changePasswordIdTimeToLiveInSeconds: 0,
deviceCodeTimeToLiveInSeconds: 0,
deviceUserCodeIdGenerator: {
length: 0,
type: "string",
},
emailVerificationIdGenerator: {
length: 0,
type: "string",
},
emailVerificationIdTimeToLiveInSeconds: 0,
emailVerificationOneTimeCodeGenerator: {
length: 0,
type: "string",
},
externalAuthenticationIdTimeToLiveInSeconds: 0,
oneTimePasswordTimeToLiveInSeconds: 0,
twoFactorTrustIdTimeToLiveInSeconds: 0,
changePasswordIdGenerator: {
length: 0,
type: "string",
},
registrationVerificationIdTimeToLiveInSeconds: 0,
registrationVerificationIdGenerator: {
length: 0,
type: "string",
},
passwordlessLoginGenerator: {
length: 0,
type: "string",
},
registrationVerificationOneTimeCodeGenerator: {
length: 0,
type: "string",
},
passwordlessLoginTimeToLiveInSeconds: 0,
setupPasswordIdGenerator: {
length: 0,
type: "string",
},
authorizationGrantIdTimeToLiveInSeconds: 0,
twoFactorIdTimeToLiveInSeconds: 0,
trustTokenTimeToLiveInSeconds: 0,
samlV2AuthnRequestIdTtlSeconds: 0,
twoFactorOneTimeCodeIdTimeToLiveInSeconds: 0,
pendingAccountLinkTimeToLiveInSeconds: 0,
},
themeId: "string",
jwtConfigurations: [{
refreshTokenTimeToLiveInMinutes: 0,
timeToLiveInSeconds: 0,
accessTokenKeyId: "string",
idTokenKeyId: "string",
refreshTokenExpirationPolicy: "string",
refreshTokenRevocationPolicyOnLoginPrevented: false,
refreshTokenRevocationPolicyOnPasswordChange: false,
refreshTokenSlidingWindowMaximumTimeToLiveInMinutes: 0,
refreshTokenUsagePolicy: "string",
}],
issuer: "string",
emailConfiguration: {
host: "string",
port: 0,
passwordUpdateEmailTemplateId: "string",
emailVerifiedEmailTemplateId: "string",
passwordlessEmailTemplateId: "string",
defaultFromEmail: "string",
defaultFromName: "string",
implicitEmailVerificationAllowed: false,
loginIdInUseOnCreateEmailTemplateId: "string",
loginIdInUseOnUpdateEmailTemplateId: "string",
loginNewDeviceEmailTemplateId: "string",
loginSuspiciousEmailTemplateId: "string",
password: "string",
passwordResetSuccessEmailTemplateId: "string",
verifyEmailWhenChanged: false,
emailUpdateEmailTemplateId: "string",
forgotPasswordEmailTemplateId: "string",
properties: "string",
security: "string",
setPasswordEmailTemplateId: "string",
twoFactorMethodAddEmailTemplateId: "string",
twoFactorMethodRemoveEmailTemplateId: "string",
unverified: {
allowEmailChangeWhenGated: false,
behavior: "string",
},
username: "string",
verificationEmailTemplateId: "string",
verificationStrategy: "string",
verifyEmail: false,
additionalHeaders: {
string: "any",
},
},
logoutUrl: "string",
minimumPasswordAge: {
enabled: false,
seconds: 0,
},
failedAuthenticationConfiguration: {
actionCancelPolicyOnPasswordReset: false,
actionDuration: 0,
actionDurationUnit: "string",
emailUser: false,
resetCountInSeconds: 0,
tooManyAttempts: 0,
userActionId: "string",
},
familyConfiguration: {
allowChildRegistrations: false,
confirmChildEmailTemplateId: "string",
deleteOrphanedAccounts: false,
deleteOrphanedAccountsDays: 0,
enabled: false,
familyRequestEmailTemplateId: "string",
maximumChildAge: 0,
minimumOwnerAge: 0,
parentEmailRequired: false,
parentRegistrationEmailTemplateId: "string",
},
formConfiguration: {
adminUserFormId: "string",
},
httpSessionMaxInactiveInterval: 0,
data: {
string: "any",
},
connectorPolicies: [{
connectorId: "string",
domains: ["string"],
migrate: false,
}],
loginConfiguration: {
requireAuthentication: false,
},
accessControlConfiguration: {
uiIpAccessControlListId: "string",
},
maximumPasswordAge: {
days: 0,
enabled: false,
},
eventConfigurations: [{
enabled: false,
event: "string",
transactionType: "string",
}],
multiFactorConfiguration: {
authenticator: {
enabled: false,
},
email: {
enabled: false,
templateId: "string",
},
loginPolicy: "string",
sms: {
enabled: false,
messengerId: "string",
templateId: "string",
},
},
name: "string",
oauthConfigurations: [{
clientCredentialsAccessTokenPopulateLambdaId: "string",
}],
passwordEncryptionConfigurations: [{
encryptionScheme: "string",
encryptionSchemeFactor: 0,
modifyEncryptionSchemeOnLogin: false,
}],
passwordValidationRules: {
breachDetection: {
enabled: false,
matchMode: "string",
notifyUserEmailTemplateId: "string",
onLogin: "string",
},
maxLength: 0,
minLength: 0,
rememberPreviousPasswords: {
count: 0,
enabled: false,
},
requireNonAlpha: false,
requireNumber: false,
requiredMixedCase: false,
validateOnLogin: false,
},
rateLimitConfiguration: {
failedLogin: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
forgotPassword: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
sendEmailVerification: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
sendPasswordless: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
sendRegistrationVerification: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
sendTwoFactor: {
enabled: false,
limit: 0,
timePeriodInSeconds: 0,
},
},
registrationConfiguration: {
blockedDomains: ["string"],
},
sourceTenantId: "string",
tenantId: "string",
captchaConfiguration: {
captchaMethod: "string",
enabled: false,
secretKey: "string",
siteKey: "string",
threshold: 0,
},
userDeletePolicy: {
unverifiedEnabled: false,
unverifiedNumberOfDaysToRetain: 0,
},
usernameConfiguration: {
unique: {
enabled: false,
numberOfDigits: 0,
separator: "string",
strategy: "string",
},
},
});
type: fusionauth:FusionAuthTenant
properties:
accessControlConfiguration:
uiIpAccessControlListId: string
captchaConfiguration:
captchaMethod: string
enabled: false
secretKey: string
siteKey: string
threshold: 0
connectorPolicies:
- connectorId: string
domains:
- string
