1. Packages
  2. Keycloak Provider
  3. API Docs
  4. getClientDescriptionConverter
Viewing docs for Keycloak v6.10.0
published on Saturday, Feb 21, 2026 by Pulumi
Schema (JSON)
pulumi/pulumi-keycloak

keycloak.getClientDescriptionConverter

keycloak logo
Viewing docs for Keycloak v6.10.0
published on Saturday, Feb 21, 2026 by Pulumi
Schema (JSON)
pulumi/pulumi-keycloak

    This data source uses the ClientDescriptionConverter API to convert a generic client description into a Keycloak client. This data can then be used to manage the client within Keycloak.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";

const realm = new keycloak.Realm("realm", {
    realm: "my-realm",
    enabled: true,
});
const samlClient = keycloak.getClientDescriptionConverterOutput({
    realmId: realm.id,
    body: `\\t<md:EntityDescriptor xmlns:md=\\"urn:oasis:names:tc:SAML:2.0:metadata\\" validUntil=\\"2021-04-17T12:41:46Z\\" cacheDuration=\\"PT604800S\\" entityID=\\"FakeEntityId\\">
    <md:SPSSODescriptor AuthnRequestsSigned=\\"false\\" WantAssertionsSigned=\\"false\\" protocolSupportEnumeration=\\"urn:oasis:names:tc:SAML:2.0:protocol\\">
        <md:KeyDescriptor use=\\"signing\\">
\\t\\t\\t<ds:KeyInfo xmlns:ds=\\"http://www.w3.org/2000/09/xmldsig#\\">
\\t\\t\\t\\t<ds:X509Data>
\\t\\t\\t\\t\\t<ds:X509Certificate>MIICyDCCAjGgAwIBAgIBADANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UEBhMCdXMx
\\t\\t\\t\\t\\tCzAJBgNVBAgMAklBMSQwIgYDVQQKDBt0ZXJyYWZvcm0tcHJvdmlkZXIta2V5Y2xv
\\t\\t\\t\\t\\tYWsxHDAaBgNVBAMME21ycGFya2Vycy5naXRodWIuaW8xIDAeBgkqhkiG9w0BCQEW
\\t\\t\\t\\t\\tEW1pY2hhZWxAcGFya2VyLmdnMB4XDTE5MDEwODE0NDYzNloXDTI5MDEwNTE0NDYz
\\t\\t\\t\\t\\tNlowgYAxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJJQTEkMCIGA1UECgwbdGVycmFm
\\t\\t\\t\\t\\tb3JtLXByb3ZpZGVyLWtleWNsb2FrMRwwGgYDVQQDDBNtcnBhcmtlcnMuZ2l0aHVi
\\t\\t\\t\\t\\tLmlvMSAwHgYJKoZIhvcNAQkBFhFtaWNoYWVsQHBhcmtlci5nZzCBnzANBgkqhkiG
\\t\\t\\t\\t\\t9w0BAQEFAAOBjQAwgYkCgYEAxuZny7uyYxGVPtpie14gNQC4tT9sAvO2sVNDhuoe
\\t\\t\\t\\t\\tqIKLRpNwkHnwQmwe5OxSh9K0BPHp/DNuuVWUqvo4tniEYn3jBr7FwLYLTKojQIxj
\\t\\t\\t\\t\\t53S1UTT9EXq3eP5HsHMD0QnTuca2nlNYUDBm6ud2fQj0Jt5qLx86EbEC28N56IRv
\\t\\t\\t\\t\\tGX8CAwEAAaNQME4wHQYDVR0OBBYEFMLnbQh77j7vhGTpAhKpDhCrBsPZMB8GA1Ud
\\t\\t\\t\\t\\tIwQYMBaAFMLnbQh77j7vhGTpAhKpDhCrBsPZMAwGA1UdEwQFMAMBAf8wDQYJKoZI
\\t\\t\\t\\t\\thvcNAQENBQADgYEAB8wGrAQY0pAfwbnYSyBt4STbebeRTu1/q1ucfrtc3qsegcd5
\\t\\t\\t\\t\\tn01xTR+T2uZJwqHFPpFjr4IPORiHx3+4BWCweslPD53qBjKUPXcbMO1Revjef6Tj
\\t\\t\\t\\t\\tK3K0AuJ94fxgXVoT61Nzu/a6Lj6RhzU/Dao9mlSbJY+YSbm+ZBpsuRUQ84s=</ds:X509Certificate>
\\t\\t\\t\\t</ds:X509Data>
\\t\\t\\t</ds:KeyInfo>
\\t\\t</md:KeyDescriptor>
\\t\\t<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:AssertionConsumerService Binding=\\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\\" Location=\\"https://localhost/acs/saml/\\" index=\\"1\\"/>
    </md:SPSSODescriptor>
</md:EntityDescriptor>
`,
});
const samlClientClient = new keycloak.saml.Client("saml_client", {
    realmId: realm.id,
    clientId: samlClient.apply(samlClient => samlClient.clientId),
});

