1. Packages
  2. Keycloak Provider
  3. API Docs
  4. openid
  5. HardcodedRoleProtocolMapper
Keycloak v6.1.0 published on Friday, Jan 17, 2025 by Pulumi

keycloak.openid.HardcodedRoleProtocolMapper

Explore with Pulumi AI

keycloak logo
Keycloak v6.1.0 published on Friday, Jan 17, 2025 by Pulumi

    Allows for creating and managing hardcoded role protocol mappers within Keycloak.

    Hardcoded role protocol mappers allow you to specify a single role to always map to an access token for a client.

    Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.

    Example Usage

    Client)

    import * as pulumi from "@pulumi/pulumi";
    import * as keycloak from "@pulumi/keycloak";
    
    const realm = new keycloak.Realm("realm", {
        realm: "my-realm",
        enabled: true,
    });
    const role = new keycloak.Role("role", {
        realmId: realm.id,
        name: "my-role",
    });
    const openidClient = new keycloak.openid.Client("openid_client", {
        realmId: realm.id,
        clientId: "client",
        name: "client",
        enabled: true,
        accessType: "CONFIDENTIAL",
        validRedirectUris: ["http://localhost:8080/openid-callback"],
    });
    const hardcodedRoleMapper = new keycloak.openid.HardcodedRoleProtocolMapper("hardcoded_role_mapper", {
        realmId: realm.id,
        clientId: openidClient.id,
        name: "hardcoded-role-mapper",
        roleId: role.id,
    });
    
    import pulumi
    import pulumi_keycloak as keycloak
    
    realm = keycloak.Realm("realm",
        realm="my-realm",
        enabled=True)
    role = keycloak.Role("role",
        realm_id=realm.id,
        name="my-role")
    openid_client = keycloak.openid.Client("openid_client",
        realm_id=realm.id,
        client_id="client",
        name="client",
        enabled=True,
        access_type="CONFIDENTIAL",
        valid_redirect_uris=["http://localhost:8080/openid-callback"])
    hardcoded_role_mapper = keycloak.openid.HardcodedRoleProtocolMapper("hardcoded_role_mapper",
        realm_id=realm.id,
        client_id=openid_client.id,
        name="hardcoded-role-mapper",
        role_id=role.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
    	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak/openid"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
    			Realm:   pulumi.String("my-realm"),
    			Enabled: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		role, err := keycloak.NewRole(ctx, "role", &keycloak.RoleArgs{
    			RealmId: realm.ID(),
    			Name:    pulumi.String("my-role"),
    		})
    		if err != nil {
    			return err
    		}
    		openidClient, err := openid.NewClient(ctx, "openid_client", &openid.ClientArgs{
    			RealmId:    realm.ID(),
    			ClientId:   pulumi.String("client"),
    			Name:       pulumi.String("client"),
    			Enabled:    pulumi.Bool(true),
    			AccessType: pulumi.String("CONFIDENTIAL"),
    			ValidRedirectUris: pulumi.StringArray{
    				pulumi.String("http://localhost:8080/openid-callback"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = openid.NewHardcodedRoleProtocolMapper(ctx, "hardcoded_role_mapper", &openid.HardcodedRoleProtocolMapperArgs{
    			RealmId:  realm.ID(),
    			ClientId: openidClient.ID(),
    			Name:     pulumi.String("hardcoded-role-mapper"),
    			RoleId:   role.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Keycloak = Pulumi.Keycloak;
    
    return await Deployment.RunAsync(() => 
    {
        var realm = new Keycloak.Realm("realm", new()
        {
            RealmName = "my-realm",
            Enabled = true,
        });
    
        var role = new Keycloak.Role("role", new()
        {
            RealmId = realm.Id,
            Name = "my-role",
        });
    
        var openidClient = new Keycloak.OpenId.Client("openid_client", new()
        {
            RealmId = realm.Id,
            ClientId = "client",
            Name = "client",
            Enabled = true,
            AccessType = "CONFIDENTIAL",
            ValidRedirectUris = new[]
            {
                "http://localhost:8080/openid-callback",
            },
        });
    
        var hardcodedRoleMapper = new Keycloak.OpenId.HardcodedRoleProtocolMapper("hardcoded_role_mapper", new()
        {
            RealmId = realm.Id,
            ClientId = openidClient.Id,
            Name = "hardcoded-role-mapper",
            RoleId = role.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.keycloak.Realm;
    import com.pulumi.keycloak.RealmArgs;
    import com.pulumi.keycloak.Role;
    import com.pulumi.keycloak.RoleArgs;
    import com.pulumi.keycloak.openid.Client;
    import com.pulumi.keycloak.openid.ClientArgs;
    import com.pulumi.keycloak.openid.HardcodedRoleProtocolMapper;
    import com.pulumi.keycloak.openid.HardcodedRoleProtocolMapperArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var realm = new Realm("realm", RealmArgs.builder()
                .realm("my-realm")
                .enabled(true)
                .build());
    
            var role = new Role("role", RoleArgs.builder()
                .realmId(realm.id())
                .name("my-role")
                .build());
    
            var openidClient = new Client("openidClient", ClientArgs.builder()
                .realmId(realm.id())
                .clientId("client")
                .name("client")
                .enabled(true)
                .accessType("CONFIDENTIAL")
                .validRedirectUris("http://localhost:8080/openid-callback")
                .build());
    
            var hardcodedRoleMapper = new HardcodedRoleProtocolMapper("hardcodedRoleMapper", HardcodedRoleProtocolMapperArgs.builder()
                .realmId(realm.id())
                .clientId(openidClient.id())
                .name("hardcoded-role-mapper")
                .roleId(role.id())
                .build());
    