migrate: false
data:
string: any
emailConfiguration:
additionalHeaders:
string: any
defaultFromEmail: string
defaultFromName: string
emailUpdateEmailTemplateId: string
emailVerifiedEmailTemplateId: string
forgotPasswordEmailTemplateId: string
host: string
implicitEmailVerificationAllowed: false
loginIdInUseOnCreateEmailTemplateId: string
loginIdInUseOnUpdateEmailTemplateId: string
loginNewDeviceEmailTemplateId: string
loginSuspiciousEmailTemplateId: string
password: string
passwordResetSuccessEmailTemplateId: string
passwordUpdateEmailTemplateId: string
passwordlessEmailTemplateId: string
port: 0
properties: string
security: string
setPasswordEmailTemplateId: string
twoFactorMethodAddEmailTemplateId: string
twoFactorMethodRemoveEmailTemplateId: string
unverified:
allowEmailChangeWhenGated: false
behavior: string
username: string
verificationEmailTemplateId: string
verificationStrategy: string
verifyEmail: false
verifyEmailWhenChanged: false
eventConfigurations:
- enabled: false
event: string
transactionType: string
externalIdentifierConfiguration:
authorizationGrantIdTimeToLiveInSeconds: 0
changePasswordIdGenerator:
length: 0
type: string
changePasswordIdTimeToLiveInSeconds: 0
deviceCodeTimeToLiveInSeconds: 0
deviceUserCodeIdGenerator:
length: 0
type: string
emailVerificationIdGenerator:
length: 0
type: string
emailVerificationIdTimeToLiveInSeconds: 0
emailVerificationOneTimeCodeGenerator:
length: 0
type: string
externalAuthenticationIdTimeToLiveInSeconds: 0
oneTimePasswordTimeToLiveInSeconds: 0
passwordlessLoginGenerator:
length: 0
type: string
passwordlessLoginTimeToLiveInSeconds: 0
pendingAccountLinkTimeToLiveInSeconds: 0
registrationVerificationIdGenerator:
length: 0
type: string
registrationVerificationIdTimeToLiveInSeconds: 0
registrationVerificationOneTimeCodeGenerator:
length: 0
type: string
samlV2AuthnRequestIdTtlSeconds: 0
setupPasswordIdGenerator:
length: 0
type: string
setupPasswordIdTimeToLiveInSeconds: 0
trustTokenTimeToLiveInSeconds: 0
twoFactorIdTimeToLiveInSeconds: 0
twoFactorOneTimeCodeIdGenerator:
length: 0
type: string
twoFactorOneTimeCodeIdTimeToLiveInSeconds: 0
twoFactorTrustIdTimeToLiveInSeconds: 0
failedAuthenticationConfiguration:
actionCancelPolicyOnPasswordReset: false
actionDuration: 0
actionDurationUnit: string
emailUser: false
resetCountInSeconds: 0
tooManyAttempts: 0
userActionId: string
familyConfiguration:
allowChildRegistrations: false
confirmChildEmailTemplateId: string
deleteOrphanedAccounts: false
deleteOrphanedAccountsDays: 0
enabled: false
familyRequestEmailTemplateId: string
maximumChildAge: 0
minimumOwnerAge: 0
parentEmailRequired: false
parentRegistrationEmailTemplateId: string
formConfiguration:
adminUserFormId: string
httpSessionMaxInactiveInterval: 0
issuer: string
jwtConfigurations:
- accessTokenKeyId: string
idTokenKeyId: string
refreshTokenExpirationPolicy: string
refreshTokenRevocationPolicyOnLoginPrevented: false
refreshTokenRevocationPolicyOnPasswordChange: false
refreshTokenSlidingWindowMaximumTimeToLiveInMinutes: 0
refreshTokenTimeToLiveInMinutes: 0
refreshTokenUsagePolicy: string
timeToLiveInSeconds: 0
loginConfiguration:
requireAuthentication: false
logoutUrl: string
maximumPasswordAge:
days: 0
enabled: false
minimumPasswordAge:
enabled: false
seconds: 0
multiFactorConfiguration:
authenticator:
enabled: false
email:
enabled: false
templateId: string
loginPolicy: string
sms:
enabled: false
messengerId: string
templateId: string
name: string
oauthConfigurations:
- clientCredentialsAccessTokenPopulateLambdaId: string
passwordEncryptionConfigurations:
- encryptionScheme: string
encryptionSchemeFactor: 0
modifyEncryptionSchemeOnLogin: false
passwordValidationRules:
breachDetection:
enabled: false
matchMode: string
notifyUserEmailTemplateId: string
onLogin: string
maxLength: 0
minLength: 0
rememberPreviousPasswords:
count: 0
enabled: false
requireNonAlpha: false
requireNumber: false
requiredMixedCase: false
validateOnLogin: false
rateLimitConfiguration:
failedLogin:
enabled: false
limit: 0
timePeriodInSeconds: 0
forgotPassword:
enabled: false
limit: 0
timePeriodInSeconds: 0
sendEmailVerification:
enabled: false
limit: 0
timePeriodInSeconds: 0
sendPasswordless:
enabled: false
limit: 0
timePeriodInSeconds: 0
sendRegistrationVerification:
enabled: false
limit: 0
timePeriodInSeconds: 0
sendTwoFactor:
enabled: false
limit: 0
timePeriodInSeconds: 0
registrationConfiguration:
blockedDomains:
- string
sourceTenantId: string
tenantId: string
themeId: string
userDeletePolicy:
unverifiedEnabled: false
unverifiedNumberOfDaysToRetain: 0
usernameConfiguration:
unique:
enabled: false
numberOfDigits: 0
separator: string
strategy: string
FusionAuthTenant Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The FusionAuthTenant resource accepts the following input properties:
- Email
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Email Configuration - External
Identifier theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration - Issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Jwt Configuration> - Theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- Access
Control theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Access Control Configuration - Captcha
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Captcha Configuration - Connector
Policies List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Connector Policy> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data Dictionary<string, object>
- An object that can hold any information about the Tenant that should be persisted.