    import pulumi
import pulumi_keycloak as keycloak

realm = keycloak.Realm("realm",
    realm="my-realm",
    enabled=True)
saml_client = keycloak.get_client_description_converter_output(realm_id=realm.id,
    body="""\t<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" validUntil=\"2021-04-17T12:41:46Z\" cacheDuration=\"PT604800S\" entityID=\"FakeEntityId\">
    <md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">
        <md:KeyDescriptor use=\"signing\">
\t\t\t<ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">
\t\t\t\t<ds:X509Data>
\t\t\t\t\t<ds:X509Certificate>MIICyDCCAjGgAwIBAgIBADANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UEBhMCdXMx
\t\t\t\t\tCzAJBgNVBAgMAklBMSQwIgYDVQQKDBt0ZXJyYWZvcm0tcHJvdmlkZXIta2V5Y2xv
\t\t\t\t\tYWsxHDAaBgNVBAMME21ycGFya2Vycy5naXRodWIuaW8xIDAeBgkqhkiG9w0BCQEW
\t\t\t\t\tEW1pY2hhZWxAcGFya2VyLmdnMB4XDTE5MDEwODE0NDYzNloXDTI5MDEwNTE0NDYz
\t\t\t\t\tNlowgYAxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJJQTEkMCIGA1UECgwbdGVycmFm
\t\t\t\t\tb3JtLXByb3ZpZGVyLWtleWNsb2FrMRwwGgYDVQQDDBNtcnBhcmtlcnMuZ2l0aHVi
\t\t\t\t\tLmlvMSAwHgYJKoZIhvcNAQkBFhFtaWNoYWVsQHBhcmtlci5nZzCBnzANBgkqhkiG
\t\t\t\t\t9w0BAQEFAAOBjQAwgYkCgYEAxuZny7uyYxGVPtpie14gNQC4tT9sAvO2sVNDhuoe
\t\t\t\t\tqIKLRpNwkHnwQmwe5OxSh9K0BPHp/DNuuVWUqvo4tniEYn3jBr7FwLYLTKojQIxj
\t\t\t\t\t53S1UTT9EXq3eP5HsHMD0QnTuca2nlNYUDBm6ud2fQj0Jt5qLx86EbEC28N56IRv
\t\t\t\t\tGX8CAwEAAaNQME4wHQYDVR0OBBYEFMLnbQh77j7vhGTpAhKpDhCrBsPZMB8GA1Ud
\t\t\t\t\tIwQYMBaAFMLnbQh77j7vhGTpAhKpDhCrBsPZMAwGA1UdEwQFMAMBAf8wDQYJKoZI
\t\t\t\t\thvcNAQENBQADgYEAB8wGrAQY0pAfwbnYSyBt4STbebeRTu1/q1ucfrtc3qsegcd5
\t\t\t\t\tn01xTR+T2uZJwqHFPpFjr4IPORiHx3+4BWCweslPD53qBjKUPXcbMO1Revjef6Tj
\t\t\t\t\tK3K0AuJ94fxgXVoT61Nzu/a6Lj6RhzU/Dao9mlSbJY+YSbm+ZBpsuRUQ84s=</ds:X509Certificate>
\t\t\t\t</ds:X509Data>
\t\t\t</ds:KeyInfo>
\t\t</md:KeyDescriptor>
\t\t<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://localhost/acs/saml/\" index=\"1\"/>
    </md:SPSSODescriptor>
</md:EntityDescriptor>
""")
saml_client_client = keycloak.saml.Client("saml_client",
    realm_id=realm.id,
    client_id=saml_client.client_id)

