keycloak.IdentityProviderTokenExchangeScopePermission
Import
This resource can be imported using the format {{realm_id}}/{{provider_alias}}, where provider_alias is the alias that you assign to the identity provider upon creation. Examplebash
$ pulumi import keycloak:index/identityProviderTokenExchangeScopePermission:IdentityProviderTokenExchangeScopePermission oidc_idp_permission my-realm/myIdp
Example Usage
using System.Collections.Generic;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
var tokenExchangeRealm = new Keycloak.Realm("tokenExchangeRealm", new()
{
RealmName = "token-exchange_destination_realm",
Enabled = true,
});
var tokenExchangeMyOidcIdp = new Keycloak.Oidc.IdentityProvider("tokenExchangeMyOidcIdp", new()
{
Realm = tokenExchangeRealm.Id,
Alias = "myIdp",
AuthorizationUrl = "http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/auth",
TokenUrl = "http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/token",
ClientId = "clientId",
ClientSecret = "secret",
DefaultScopes = "openid",
});
var token_exchangeWebappClient = new Keycloak.OpenId.Client("token-exchangeWebappClient", new()
{
RealmId = tokenExchangeRealm.Id,
ClientId = "webapp_client",
ClientSecret = "secret",
Description = "a webapp client on the destination realm",
AccessType = "CONFIDENTIAL",
StandardFlowEnabled = true,
ValidRedirectUris = new[]
{
"http://localhost:8080/*",
},
});
//relevant part
var oidcIdpPermission = new Keycloak.IdentityProviderTokenExchangeScopePermission("oidcIdpPermission", new()
{
RealmId = tokenExchangeRealm.Id,
ProviderAlias = tokenExchangeMyOidcIdp.Alias,
PolicyType = "client",
Clients = new[]
{
token_exchangeWebappClient.Id,
},
});
});
package main
import (
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/oidc"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/openid"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
tokenExchangeRealm, err := keycloak.NewRealm(ctx, "tokenExchangeRealm", &keycloak.RealmArgs{
Realm: pulumi.String("token-exchange_destination_realm"),
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
tokenExchangeMyOidcIdp, err := oidc.NewIdentityProvider(ctx, "tokenExchangeMyOidcIdp", &oidc.IdentityProviderArgs{
Realm: tokenExchangeRealm.ID(),
Alias: pulumi.String("myIdp"),
AuthorizationUrl: pulumi.String("http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/auth"),
TokenUrl: pulumi.String("http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/token"),
ClientId: pulumi.String("clientId"),
ClientSecret: pulumi.String("secret"),
DefaultScopes: pulumi.String("openid"),
})
if err != nil {
return err
}
_, err = openid.NewClient(ctx, "token-exchangeWebappClient", &openid.ClientArgs{
RealmId: tokenExchangeRealm.ID(),
ClientId: pulumi.String("webapp_client"),
ClientSecret: pulumi.String("secret"),
Description: pulumi.String("a webapp client on the destination realm"),
AccessType: pulumi.String("CONFIDENTIAL"),
StandardFlowEnabled: pulumi.Bool(true),
ValidRedirectUris: pulumi.StringArray{
pulumi.String("http://localhost:8080/*"),
},
})
if err != nil {
return err
}
_, err = keycloak.NewIdentityProviderTokenExchangeScopePermission(ctx, "oidcIdpPermission", &keycloak.IdentityProviderTokenExchangeScopePermissionArgs{
RealmId: tokenExchangeRealm.ID(),
ProviderAlias: tokenExchangeMyOidcIdp.Alias,
PolicyType: pulumi.String("client"),
Clients: pulumi.StringArray{
token_exchangeWebappClient.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.oidc.IdentityProvider;
import com.pulumi.keycloak.oidc.IdentityProviderArgs;
import com.pulumi.keycloak.openid.Client;
import com.pulumi.keycloak.openid.ClientArgs;
import com.pulumi.keycloak.IdentityProviderTokenExchangeScopePermission;
import com.pulumi.keycloak.IdentityProviderTokenExchangeScopePermissionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var tokenExchangeRealm = new Realm("tokenExchangeRealm", RealmArgs.builder()
.realm("token-exchange_destination_realm")
.enabled(true)
.build());
var tokenExchangeMyOidcIdp = new IdentityProvider("tokenExchangeMyOidcIdp", IdentityProviderArgs.builder()
.realm(tokenExchangeRealm.id())
.alias("myIdp")
.authorizationUrl("http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/auth")