- Event
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Event Configuration> - Failed
Authentication theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Failed Authentication Configuration - Family
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Family Configuration - Form
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Form Configuration - Http
Session intMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Login
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Login Configuration - Logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Maximum Password Age - Minimum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Minimum Password Age - Multi
Factor theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration - Name string
- The unique name of the Tenant.
- Oauth
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Oauth Configuration> - Password
Encryption List<theogravity.Configurations Fusionauth. Inputs. Fusion Auth Tenant Password Encryption Configuration> - Password
Validation theogravity.Rules Fusionauth. Inputs. Fusion Auth Tenant Password Validation Rules - Rate
Limit theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Rate Limit Configuration - Registration
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Registration Configuration - Source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- User
Delete theogravity.Policy Fusionauth. Inputs. Fusion Auth Tenant User Delete Policy - Username
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Username Configuration
- Email
Configuration FusionAuth Tenant Email Configuration Args - External
Identifier FusionConfiguration Auth Tenant External Identifier Configuration Args - Issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations []FusionAuth Tenant Jwt Configuration Args - Theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- Access
Control FusionConfiguration Auth Tenant Access Control Configuration Args - Captcha
Configuration FusionAuth Tenant Captcha Configuration Args - Connector
Policies []FusionAuth Tenant Connector Policy Args - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data map[string]interface{}
- An object that can hold any information about the Tenant that should be persisted.
- Event
Configurations []FusionAuth Tenant Event Configuration Args - Failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration Args - Family
Configuration FusionAuth Tenant Family Configuration Args - Form
Configuration FusionAuth Tenant Form Configuration Args - Http
Session intMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Login
Configuration FusionAuth Tenant Login Configuration Args - Logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password FusionAge Auth Tenant Maximum Password Age Args - Minimum
Password FusionAge Auth Tenant Minimum Password Age Args - Multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration Args - Name string
- The unique name of the Tenant.
- Oauth
Configurations []FusionAuth Tenant Oauth Configuration Args - Password
Encryption []FusionConfigurations Auth Tenant Password Encryption Configuration Args - Password
Validation FusionRules Auth Tenant Password Validation Rules Args - Rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration Args - Registration
Configuration FusionAuth Tenant Registration Configuration Args - Source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- User
Delete FusionPolicy Auth Tenant User Delete Policy Args - Username
Configuration FusionAuth Tenant Username Configuration Args
- email
Configuration FusionAuth Tenant Email Configuration - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - issuer String
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<FusionAuth Tenant Jwt Configuration> - theme
Id String - The unique Id of the theme to be used to style the login page and other end user templates.
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies List<FusionAuth Tenant Connector Policy> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<String,Object>
- An object that can hold any information about the Tenant that should be persisted.
- event
Configurations List<FusionAuth Tenant Event Configuration> - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session IntegerMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- login
Configuration FusionAuth Tenant Login Configuration - logout
Url String - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name String
- The unique name of the Tenant.
- oauth
Configurations List<FusionAuth Tenant Oauth Configuration> - password
Encryption List<FusionConfigurations Auth Tenant Password Encryption Configuration> - password
Validation FusionRules Auth Tenant Password Validation Rules - rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration - registration
Configuration FusionAuth Tenant Registration Configuration - source
Tenant StringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id String - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration
- email
Configuration FusionAuth Tenant Email Configuration - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations FusionAuth Tenant Jwt Configuration[] - theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies FusionAuth Tenant Connector Policy[] - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data {[key: string]: any}
- An object that can hold any information about the Tenant that should be persisted.
- event
Configurations FusionAuth Tenant Event Configuration[] - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session numberMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- login
Configuration FusionAuth Tenant Login Configuration - logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name string
- The unique name of the Tenant.