    package main

import (
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak/saml"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		samlClient := keycloak.GetClientDescriptionConverterOutput(ctx, keycloak.GetClientDescriptionConverterOutputArgs{
			RealmId: realm.ID(),
			Body: pulumi.String(`\t<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" validUntil=\"2021-04-17T12:41:46Z\" cacheDuration=\"PT604800S\" entityID=\"FakeEntityId\">
    <md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">
        <md:KeyDescriptor use=\"signing\">
\t\t\t<ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">
\t\t\t\t<ds:X509Data>
\t\t\t\t\t<ds:X509Certificate>MIICyDCCAjGgAwIBAgIBADANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UEBhMCdXMx
\t\t\t\t\tCzAJBgNVBAgMAklBMSQwIgYDVQQKDBt0ZXJyYWZvcm0tcHJvdmlkZXIta2V5Y2xv
\t\t\t\t\tYWsxHDAaBgNVBAMME21ycGFya2Vycy5naXRodWIuaW8xIDAeBgkqhkiG9w0BCQEW
\t\t\t\t\tEW1pY2hhZWxAcGFya2VyLmdnMB4XDTE5MDEwODE0NDYzNloXDTI5MDEwNTE0NDYz
\t\t\t\t\tNlowgYAxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJJQTEkMCIGA1UECgwbdGVycmFm
\t\t\t\t\tb3JtLXByb3ZpZGVyLWtleWNsb2FrMRwwGgYDVQQDDBNtcnBhcmtlcnMuZ2l0aHVi
\t\t\t\t\tLmlvMSAwHgYJKoZIhvcNAQkBFhFtaWNoYWVsQHBhcmtlci5nZzCBnzANBgkqhkiG
\t\t\t\t\t9w0BAQEFAAOBjQAwgYkCgYEAxuZny7uyYxGVPtpie14gNQC4tT9sAvO2sVNDhuoe
\t\t\t\t\tqIKLRpNwkHnwQmwe5OxSh9K0BPHp/DNuuVWUqvo4tniEYn3jBr7FwLYLTKojQIxj
\t\t\t\t\t53S1UTT9EXq3eP5HsHMD0QnTuca2nlNYUDBm6ud2fQj0Jt5qLx86EbEC28N56IRv
\t\t\t\t\tGX8CAwEAAaNQME4wHQYDVR0OBBYEFMLnbQh77j7vhGTpAhKpDhCrBsPZMB8GA1Ud
\t\t\t\t\tIwQYMBaAFMLnbQh77j7vhGTpAhKpDhCrBsPZMAwGA1UdEwQFMAMBAf8wDQYJKoZI
\t\t\t\t\thvcNAQENBQADgYEAB8wGrAQY0pAfwbnYSyBt4STbebeRTu1/q1ucfrtc3qsegcd5
\t\t\t\t\tn01xTR+T2uZJwqHFPpFjr4IPORiHx3+4BWCweslPD53qBjKUPXcbMO1Revjef6Tj
\t\t\t\t\tK3K0AuJ94fxgXVoT61Nzu/a6Lj6RhzU/Dao9mlSbJY+YSbm+ZBpsuRUQ84s=</ds:X509Certificate>
\t\t\t\t</ds:X509Data>
\t\t\t</ds:KeyInfo>
\t\t</md:KeyDescriptor>
\t\t<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://localhost/acs/saml/\" index=\"1\"/>
    </md:SPSSODescriptor>
</md:EntityDescriptor>
`),
		}, nil)
		_, err = saml.NewClient(ctx, "saml_client", &saml.ClientArgs{
			RealmId: realm.ID(),
			ClientId: pulumi.String(samlClient.ApplyT(func(samlClient keycloak.GetClientDescriptionConverterResult) (*string, error) {
				return &samlClient.ClientId, nil
			}).(pulumi.StringPtrOutput)),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;

return await Deployment.RunAsync(() => 
{
    var realm = new Keycloak.Realm("realm", new()
    {
        RealmName = "my-realm",
        Enabled = true,
    });