.tokenUrl("http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/token")
.clientId("clientId")
.clientSecret("secret")
.defaultScopes("openid")
.build());
var token_exchangeWebappClient = new Client("token-exchangeWebappClient", ClientArgs.builder()
.realmId(tokenExchangeRealm.id())
.clientId("webapp_client")
.clientSecret("secret")
.description("a webapp client on the destination realm")
.accessType("CONFIDENTIAL")
.standardFlowEnabled(true)
.validRedirectUris("http://localhost:8080/*")
.build());
var oidcIdpPermission = new IdentityProviderTokenExchangeScopePermission("oidcIdpPermission", IdentityProviderTokenExchangeScopePermissionArgs.builder()
.realmId(tokenExchangeRealm.id())
.providerAlias(tokenExchangeMyOidcIdp.alias())
.policyType("client")
.clients(token_exchangeWebappClient.id())
.build());
}
}
import pulumi
import pulumi_keycloak as keycloak
token_exchange_realm = keycloak.Realm("tokenExchangeRealm",
realm="token-exchange_destination_realm",
enabled=True)
token_exchange_my_oidc_idp = keycloak.oidc.IdentityProvider("tokenExchangeMyOidcIdp",
realm=token_exchange_realm.id,
alias="myIdp",
authorization_url="http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/auth",
token_url="http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/token",
client_id="clientId",
client_secret="secret",
default_scopes="openid")
token_exchange_webapp_client = keycloak.openid.Client("token-exchangeWebappClient",
realm_id=token_exchange_realm.id,
client_id="webapp_client",
client_secret="secret",
description="a webapp client on the destination realm",
access_type="CONFIDENTIAL",
standard_flow_enabled=True,
valid_redirect_uris=["http://localhost:8080/*"])
#relevant part
oidc_idp_permission = keycloak.IdentityProviderTokenExchangeScopePermission("oidcIdpPermission",
realm_id=token_exchange_realm.id,
provider_alias=token_exchange_my_oidc_idp.alias,
policy_type="client",
clients=[token_exchange_webapp_client.id])
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const tokenExchangeRealm = new keycloak.Realm("tokenExchangeRealm", {
realm: "token-exchange_destination_realm",
enabled: true,
});
const tokenExchangeMyOidcIdp = new keycloak.oidc.IdentityProvider("tokenExchangeMyOidcIdp", {
realm: tokenExchangeRealm.id,
alias: "myIdp",
authorizationUrl: "http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/auth",
tokenUrl: "http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/token",
clientId: "clientId",
clientSecret: "secret",
defaultScopes: "openid",
});
const token_exchangeWebappClient = new keycloak.openid.Client("token-exchangeWebappClient", {
realmId: tokenExchangeRealm.id,
clientId: "webapp_client",
clientSecret: "secret",
description: "a webapp client on the destination realm",
accessType: "CONFIDENTIAL",
standardFlowEnabled: true,
validRedirectUris: ["http://localhost:8080/*"],
});
//relevant part
const oidcIdpPermission = new keycloak.IdentityProviderTokenExchangeScopePermission("oidcIdpPermission", {
realmId: tokenExchangeRealm.id,
providerAlias: tokenExchangeMyOidcIdp.alias,
policyType: "client",
clients: [token_exchangeWebappClient.id],
});
resources:
tokenExchangeRealm:
type: keycloak:Realm
properties:
realm: token-exchange_destination_realm
enabled: true
tokenExchangeMyOidcIdp:
type: keycloak:oidc:IdentityProvider
properties:
realm: ${tokenExchangeRealm.id}
alias: myIdp
authorizationUrl: http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/auth
tokenUrl: http://localhost:8080/auth/realms/someRealm/protocol/openid-connect/token
clientId: clientId
clientSecret: secret
defaultScopes: openid
token-exchangeWebappClient:
type: keycloak:openid:Client
properties:
realmId: ${tokenExchangeRealm.id}
clientId: webapp_client
clientSecret: secret
description: a webapp client on the destination realm
accessType: CONFIDENTIAL
standardFlowEnabled: true
validRedirectUris:
- http://localhost:8080/*
# relevant part
oidcIdpPermission:
type: keycloak:IdentityProviderTokenExchangeScopePermission
properties:
realmId: ${tokenExchangeRealm.id}
providerAlias: ${tokenExchangeMyOidcIdp.alias}
policyType: client
clients:
- ${["token-exchangeWebappClient"].id}
Create IdentityProviderTokenExchangeScopePermission Resource