- oauth
Configurations FusionAuth Tenant Oauth Configuration[] - password
Encryption FusionConfigurations Auth Tenant Password Encryption Configuration[] - password
Validation FusionRules Auth Tenant Password Validation Rules - rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration - registration
Configuration FusionAuth Tenant Registration Configuration - source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration
- email_
configuration FusionAuth Tenant Email Configuration Args - external_
identifier_ Fusionconfiguration Auth Tenant External Identifier Configuration Args - issuer str
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt_
configurations Sequence[FusionAuth Tenant Jwt Configuration Args] - theme_
id str - The unique Id of the theme to be used to style the login page and other end user templates.
- access_
control_ Fusionconfiguration Auth Tenant Access Control Configuration Args - captcha_
configuration FusionAuth Tenant Captcha Configuration Args - connector_
policies Sequence[FusionAuth Tenant Connector Policy Args] - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Mapping[str, Any]
- An object that can hold any information about the Tenant that should be persisted.
- event_
configurations Sequence[FusionAuth Tenant Event Configuration Args] - failed_
authentication_ Fusionconfiguration Auth Tenant Failed Authentication Configuration Args - family_
configuration FusionAuth Tenant Family Configuration Args - form_
configuration FusionAuth Tenant Form Configuration Args - http_
session_ intmax_ inactive_ interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- login_
configuration FusionAuth Tenant Login Configuration Args - logout_
url str - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum_
password_ Fusionage Auth Tenant Maximum Password Age Args - minimum_
password_ Fusionage Auth Tenant Minimum Password Age Args - multi_
factor_ Fusionconfiguration Auth Tenant Multi Factor Configuration Args - name str
- The unique name of the Tenant.
- oauth_
configurations Sequence[FusionAuth Tenant Oauth Configuration Args] - password_
encryption_ Sequence[Fusionconfigurations Auth Tenant Password Encryption Configuration Args] - password_
validation_ Fusionrules Auth Tenant Password Validation Rules Args - rate_
limit_ Fusionconfiguration Auth Tenant Rate Limit Configuration Args - registration_
configuration FusionAuth Tenant Registration Configuration Args - source_
tenant_ strid - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant_
id str - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- user_
delete_ Fusionpolicy Auth Tenant User Delete Policy Args - username_
configuration FusionAuth Tenant Username Configuration Args
- email
Configuration Property Map - external
Identifier Property MapConfiguration - issuer String
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<Property Map> - theme
Id String - The unique Id of the theme to be used to style the login page and other end user templates.
- access
Control Property MapConfiguration - captcha
Configuration Property Map - connector
Policies List<Property Map> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<Any>
- An object that can hold any information about the Tenant that should be persisted.
- event
Configurations List<Property Map> - failed
Authentication Property MapConfiguration - family
Configuration Property Map - form
Configuration Property Map - http
Session NumberMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- login
Configuration Property Map - logout
Url String - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password Property MapAge - minimum
Password Property MapAge - multi
Factor Property MapConfiguration - name String
- The unique name of the Tenant.
- oauth
Configurations List<Property Map> - password
Encryption List<Property Map>Configurations - password
Validation Property MapRules - rate
Limit Property MapConfiguration - registration
Configuration Property Map - source
Tenant StringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id String - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- user
Delete Property MapPolicy - username
Configuration Property Map
Outputs
All input properties are implicitly available as output properties. Additionally, the FusionAuthTenant resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing FusionAuthTenant Resource
Get an existing FusionAuthTenant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FusionAuthTenantState, opts?: CustomResourceOptions): FusionAuthTenant
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
access_control_configuration: Optional[FusionAuthTenantAccessControlConfigurationArgs] = None,
captcha_configuration: Optional[FusionAuthTenantCaptchaConfigurationArgs] = None,
connector_policies: Optional[Sequence[FusionAuthTenantConnectorPolicyArgs]] = None,
data: Optional[Mapping[str, Any]] = None,
email_configuration: Optional[FusionAuthTenantEmailConfigurationArgs] = None,
event_configurations: Optional[Sequence[FusionAuthTenantEventConfigurationArgs]] = None,
external_identifier_configuration: Optional[FusionAuthTenantExternalIdentifierConfigurationArgs] = None,
failed_authentication_configuration: Optional[FusionAuthTenantFailedAuthenticationConfigurationArgs] = None,
family_configuration: Optional[FusionAuthTenantFamilyConfigurationArgs] = None,
form_configuration: Optional[FusionAuthTenantFormConfigurationArgs] = None,
http_session_max_inactive_interval: Optional[int] = None,
issuer: Optional[str] = None,
jwt_configurations: Optional[Sequence[FusionAuthTenantJwtConfigurationArgs]] = None,
login_configuration: Optional[FusionAuthTenantLoginConfigurationArgs] = None,
logout_url: Optional[str] = None,
maximum_password_age: Optional[FusionAuthTenantMaximumPasswordAgeArgs] = None,
minimum_password_age: Optional[FusionAuthTenantMinimumPasswordAgeArgs] = None,
multi_factor_configuration: Optional[FusionAuthTenantMultiFactorConfigurationArgs] = None,
name: Optional[str] = None,
oauth_configurations: Optional[Sequence[FusionAuthTenantOauthConfigurationArgs]] = None,
password_encryption_configurations: Optional[Sequence[FusionAuthTenantPasswordEncryptionConfigurationArgs]] = None,
password_validation_rules: Optional[FusionAuthTenantPasswordValidationRulesArgs] = None,
rate_limit_configuration: Optional[FusionAuthTenantRateLimitConfigurationArgs] = None,
registration_configuration: Optional[FusionAuthTenantRegistrationConfigurationArgs] = None,
source_tenant_id: Optional[str] = None,
tenant_id: Optional[str] = None,
theme_id: Optional[str] = None,
user_delete_policy: Optional[FusionAuthTenantUserDeletePolicyArgs] = None,
username_configuration: Optional[FusionAuthTenantUsernameConfigurationArgs] = None) -> FusionAuthTenant
func GetFusionAuthTenant(ctx *Context, name string, id IDInput, state *FusionAuthTenantState, opts ...ResourceOption) (*FusionAuthTenant, error)
public static FusionAuthTenant Get(string name, Input<string> id, FusionAuthTenantState? state, CustomResourceOptions? opts = null)
public static FusionAuthTenant get(String name, Output<String> id, FusionAuthTenantState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Access
Control theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Access Control Configuration - Captcha
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Captcha Configuration - Connector
Policies List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Connector Policy> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data Dictionary<string, object>
- An object that can hold any information about the Tenant that should be persisted.