    var samlClient = Keycloak.GetClientDescriptionConverter.Invoke(new()
    {
        RealmId = realm.Id,
        Body = @"\t<md:EntityDescriptor xmlns:md=\""urn:oasis:names:tc:SAML:2.0:metadata\"" validUntil=\""2021-04-17T12:41:46Z\"" cacheDuration=\""PT604800S\"" entityID=\""FakeEntityId\"">
    <md:SPSSODescriptor AuthnRequestsSigned=\""false\"" WantAssertionsSigned=\""false\"" protocolSupportEnumeration=\""urn:oasis:names:tc:SAML:2.0:protocol\"">
        <md:KeyDescriptor use=\""signing\"">
\t\t\t<ds:KeyInfo xmlns:ds=\""http://www.w3.org/2000/09/xmldsig#\"">
\t\t\t\t<ds:X509Data>
\t\t\t\t\t<ds:X509Certificate>MIICyDCCAjGgAwIBAgIBADANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UEBhMCdXMx
\t\t\t\t\tCzAJBgNVBAgMAklBMSQwIgYDVQQKDBt0ZXJyYWZvcm0tcHJvdmlkZXIta2V5Y2xv
\t\t\t\t\tYWsxHDAaBgNVBAMME21ycGFya2Vycy5naXRodWIuaW8xIDAeBgkqhkiG9w0BCQEW
\t\t\t\t\tEW1pY2hhZWxAcGFya2VyLmdnMB4XDTE5MDEwODE0NDYzNloXDTI5MDEwNTE0NDYz
\t\t\t\t\tNlowgYAxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJJQTEkMCIGA1UECgwbdGVycmFm
\t\t\t\t\tb3JtLXByb3ZpZGVyLWtleWNsb2FrMRwwGgYDVQQDDBNtcnBhcmtlcnMuZ2l0aHVi
\t\t\t\t\tLmlvMSAwHgYJKoZIhvcNAQkBFhFtaWNoYWVsQHBhcmtlci5nZzCBnzANBgkqhkiG
\t\t\t\t\t9w0BAQEFAAOBjQAwgYkCgYEAxuZny7uyYxGVPtpie14gNQC4tT9sAvO2sVNDhuoe
\t\t\t\t\tqIKLRpNwkHnwQmwe5OxSh9K0BPHp/DNuuVWUqvo4tniEYn3jBr7FwLYLTKojQIxj
\t\t\t\t\t53S1UTT9EXq3eP5HsHMD0QnTuca2nlNYUDBm6ud2fQj0Jt5qLx86EbEC28N56IRv
\t\t\t\t\tGX8CAwEAAaNQME4wHQYDVR0OBBYEFMLnbQh77j7vhGTpAhKpDhCrBsPZMB8GA1Ud
\t\t\t\t\tIwQYMBaAFMLnbQh77j7vhGTpAhKpDhCrBsPZMAwGA1UdEwQFMAMBAf8wDQYJKoZI
\t\t\t\t\thvcNAQENBQADgYEAB8wGrAQY0pAfwbnYSyBt4STbebeRTu1/q1ucfrtc3qsegcd5
\t\t\t\t\tn01xTR+T2uZJwqHFPpFjr4IPORiHx3+4BWCweslPD53qBjKUPXcbMO1Revjef6Tj
\t\t\t\t\tK3K0AuJ94fxgXVoT61Nzu/a6Lj6RhzU/Dao9mlSbJY+YSbm+ZBpsuRUQ84s=</ds:X509Certificate>
\t\t\t\t</ds:X509Data>
\t\t\t</ds:KeyInfo>
\t\t</md:KeyDescriptor>
\t\t<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:AssertionConsumerService Binding=\""urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"" Location=\""https://localhost/acs/saml/\"" index=\""1\""/>
    </md:SPSSODescriptor>
</md:EntityDescriptor>
",
    });

    var samlClientClient = new Keycloak.Saml.Client("saml_client", new()
    {
        RealmId = realm.Id,
        ClientId = samlClient.Apply(getClientDescriptionConverterResult => getClientDescriptionConverterResult.ClientId),
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.KeycloakFunctions;
import com.pulumi.keycloak.inputs.GetClientDescriptionConverterArgs;
import com.pulumi.keycloak.saml.Client;
import com.pulumi.keycloak.saml.ClientArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var realm = new Realm("realm", RealmArgs.builder()
            .realm("my-realm")
            .enabled(true)
            .build());