new IdentityProviderTokenExchangeScopePermission(name: string, args: IdentityProviderTokenExchangeScopePermissionArgs, opts?: CustomResourceOptions);@overload
def IdentityProviderTokenExchangeScopePermission(resource_name: str,
opts: Optional[ResourceOptions] = None,
clients: Optional[Sequence[str]] = None,
policy_type: Optional[str] = None,
provider_alias: Optional[str] = None,
realm_id: Optional[str] = None)
@overload
def IdentityProviderTokenExchangeScopePermission(resource_name: str,
args: IdentityProviderTokenExchangeScopePermissionArgs,
opts: Optional[ResourceOptions] = None)func NewIdentityProviderTokenExchangeScopePermission(ctx *Context, name string, args IdentityProviderTokenExchangeScopePermissionArgs, opts ...ResourceOption) (*IdentityProviderTokenExchangeScopePermission, error)public IdentityProviderTokenExchangeScopePermission(string name, IdentityProviderTokenExchangeScopePermissionArgs args, CustomResourceOptions? opts = null)
public IdentityProviderTokenExchangeScopePermission(String name, IdentityProviderTokenExchangeScopePermissionArgs args)
public IdentityProviderTokenExchangeScopePermission(String name, IdentityProviderTokenExchangeScopePermissionArgs args, CustomResourceOptions options)
type: keycloak:IdentityProviderTokenExchangeScopePermission
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IdentityProviderTokenExchangeScopePermissionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IdentityProviderTokenExchangeScopePermissionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IdentityProviderTokenExchangeScopePermissionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IdentityProviderTokenExchangeScopePermissionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IdentityProviderTokenExchangeScopePermissionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
IdentityProviderTokenExchangeScopePermission Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The IdentityProviderTokenExchangeScopePermission resource accepts the following input properties:
- Clients List<string>
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- Provider
Alias string Alias of the identity provider.
- Realm
Id string The realm that the identity provider exists in.
- Policy
Type string Defaults to "client" This is also the only value policy type supported by this provider.
- Clients []string
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- Provider
Alias string Alias of the identity provider.
- Realm
Id string The realm that the identity provider exists in.
- Policy
Type string Defaults to "client" This is also the only value policy type supported by this provider.
- clients List<String>
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- provider
Alias String Alias of the identity provider.
- realm
Id String The realm that the identity provider exists in.
- policy
Type String Defaults to "client" This is also the only value policy type supported by this provider.
- clients string[]
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- provider
Alias string Alias of the identity provider.
- realm
Id string The realm that the identity provider exists in.
- policy
Type string Defaults to "client" This is also the only value policy type supported by this provider.
- clients Sequence[str]
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- provider_
alias str Alias of the identity provider.
- realm_
id str The realm that the identity provider exists in.
- policy_
type str Defaults to "client" This is also the only value policy type supported by this provider.
- clients List<String>
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- provider
Alias String Alias of the identity provider.
- realm
Id String The realm that the identity provider exists in.
- policy
Type String Defaults to "client" This is also the only value policy type supported by this provider.
Outputs
All input properties are implicitly available as output properties. Additionally, the IdentityProviderTokenExchangeScopePermission resource produces the following output properties:
- string
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- string
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- string
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- Id string
The provider-assigned unique ID for this managed resource.