- Email
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Email Configuration - Event
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Event Configuration> - External
Identifier theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant External Identifier Configuration - Failed
Authentication theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Failed Authentication Configuration - Family
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Family Configuration - Form
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Form Configuration - Http
Session intMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Jwt Configuration> - Login
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Login Configuration - Logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Maximum Password Age - Minimum
Password theogravity.Age Fusionauth. Inputs. Fusion Auth Tenant Minimum Password Age - Multi
Factor theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Multi Factor Configuration - Name string
- The unique name of the Tenant.
- Oauth
Configurations List<theogravity.Fusionauth. Inputs. Fusion Auth Tenant Oauth Configuration> - Password
Encryption List<theogravity.Configurations Fusionauth. Inputs. Fusion Auth Tenant Password Encryption Configuration> - Password
Validation theogravity.Rules Fusionauth. Inputs. Fusion Auth Tenant Password Validation Rules - Rate
Limit theogravity.Configuration Fusionauth. Inputs. Fusion Auth Tenant Rate Limit Configuration - Registration
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Registration Configuration - Source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- Theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- User
Delete theogravity.Policy Fusionauth. Inputs. Fusion Auth Tenant User Delete Policy - Username
Configuration theogravity.Fusionauth. Inputs. Fusion Auth Tenant Username Configuration
- Access
Control FusionConfiguration Auth Tenant Access Control Configuration Args - Captcha
Configuration FusionAuth Tenant Captcha Configuration Args - Connector
Policies []FusionAuth Tenant Connector Policy Args - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- Data map[string]interface{}
- An object that can hold any information about the Tenant that should be persisted.
- Email
Configuration FusionAuth Tenant Email Configuration Args - Event
Configurations []FusionAuth Tenant Event Configuration Args - External
Identifier FusionConfiguration Auth Tenant External Identifier Configuration Args - Failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration Args - Family
Configuration FusionAuth Tenant Family Configuration Args - Form
Configuration FusionAuth Tenant Form Configuration Args - Http
Session intMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- Issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- Jwt
Configurations []FusionAuth Tenant Jwt Configuration Args - Login
Configuration FusionAuth Tenant Login Configuration Args - Logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- Maximum
Password FusionAge Auth Tenant Maximum Password Age Args - Minimum
Password FusionAge Auth Tenant Minimum Password Age Args - Multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration Args - Name string
- The unique name of the Tenant.
- Oauth
Configurations []FusionAuth Tenant Oauth Configuration Args - Password
Encryption []FusionConfigurations Auth Tenant Password Encryption Configuration Args - Password
Validation FusionRules Auth Tenant Password Validation Rules Args - Rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration Args - Registration
Configuration FusionAuth Tenant Registration Configuration Args - Source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- Tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- Theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- User
Delete FusionPolicy Auth Tenant User Delete Policy Args - Username
Configuration FusionAuth Tenant Username Configuration Args
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies List<FusionAuth Tenant Connector Policy> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<String,Object>
- An object that can hold any information about the Tenant that should be persisted.
- email
Configuration FusionAuth Tenant Email Configuration - event
Configurations List<FusionAuth Tenant Event Configuration> - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session IntegerMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer String
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<FusionAuth Tenant Jwt Configuration> - login
Configuration FusionAuth Tenant Login Configuration - logout
Url String - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name String
- The unique name of the Tenant.
- oauth
Configurations List<FusionAuth Tenant Oauth Configuration> - password
Encryption List<FusionConfigurations Auth Tenant Password Encryption Configuration> - password
Validation FusionRules Auth Tenant Password Validation Rules - rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration - registration
Configuration FusionAuth Tenant Registration Configuration - source
Tenant StringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id String - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id String - The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration
- access
Control FusionConfiguration Auth Tenant Access Control Configuration - captcha
Configuration FusionAuth Tenant Captcha Configuration - connector
Policies FusionAuth Tenant Connector Policy[] - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data {[key: string]: any}
- An object that can hold any information about the Tenant that should be persisted.
- email
Configuration FusionAuth Tenant Email Configuration - event
Configurations FusionAuth Tenant Event Configuration[] - external
Identifier FusionConfiguration Auth Tenant External Identifier Configuration - failed
Authentication FusionConfiguration Auth Tenant Failed Authentication Configuration - family
Configuration FusionAuth Tenant Family Configuration - form
Configuration FusionAuth Tenant Form Configuration - http
Session numberMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer string
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations FusionAuth Tenant Jwt Configuration[] - login
Configuration FusionAuth Tenant Login Configuration - logout
Url string - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password FusionAge Auth Tenant Maximum Password Age - minimum
Password FusionAge Auth Tenant Minimum Password Age - multi
Factor FusionConfiguration Auth Tenant Multi Factor Configuration - name string
- The unique name of the Tenant.