        final var samlClient = KeycloakFunctions.getClientDescriptionConverter(GetClientDescriptionConverterArgs.builder()
            .realmId(realm.id())
            .body("""
\t<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" validUntil=\"2021-04-17T12:41:46Z\" cacheDuration=\"PT604800S\" entityID=\"FakeEntityId\">
    <md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">
        <md:KeyDescriptor use=\"signing\">
\t\t\t<ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">
\t\t\t\t<ds:X509Data>
\t\t\t\t\t<ds:X509Certificate>MIICyDCCAjGgAwIBAgIBADANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UEBhMCdXMx
\t\t\t\t\tCzAJBgNVBAgMAklBMSQwIgYDVQQKDBt0ZXJyYWZvcm0tcHJvdmlkZXIta2V5Y2xv
\t\t\t\t\tYWsxHDAaBgNVBAMME21ycGFya2Vycy5naXRodWIuaW8xIDAeBgkqhkiG9w0BCQEW
\t\t\t\t\tEW1pY2hhZWxAcGFya2VyLmdnMB4XDTE5MDEwODE0NDYzNloXDTI5MDEwNTE0NDYz
\t\t\t\t\tNlowgYAxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJJQTEkMCIGA1UECgwbdGVycmFm
\t\t\t\t\tb3JtLXByb3ZpZGVyLWtleWNsb2FrMRwwGgYDVQQDDBNtcnBhcmtlcnMuZ2l0aHVi
\t\t\t\t\tLmlvMSAwHgYJKoZIhvcNAQkBFhFtaWNoYWVsQHBhcmtlci5nZzCBnzANBgkqhkiG
\t\t\t\t\t9w0BAQEFAAOBjQAwgYkCgYEAxuZny7uyYxGVPtpie14gNQC4tT9sAvO2sVNDhuoe
\t\t\t\t\tqIKLRpNwkHnwQmwe5OxSh9K0BPHp/DNuuVWUqvo4tniEYn3jBr7FwLYLTKojQIxj
\t\t\t\t\t53S1UTT9EXq3eP5HsHMD0QnTuca2nlNYUDBm6ud2fQj0Jt5qLx86EbEC28N56IRv
\t\t\t\t\tGX8CAwEAAaNQME4wHQYDVR0OBBYEFMLnbQh77j7vhGTpAhKpDhCrBsPZMB8GA1Ud
\t\t\t\t\tIwQYMBaAFMLnbQh77j7vhGTpAhKpDhCrBsPZMAwGA1UdEwQFMAMBAf8wDQYJKoZI
\t\t\t\t\thvcNAQENBQADgYEAB8wGrAQY0pAfwbnYSyBt4STbebeRTu1/q1ucfrtc3qsegcd5
\t\t\t\t\tn01xTR+T2uZJwqHFPpFjr4IPORiHx3+4BWCweslPD53qBjKUPXcbMO1Revjef6Tj
\t\t\t\t\tK3K0AuJ94fxgXVoT61Nzu/a6Lj6RhzU/Dao9mlSbJY+YSbm+ZBpsuRUQ84s=</ds:X509Certificate>
\t\t\t\t</ds:X509Data>
\t\t\t</ds:KeyInfo>
\t\t</md:KeyDescriptor>
\t\t<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://localhost/acs/saml/\" index=\"1\"/>
    </md:SPSSODescriptor>
</md:EntityDescriptor>
            """)
            .build());

        var samlClientClient = new Client("samlClientClient", ClientArgs.builder()
            .realmId(realm.id())
            .clientId(samlClient.applyValue(_samlClient -> _samlClient.clientId()))
            .build());