- Policy
Id string (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- string
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- string
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- string
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- Id string
The provider-assigned unique ID for this managed resource.
- Policy
Id string (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- String
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- String
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- String
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- id String
The provider-assigned unique ID for this managed resource.
- policy
Id String (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- string
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- string
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- string
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- id string
The provider-assigned unique ID for this managed resource.
- policy
Id string (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- str
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- str
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- str
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- id str
The provider-assigned unique ID for this managed resource.
- policy_
id str (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- String
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- String
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- String
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- id String
The provider-assigned unique ID for this managed resource.
- policy
Id String (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
Look up Existing IdentityProviderTokenExchangeScopePermission Resource
Get an existing IdentityProviderTokenExchangeScopePermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IdentityProviderTokenExchangeScopePermissionState, opts?: CustomResourceOptions): IdentityProviderTokenExchangeScopePermission@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authorization_idp_resource_id: Optional[str] = None,
authorization_resource_server_id: Optional[str] = None,
authorization_token_exchange_scope_permission_id: Optional[str] = None,
clients: Optional[Sequence[str]] = None,
policy_id: Optional[str] = None,
policy_type: Optional[str] = None,
provider_alias: Optional[str] = None,
realm_id: Optional[str] = None) -> IdentityProviderTokenExchangeScopePermissionfunc GetIdentityProviderTokenExchangeScopePermission(ctx *Context, name string, id IDInput, state *IdentityProviderTokenExchangeScopePermissionState, opts ...ResourceOption) (*IdentityProviderTokenExchangeScopePermission, error)public static IdentityProviderTokenExchangeScopePermission Get(string name, Input<string> id, IdentityProviderTokenExchangeScopePermissionState? state, CustomResourceOptions? opts = null)public static IdentityProviderTokenExchangeScopePermission get(String name, Output<String> id, IdentityProviderTokenExchangeScopePermissionState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- string
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- string
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- string
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- Clients List<string>
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- Policy
Id string (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- Policy
Type string Defaults to "client" This is also the only value policy type supported by this provider.
- Provider
Alias string Alias of the identity provider.
- Realm
Id string The realm that the identity provider exists in.
- string
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- string
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- string
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- Clients []string
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- Policy
Id string (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- Policy
Type string Defaults to "client" This is also the only value policy type supported by this provider.
- Provider
Alias string Alias of the identity provider.
- Realm
Id string The realm that the identity provider exists in.
- String
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- String
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- String
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- clients List<String>
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- policy
Id String (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- policy
Type String Defaults to "client" This is also the only value policy type supported by this provider.
- provider
Alias String Alias of the identity provider.
- realm
Id String The realm that the identity provider exists in.
- string
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- string
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- string
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- clients string[]
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- policy
Id string (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- policy
Type string Defaults to "client" This is also the only value policy type supported by this provider.
- provider
Alias string Alias of the identity provider.
- realm
Id string The realm that the identity provider exists in.
- str
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- str
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- str
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- clients Sequence[str]
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- policy_
id str (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- policy_
type str Defaults to "client" This is also the only value policy type supported by this provider.
- provider_
alias str Alias of the identity provider.
- realm_
id str The realm that the identity provider exists in.
- String
(Computed) Resource ID representing the identity provider, this automatically created by keycloak.
- String
(Computed) Resource server ID representing the realm management client on which this permission is managed.
- String
(Computed) Permission ID representing the Permission with scope 'Token Exchange' and the resource 'authorization_idp_resource_id', this automatically created by keycloak, the policy ID will be set on this permission.
- clients List<String>
A list of IDs of the clients for which a policy will be created and set on scope based token exchange permission.
- policy
Id String (Computed) Policy ID that will be set on the scope based token exchange permission automatically created by enabling permissions on the reference identity provider.
- policy
Type String Defaults to "client" This is also the only value policy type supported by this provider.
- provider
Alias String Alias of the identity provider.
- realm
Id String The realm that the identity provider exists in.
Package Details
- Repository
- Keycloak pulumi/pulumi-keycloak
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
keycloakTerraform Provider.