- oauth
Configurations FusionAuth Tenant Oauth Configuration[] - password
Encryption FusionConfigurations Auth Tenant Password Encryption Configuration[] - password
Validation FusionRules Auth Tenant Password Validation Rules - rate
Limit FusionConfiguration Auth Tenant Rate Limit Configuration - registration
Configuration FusionAuth Tenant Registration Configuration - source
Tenant stringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id string - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id string - The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete FusionPolicy Auth Tenant User Delete Policy - username
Configuration FusionAuth Tenant Username Configuration
- access_
control_ Fusionconfiguration Auth Tenant Access Control Configuration Args - captcha_
configuration FusionAuth Tenant Captcha Configuration Args - connector_
policies Sequence[FusionAuth Tenant Connector Policy Args] - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Mapping[str, Any]
- An object that can hold any information about the Tenant that should be persisted.
- email_
configuration FusionAuth Tenant Email Configuration Args - event_
configurations Sequence[FusionAuth Tenant Event Configuration Args] - external_
identifier_ Fusionconfiguration Auth Tenant External Identifier Configuration Args - failed_
authentication_ Fusionconfiguration Auth Tenant Failed Authentication Configuration Args - family_
configuration FusionAuth Tenant Family Configuration Args - form_
configuration FusionAuth Tenant Form Configuration Args - http_
session_ intmax_ inactive_ interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer str
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt_
configurations Sequence[FusionAuth Tenant Jwt Configuration Args] - login_
configuration FusionAuth Tenant Login Configuration Args - logout_
url str - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum_
password_ Fusionage Auth Tenant Maximum Password Age Args - minimum_
password_ Fusionage Auth Tenant Minimum Password Age Args - multi_
factor_ Fusionconfiguration Auth Tenant Multi Factor Configuration Args - name str
- The unique name of the Tenant.
- oauth_
configurations Sequence[FusionAuth Tenant Oauth Configuration Args] - password_
encryption_ Sequence[Fusionconfigurations Auth Tenant Password Encryption Configuration Args] - password_
validation_ Fusionrules Auth Tenant Password Validation Rules Args - rate_
limit_ Fusionconfiguration Auth Tenant Rate Limit Configuration Args - registration_
configuration FusionAuth Tenant Registration Configuration Args - source_
tenant_ strid - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant_
id str - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme_
id str - The unique Id of the theme to be used to style the login page and other end user templates.
- user_
delete_ Fusionpolicy Auth Tenant User Delete Policy Args - username_
configuration FusionAuth Tenant Username Configuration Args
- access
Control Property MapConfiguration - captcha
Configuration Property Map - connector
Policies List<Property Map> - A list of Connector policies. Users will be authenticated against Connectors in order. Each Connector can be included in this list at most once and must exist.
- data Map<Any>
- An object that can hold any information about the Tenant that should be persisted.
- email
Configuration Property Map - event
Configurations List<Property Map> - external
Identifier Property MapConfiguration - failed
Authentication Property MapConfiguration - family
Configuration Property Map - form
Configuration Property Map - http
Session NumberMax Inactive Interval - Time in seconds until an inactive session will be invalidated. Used when creating a new session in the FusionAuth OAuth frontend.
- issuer String
- The named issuer used to sign tokens, this is generally your public fully qualified domain.
- jwt
Configurations List<Property Map> - login
Configuration Property Map - logout
Url String - The logout redirect URL when sending the user’s browser to the /oauth2/logout URI of the FusionAuth Front End. This value is only used when a logout URL is not defined in your Application.
- maximum
Password Property MapAge - minimum
Password Property MapAge - multi
Factor Property MapConfiguration - name String
- The unique name of the Tenant.
- oauth
Configurations List<Property Map> - password
Encryption List<Property Map>Configurations - password
Validation Property MapRules - rate
Limit Property MapConfiguration - registration
Configuration Property Map - source
Tenant StringId - The optional Id of an existing Tenant to make a copy of. If present, the tenant.id and tenant.name values of the request body will be applied to the new Tenant, all other values will be copied from the source Tenant to the new Tenant.
- tenant
Id String - The Id to use for the new Tenant. If not specified a secure random UUID will be generated.
- theme
Id String - The unique Id of the theme to be used to style the login page and other end user templates.
- user
Delete Property MapPolicy - username
Configuration Property Map
Supporting Types
FusionAuthTenantAccessControlConfiguration, FusionAuthTenantAccessControlConfigurationArgs
- Ui
Ip stringAccess Control List Id - The Id of the IP Access Control List limiting access to all applications in this tenant.
- Ui
Ip stringAccess Control List Id - The Id of the IP Access Control List limiting access to all applications in this tenant.
- ui
Ip StringAccess Control List Id - The Id of the IP Access Control List limiting access to all applications in this tenant.
- ui
Ip stringAccess Control List Id - The Id of the IP Access Control List limiting access to all applications in this tenant.
- ui_
ip_ straccess_ control_ list_ id - The Id of the IP Access Control List limiting access to all applications in this tenant.
- ui
Ip StringAccess Control List Id - The Id of the IP Access Control List limiting access to all applications in this tenant.
FusionAuthTenantCaptchaConfiguration, FusionAuthTenantCaptchaConfigurationArgs
- Captcha
Method string - The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Enabled bool
- Whether captcha configuration is enabled.
- Secret
Key string - The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Site
Key string - The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Threshold double
- The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- Captcha
Method string - The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Enabled bool
- Whether captcha configuration is enabled.