    }
}

    resources:
  realm:
    type: keycloak:Realm
    properties:
      realm: my-realm
      enabled: true
  samlClientClient:
    type: keycloak:saml:Client
    name: saml_client
    properties:
      realmId: ${realm.id}
      clientId: ${samlClient.clientId}
variables:
  samlClient:
    fn::invoke:
      function: keycloak:getClientDescriptionConverter
      arguments:
        realmId: ${realm.id}
        body: |
          \t<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" validUntil=\"2021-04-17T12:41:46Z\" cacheDuration=\"PT604800S\" entityID=\"FakeEntityId\">
              <md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">
                  <md:KeyDescriptor use=\"signing\">
          \t\t\t<ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">
          \t\t\t\t<ds:X509Data>
          \t\t\t\t\t<ds:X509Certificate>MIICyDCCAjGgAwIBAgIBADANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UEBhMCdXMx
          \t\t\t\t\tCzAJBgNVBAgMAklBMSQwIgYDVQQKDBt0ZXJyYWZvcm0tcHJvdmlkZXIta2V5Y2xv
          \t\t\t\t\tYWsxHDAaBgNVBAMME21ycGFya2Vycy5naXRodWIuaW8xIDAeBgkqhkiG9w0BCQEW
          \t\t\t\t\tEW1pY2hhZWxAcGFya2VyLmdnMB4XDTE5MDEwODE0NDYzNloXDTI5MDEwNTE0NDYz
          \t\t\t\t\tNlowgYAxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJJQTEkMCIGA1UECgwbdGVycmFm
          \t\t\t\t\tb3JtLXByb3ZpZGVyLWtleWNsb2FrMRwwGgYDVQQDDBNtcnBhcmtlcnMuZ2l0aHVi
          \t\t\t\t\tLmlvMSAwHgYJKoZIhvcNAQkBFhFtaWNoYWVsQHBhcmtlci5nZzCBnzANBgkqhkiG
          \t\t\t\t\t9w0BAQEFAAOBjQAwgYkCgYEAxuZny7uyYxGVPtpie14gNQC4tT9sAvO2sVNDhuoe
          \t\t\t\t\tqIKLRpNwkHnwQmwe5OxSh9K0BPHp/DNuuVWUqvo4tniEYn3jBr7FwLYLTKojQIxj
          \t\t\t\t\t53S1UTT9EXq3eP5HsHMD0QnTuca2nlNYUDBm6ud2fQj0Jt5qLx86EbEC28N56IRv
          \t\t\t\t\tGX8CAwEAAaNQME4wHQYDVR0OBBYEFMLnbQh77j7vhGTpAhKpDhCrBsPZMB8GA1Ud
          \t\t\t\t\tIwQYMBaAFMLnbQh77j7vhGTpAhKpDhCrBsPZMAwGA1UdEwQFMAMBAf8wDQYJKoZI
          \t\t\t\t\thvcNAQENBQADgYEAB8wGrAQY0pAfwbnYSyBt4STbebeRTu1/q1ucfrtc3qsegcd5
          \t\t\t\t\tn01xTR+T2uZJwqHFPpFjr4IPORiHx3+4BWCweslPD53qBjKUPXcbMO1Revjef6Tj
          \t\t\t\t\tK3K0AuJ94fxgXVoT61Nzu/a6Lj6RhzU/Dao9mlSbJY+YSbm+ZBpsuRUQ84s=</ds:X509Certificate>
          \t\t\t\t</ds:X509Data>
          \t\t\t</ds:KeyInfo>
          \t\t</md:KeyDescriptor>
          \t\t<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
                  <md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://localhost/acs/saml/\" index=\"1\"/>
              </md:SPSSODescriptor>
          </md:EntityDescriptor>

    Using getClientDescriptionConverter

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getClientDescriptionConverter(args: GetClientDescriptionConverterArgs, opts?: InvokeOptions): Promise<GetClientDescriptionConverterResult>
function getClientDescriptionConverterOutput(args: GetClientDescriptionConverterOutputArgs, opts?: InvokeOptions): Output<GetClientDescriptionConverterResult>
    def get_client_description_converter(body: Optional[str] = None,
                                     realm_id: Optional[str] = None,
                                     opts: Optional[InvokeOptions] = None) -> GetClientDescriptionConverterResult
def get_client_description_converter_output(body: Optional[pulumi.Input[str]] = None,
                                     realm_id: Optional[pulumi.Input[str]] = None,
                                     opts: Optional[InvokeOptions] = None) -> Output[GetClientDescriptionConverterResult]
    func GetClientDescriptionConverter(ctx *Context, args *GetClientDescriptionConverterArgs, opts ...InvokeOption) (*GetClientDescriptionConverterResult, error)
func GetClientDescriptionConverterOutput(ctx *Context, args *GetClientDescriptionConverterOutputArgs, opts ...InvokeOption) GetClientDescriptionConverterResultOutput

    > Note: This function is named GetClientDescriptionConverter in the Go SDK.

    public static class GetClientDescriptionConverter 
{
    public static Task<GetClientDescriptionConverterResult> InvokeAsync(GetClientDescriptionConverterArgs args, InvokeOptions? opts = null)
    public static Output<GetClientDescriptionConverterResult> Invoke(GetClientDescriptionConverterInvokeArgs args, InvokeOptions? opts = null)
}
    public static CompletableFuture<GetClientDescriptionConverterResult> getClientDescriptionConverter(GetClientDescriptionConverterArgs args, InvokeOptions options)
public static Output<GetClientDescriptionConverterResult> getClientDescriptionConverter(GetClientDescriptionConverterArgs args, InvokeOptions options)

    fn::invoke:
  function: keycloak:index/getClientDescriptionConverter:getClientDescriptionConverter
  arguments:
    # arguments dictionary