- Secret
Key string - The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Site
Key string - The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- Threshold float64
- The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- captcha
Method String - The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
- enabled Boolean
- Whether captcha configuration is enabled.
- secret
Key String - The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- site
Key String - The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- threshold Double
- The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- captcha
Method string - The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
- enabled boolean
- Whether captcha configuration is enabled.
- secret
Key string - The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- site
Key string - The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- threshold number
- The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- captcha_
method str - The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
- enabled bool
- Whether captcha configuration is enabled.
- secret_
key str - The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- site_
key str - The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- threshold float
- The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
- captcha
Method String - The type of captcha method to use. This field is required when tenant.captchaConfiguration.enabled is set to true.
- enabled Boolean
- Whether captcha configuration is enabled.
- secret
Key String - The secret key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- site
Key String - The site key for this captcha method. This field is required when tenant.captchaConfiguration.enabled is set to true.
- threshold Number
- The numeric threshold which separates a passing score from a failing one. This value only applies if using either the Google v3 or HCaptcha Enterprise method, otherwise this value is ignored.
FusionAuthTenantConnectorPolicy, FusionAuthTenantConnectorPolicyArgs
- Connector
Id string - The identifier of the Connector to which this policy refers.
- Domains List<string>
- A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- Migrate bool
- If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- Connector
Id string - The identifier of the Connector to which this policy refers.
- Domains []string
- A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- Migrate bool
- If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- connector
Id String - The identifier of the Connector to which this policy refers.
- domains List<String>
- A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- migrate Boolean
- If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- connector
Id string - The identifier of the Connector to which this policy refers.
- domains string[]
- A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- migrate boolean
- If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- connector_
id str - The identifier of the Connector to which this policy refers.
- domains Sequence[str]
- A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- migrate bool
- If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
- connector
Id String - The identifier of the Connector to which this policy refers.
- domains List<String>
- A list of email domains to which this connector should apply. A value of ["*"] indicates this connector applies to all users.
- migrate Boolean
- If true, the user’s data will be migrated to FusionAuth at first successful authentication; subsequent authentications will occur against the FusionAuth datastore. If false, the Connector’s source will be treated as authoritative.
FusionAuthTenantEmailConfiguration, FusionAuthTenantEmailConfigurationArgs
- Host string
- The host name of the SMTP server that FusionAuth will use.
- Port int
- The port of the SMTP server that FusionAuth will use.
- Additional
Headers Dictionary<string, object> - The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- Default
From stringEmail - The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- Default
From stringName - The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- Email
Update stringEmail Template Id - The Id of the Email Template that is used when a user is sent a forgot password email.
- Email
Verified stringEmail Template Id - The Id of the Email Template used to verify user emails.
- Forgot
Password stringEmail Template Id - The Id of the Email Template that is used when a user is sent a forgot password email.
- Implicit
Email boolVerification Allowed - When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- Login
Id stringIn Use On Create Email Template Id - The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- Login
Id stringIn Use On Update Email Template Id - The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- Login
New stringDevice Email Template Id - The Id of the Email Template used to send emails to users when they log in on a new device.
- Login
Suspicious stringEmail Template Id - The Id of the Email Template used to send emails to users when a suspicious login occurs.
- Password string
- An optional password FusionAuth will use to authenticate with the SMTP server.
- Password
Reset stringSuccess Email Template Id - The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- Password
Update stringEmail Template Id - The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- Passwordless
Email stringTemplate Id - The Id of the Passwordless Email Template.
- Properties string
- Additional Email Configuration in a properties file formatted String.
- Security string
- The type of security protocol FusionAuth will use when connecting to the SMTP server.
- Set
Password stringEmail Template Id - The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- Two
Factor stringMethod Add Email Template Id - The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- Two
Factor stringMethod Remove Email Template Id - The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- Unverified
theogravity.
Fusionauth. Inputs. Fusion Auth Tenant Email Configuration Unverified - Username string
- An optional username FusionAuth will to authenticate with the SMTP server.
- Verification
Email stringTemplate Id - The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- Verification
Strategy string - The process by which the user will verify their email address. Possible values are
ClickableLink
orFormField
. - Verify
Email bool - Whether the user’s email addresses are verified when the registers with your application.
- Verify
Email boolWhen Changed - Whether the user’s email addresses are verified when the user changes them.
- Host string
- The host name of the SMTP server that FusionAuth will use.
- Port int
- The port of the SMTP server that FusionAuth will use.
- Additional
Headers map[string]interface{} - The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- Default
From stringEmail - The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- Default
From stringName - The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- Email
Update stringEmail Template Id - The Id of the Email Template that is used when a user is sent a forgot password email.
- Email
Verified stringEmail Template Id - The Id of the Email Template used to verify user emails.
- Forgot
Password stringEmail Template Id - The Id of the Email Template that is used when a user is sent a forgot password email.
- Implicit
Email boolVerification Allowed - When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- Login
Id stringIn Use On Create Email Template Id - The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- Login
Id stringIn Use On Update Email Template Id - The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- Login
New stringDevice Email Template Id - The Id of the Email Template used to send emails to users when they log in on a new device.
- Login
Suspicious stringEmail Template Id - The Id of the Email Template used to send emails to users when a suspicious login occurs.
- Password string
- An optional password FusionAuth will use to authenticate with the SMTP server.
- Password
Reset stringSuccess Email Template Id - The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- Password
Update stringEmail Template Id - The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- Passwordless
Email stringTemplate Id - The Id of the Passwordless Email Template.
- Properties string
- Additional Email Configuration in a properties file formatted String.
- Security string
- The type of security protocol FusionAuth will use when connecting to the SMTP server.
- Set
Password stringEmail Template Id - The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- Two
Factor stringMethod Add Email Template Id - The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- Two
Factor stringMethod Remove Email Template Id - The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- Unverified
Fusion
Auth Tenant Email Configuration Unverified - Username string
- An optional username FusionAuth will to authenticate with the SMTP server.
- Verification
Email stringTemplate Id - The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- Verification
Strategy string - The process by which the user will verify their email address. Possible values are
ClickableLink
orFormField
. - Verify
Email bool - Whether the user’s email addresses are verified when the registers with your application.
- Verify
Email boolWhen Changed - Whether the user’s email addresses are verified when the user changes them.
- host String
- The host name of the SMTP server that FusionAuth will use.
- port Integer
- The port of the SMTP server that FusionAuth will use.
- additional
Headers Map<String,Object> - The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- default
From StringEmail - The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- default
From StringName - The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- email
Update StringEmail Template Id - The Id of the Email Template that is used when a user is sent a forgot password email.
- email
Verified StringEmail Template Id - The Id of the Email Template used to verify user emails.
- forgot
Password StringEmail Template Id - The Id of the Email Template that is used when a user is sent a forgot password email.
- implicit
Email BooleanVerification Allowed - When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- login
Id StringIn Use On Create Email Template Id - The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
Id StringIn Use On Update Email Template Id - The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
New StringDevice Email Template Id - The Id of the Email Template used to send emails to users when they log in on a new device.
- login
Suspicious StringEmail Template Id - The Id of the Email Template used to send emails to users when a suspicious login occurs.
- password String
- An optional password FusionAuth will use to authenticate with the SMTP server.
- password
Reset StringSuccess Email Template Id - The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- password
Update StringEmail Template Id - The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- passwordless
Email StringTemplate Id - The Id of the Passwordless Email Template.
- properties String
- Additional Email Configuration in a properties file formatted String.
- security String
- The type of security protocol FusionAuth will use when connecting to the SMTP server.
- set
Password StringEmail Template Id - The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- two
Factor StringMethod Add Email Template Id - The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- two
Factor StringMethod Remove Email Template Id - The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- unverified
Fusion
Auth Tenant Email Configuration Unverified - username String
- An optional username FusionAuth will to authenticate with the SMTP server.
- verification
Email StringTemplate Id - The Id of the Email Template that is used to send the verification emails to users. These emails are used to verify that a user’s email address ivalid. If either the verifyEmail or verifyEmailWhenChanged fields are true this field is required.
- verification
Strategy String - The process by which the user will verify their email address. Possible values are
ClickableLink
orFormField
. - verify
Email Boolean - Whether the user’s email addresses are verified when the registers with your application.
- verify
Email BooleanWhen Changed - Whether the user’s email addresses are verified when the user changes them.
- host string
- The host name of the SMTP server that FusionAuth will use.
- port number
- The port of the SMTP server that FusionAuth will use.
- additional
Headers {[key: string]: any} - The additional SMTP headers to be added to each outgoing email. Each SMTP header consists of a name and a value.
- default
From stringEmail - The default email address that emails will be sent from when a from address is not provided on an individual email template. This is the address part email address (i.e. Jared Dunn jared@piedpiper.com).
- default
From stringName - The default From Name used in sending emails when a from name is not provided on an individual email template. This is the display name part of the email address ( i.e. Jared Dunn jared@piedpiper.com).
- email
Update stringEmail Template Id - The Id of the Email Template that is used when a user is sent a forgot password email.
- email
Verified stringEmail Template Id - The Id of the Email Template used to verify user emails.
- forgot
Password stringEmail Template Id - The Id of the Email Template that is used when a user is sent a forgot password email.
- implicit
Email booleanVerification Allowed - When set to true, this allows email to be verified as a result of completing a similar email based workflow such as change password. When seto false, the user must explicitly complete the email verification workflow even if the user has already completed a similar email workflow such as change password.
- login
Id stringIn Use On Create Email Template Id - The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
Id stringIn Use On Update Email Template Id - The Id of the Email Template used to send emails to users when another user attempts to create an account with their login Id.
- login
New stringDevice Email Template Id - The Id of the Email Template used to send emails to users when they log in on a new device.
- login
Suspicious stringEmail Template Id - The Id of the Email Template used to send emails to users when a suspicious login occurs.
- password string
- An optional password FusionAuth will use to authenticate with the SMTP server.
- password
Reset stringSuccess Email Template Id - The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password habeen reset.
- password
Update stringEmail Template Id - The Id of the Email Template used to send emails to users when they have completed a 'forgot password' workflow and their password has been rese
- passwordless
Email stringTemplate Id - The Id of the Passwordless Email Template.
- properties string
- Additional Email Configuration in a properties file formatted String.
- security string
- The type of security protocol FusionAuth will use when connecting to the SMTP server.
- set
Password stringEmail Template Id - The Id of the Email Template that is used when a user had their account created for them and they must set their password manually and they are sent an email to set their password.
- two
Factor stringMethod Add Email Template Id - The Id of the Email Template used to send emails to users when a MFA method has been added to their account.
- two
Factor stringMethod Remove Email Template Id - The Id of the Email Template used to send emails to users when a MFA method has been removed from their account.
- unverified
Fusion
Auth Tenant Email Configuration Unverified - username string
- An optional username FusionAuth will to authenticate with the SMTP server.