    The following arguments are supported:

    Body string
    The body of the request to convert.
    RealmId string
    The realm to use for the client description converter API call.
    Body string
    The body of the request to convert.
    RealmId string
    The realm to use for the client description converter API call.
    body String
    The body of the request to convert.
    realmId String
    The realm to use for the client description converter API call.
    body string
    The body of the request to convert.
    realmId string
    The realm to use for the client description converter API call.
    body str
    The body of the request to convert.
    realm_id str
    The realm to use for the client description converter API call.
    body String
    The body of the request to convert.
    realmId String
    The realm to use for the client description converter API call.

    getClientDescriptionConverter Result

    The following output properties are available:

    Access Dictionary<string, string>
    AdminUrl string
    AlwaysDisplayInConsole bool
    Attributes Dictionary<string, string>
    AuthenticationFlowBindingOverrides Dictionary<string, string>
    AuthorizationServicesEnabled bool
    AuthorizationSettings Dictionary<string, string>
    BaseUrl string
    BearerOnly bool
    Body string
    ClientAuthenticatorType string
    ClientId string
    ConsentRequired string
    DefaultClientScopes List<string>
    DefaultRoles List<string>
    Description string
    DirectAccessGrantsEnabled bool
    Enabled bool
    FrontchannelLogout bool
    FullScopeAllowed bool
    Id string
    The provider-assigned unique ID for this managed resource.
    ImplicitFlowEnabled bool
    Name string
    NotBefore int
    OptionalClientScopes List<string>
    Origin string
    Protocol string
    ProtocolMappers List<GetClientDescriptionConverterProtocolMapper>
    PublicClient bool
    RealmId string
    RedirectUris List<string>
    RegisteredNodes Dictionary<string, string>
    RegistrationAccessToken string
    RootUrl string
    Secret string
    ServiceAccountsEnabled bool
    StandardFlowEnabled bool
    SurrogateAuthRequired bool
    WebOrigins List<string>
    Access map[string]string
    AdminUrl string
    AlwaysDisplayInConsole bool
    Attributes map[string]string
    AuthenticationFlowBindingOverrides map[string]string
    AuthorizationServicesEnabled bool
    AuthorizationSettings map[string]string
    BaseUrl string
    BearerOnly bool
    Body string
    ClientAuthenticatorType string
    ClientId string
    ConsentRequired string
    DefaultClientScopes []string
    DefaultRoles []string
    Description string
    DirectAccessGrantsEnabled bool
    Enabled bool
    FrontchannelLogout bool
    FullScopeAllowed bool
    Id string
    The provider-assigned unique ID for this managed resource.
    ImplicitFlowEnabled bool
    Name string
    NotBefore int
    OptionalClientScopes []string
    Origin string
    Protocol string
    ProtocolMappers []GetClientDescriptionConverterProtocolMapper
    PublicClient bool
    RealmId string
    RedirectUris []string
    RegisteredNodes map[string]string
    RegistrationAccessToken string
    RootUrl string
    Secret string
    ServiceAccountsEnabled bool
    StandardFlowEnabled bool
    SurrogateAuthRequired bool
    WebOrigins []string
    access Map<String,String>
    adminUrl String
    alwaysDisplayInConsole Boolean
    attributes Map<String,String>
    authenticationFlowBindingOverrides Map<String,String>
    authorizationServicesEnabled Boolean
    authorizationSettings Map<String,String>
    baseUrl String
    bearerOnly Boolean
    body String
    clientAuthenticatorType String
    clientId String
    consentRequired String
    defaultClientScopes List<String>
    defaultRoles List<String>
    description String
    directAccessGrantsEnabled Boolean
    enabled Boolean
    frontchannelLogout Boolean
    fullScopeAllowed Boolean
    id String
    The provider-assigned unique ID for this managed resource.
    implicitFlowEnabled Boolean
    name String
    notBefore Integer
    optionalClientScopes List<String>
    origin String
    protocol String
    protocolMappers List<GetClientDescriptionConverterProtocolMapper>
    publicClient Boolean
    realmId String
    redirectUris List<String>
    registeredNodes Map<String,String>
    registrationAccessToken String
    rootUrl String
    secret String
    serviceAccountsEnabled Boolean
    standardFlowEnabled Boolean
    surrogateAuthRequired Boolean
    webOrigins List<String>
    access {[key: string]: string}
    adminUrl string
    alwaysDisplayInConsole boolean
    attributes {[key: string]: string}
    authenticationFlowBindingOverrides {[key: string]: string}
    authorizationServicesEnabled boolean
    authorizationSettings {[key: string]: string}
    baseUrl string
    bearerOnly boolean
    body string
    clientAuthenticatorType string
    clientId string
    consentRequired string
    defaultClientScopes string[]
    defaultRoles string[]
    description string
    directAccessGrantsEnabled boolean
    enabled boolean
    frontchannelLogout boolean
    fullScopeAllowed boolean
    id string
    The provider-assigned unique ID for this managed resource.
    implicitFlowEnabled boolean
    name string
    notBefore number
    optionalClientScopes string[]
    origin string
    protocol string
    protocolMappers GetClientDescriptionConverterProtocolMapper[]
    publicClient boolean
    realmId string
    redirectUris string[]
    registeredNodes {[key: string]: string}
    registrationAccessToken string
    rootUrl string
    secret string
    serviceAccountsEnabled boolean
    standardFlowEnabled boolean
    surrogateAuthRequired boolean
    webOrigins string[]
    access Mapping[str, str]
    admin_url str
    always_display_in_console bool
    attributes Mapping[str, str]
    authentication_flow_binding_overrides Mapping[str, str]
    authorization_services_enabled bool
    authorization_settings Mapping[str, str]
    base_url str
    bearer_only bool
    body str
    client_authenticator_type str
    client_id str
    consent_required str
    default_client_scopes Sequence[str]
    default_roles Sequence[str]
    description str
    direct_access_grants_enabled bool
    enabled bool
    frontchannel_logout bool
    full_scope_allowed bool
    id str
    The provider-assigned unique ID for this managed resource.
    implicit_flow_enabled bool
    name str
    not_before int
    optional_client_scopes Sequence[str]
    origin str
    protocol str
    protocol_mappers Sequence[GetClientDescriptionConverterProtocolMapper]
    public_client bool
    realm_id str
    redirect_uris Sequence[str]
    registered_nodes Mapping[str, str]
    registration_access_token str
    root_url str
    secret str
    service_accounts_enabled bool
    standard_flow_enabled bool
    surrogate_auth_required bool
    web_origins Sequence[str]
    access Map<String>
    adminUrl String
    alwaysDisplayInConsole Boolean
    attributes Map<String>
    authenticationFlowBindingOverrides Map<String>
    authorizationServicesEnabled Boolean
    authorizationSettings Map<String>
    baseUrl String
    bearerOnly Boolean
    body String
    clientAuthenticatorType String
    clientId String
    consentRequired String
    defaultClientScopes List<String>
    defaultRoles List<String>
    description String
    directAccessGrantsEnabled Boolean
    enabled Boolean
    frontchannelLogout Boolean
    fullScopeAllowed Boolean
    id String
    The provider-assigned unique ID for this managed resource.
    implicitFlowEnabled Boolean
    name String
    notBefore Number
    optionalClientScopes List<String>
    origin String
    protocol String
    protocolMappers List<Property Map>
    publicClient Boolean
    realmId String
    redirectUris List<String>
    registeredNodes Map<String>
    registrationAccessToken String
    rootUrl String
    secret String
    serviceAccountsEnabled Boolean
    standardFlowEnabled Boolean
    surrogateAuthRequired Boolean
    webOrigins List<String>

    Supporting Types

    GetClientDescriptionConverterProtocolMapper

    Config Dictionary<string, string>
    Id string
    Name string
    Protocol string
    ProtocolMapper string
    Config map[string]string
    Id string
    Name string
    Protocol string
    ProtocolMapper string
    config Map<String,String>
    id String
    name String
    protocol String
    protocolMapper String
    config {[key: string]: string}
    id string
    name string
    protocol string
    protocolMapper string
    config Mapping[str, str]
    id str
    name str
    protocol str
    protocol_mapper str
    config Map<String>
    id String
    name String
    protocol String
    protocolMapper String

    Package Details

    Repository
    Keycloak pulumi/pulumi-keycloak
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the keycloak Terraform Provider.
    keycloak logo
    Viewing docs for Keycloak v6.10.0
    published on Saturday, Feb 21, 2026 by Pulumi
    Schema (JSON)
    pulumi/pulumi-keycloak
      Try Pulumi Cloud free. Your team will thank you.