        }
    }
    
    resources:
      realm:
        type: keycloak:Realm
        properties:
          realm: my-realm
          enabled: true
      role:
        type: keycloak:Role
        properties:
          realmId: ${realm.id}
          name: my-role
      openidClient:
        type: keycloak:openid:Client
        name: openid_client
        properties:
          realmId: ${realm.id}
          clientId: client
          name: client
          enabled: true
          accessType: CONFIDENTIAL
          validRedirectUris:
            - http://localhost:8080/openid-callback
      hardcodedRoleMapper:
        type: keycloak:openid:HardcodedRoleProtocolMapper
        name: hardcoded_role_mapper
        properties:
          realmId: ${realm.id}
          clientId: ${openidClient.id}
          name: hardcoded-role-mapper
          roleId: ${role.id}
    

    Client Scope)

    import * as pulumi from "@pulumi/pulumi";
    import * as keycloak from "@pulumi/keycloak";
    
    const realm = new keycloak.Realm("realm", {
        realm: "my-realm",
        enabled: true,
    });
    const role = new keycloak.Role("role", {
        realmId: realm.id,
        name: "my-role",
    });
    const clientScope = new keycloak.openid.ClientScope("client_scope", {
        realmId: realm.id,
        name: "client-scope",
    });
    const hardcodedRoleMapper = new keycloak.openid.HardcodedRoleProtocolMapper("hardcoded_role_mapper", {
        realmId: realm.id,
        clientScopeId: clientScope.id,
        name: "hardcoded-role-mapper",
        roleId: role.id,
    });
    
    import pulumi
    import pulumi_keycloak as keycloak
    
    realm = keycloak.Realm("realm",
        realm="my-realm",
        enabled=True)
    role = keycloak.Role("role",
        realm_id=realm.id,
        name="my-role")
    client_scope = keycloak.openid.ClientScope("client_scope",
        realm_id=realm.id,
        name="client-scope")
    hardcoded_role_mapper = keycloak.openid.HardcodedRoleProtocolMapper("hardcoded_role_mapper",
        realm_id=realm.id,
        client_scope_id=client_scope.id,
        name="hardcoded-role-mapper",
        role_id=role.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
    	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak/openid"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
    			Realm:   pulumi.String("my-realm"),
    			Enabled: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		role, err := keycloak.NewRole(ctx, "role", &keycloak.RoleArgs{
    			RealmId: realm.ID(),
    			Name:    pulumi.String("my-role"),
    		})
    		if err != nil {
    			return err
    		}
    		clientScope, err := openid.NewClientScope(ctx, "client_scope", &openid.ClientScopeArgs{
    			RealmId: realm.ID(),
    			Name:    pulumi.String("client-scope"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = openid.NewHardcodedRoleProtocolMapper(ctx, "hardcoded_role_mapper", &openid.HardcodedRoleProtocolMapperArgs{
    			RealmId:       realm.ID(),
    			ClientScopeId: clientScope.ID(),
    			Name:          pulumi.String("hardcoded-role-mapper"),
    			RoleId:        role.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Keycloak = Pulumi.Keycloak;
    
    return await Deployment.RunAsync(() => 
    {
        var realm = new Keycloak.Realm("realm", new()
        {
            RealmName = "my-realm",
            Enabled = true,
        });
    
        var role = new Keycloak.Role("role", new()
        {
            RealmId = realm.Id,
            Name = "my-role",
        });
    
        var clientScope = new Keycloak.OpenId.ClientScope("client_scope", new()
        {
            RealmId = realm.Id,
            Name = "client-scope",
        });
    
        var hardcodedRoleMapper = new Keycloak.OpenId.HardcodedRoleProtocolMapper("hardcoded_role_mapper", new()
        {
            RealmId = realm.Id,
            ClientScopeId = clientScope.Id,
            Name = "hardcoded-role-mapper",
            RoleId = role.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.keycloak.Realm;
    import com.pulumi.keycloak.RealmArgs;
    import com.pulumi.keycloak.Role;
    import com.pulumi.keycloak.RoleArgs;
    import com.pulumi.keycloak.openid.ClientScope;
    import com.pulumi.keycloak.openid.ClientScopeArgs;
    import com.pulumi.keycloak.openid.HardcodedRoleProtocolMapper;
    import com.pulumi.keycloak.openid.HardcodedRoleProtocolMapperArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var realm = new Realm("realm", RealmArgs.builder()
                .realm("my-realm")
                .enabled(true)
                .build());
    
            var role = new Role("role", RoleArgs.builder()
                .realmId(realm.id())
                .name("my-role")
                .build());
    
            var clientScope = new ClientScope("clientScope", ClientScopeArgs.builder()
                .realmId(realm.id())
                .name("client-scope")
                .build());
    
            var hardcodedRoleMapper = new HardcodedRoleProtocolMapper("hardcodedRoleMapper", HardcodedRoleProtocolMapperArgs.builder()
                .realmId(realm.id())
                .clientScopeId(clientScope.id())
                .name("hardcoded-role-mapper")
                .roleId(role.id())
                .build());
    
        }
    }
    
    resources:
      realm:
        type: keycloak:Realm
        properties:
          realm: my-realm
          enabled: true
      role:
        type: keycloak:Role
        properties:
          realmId: ${realm.id}
          name: my-role
      clientScope:
        type: keycloak:openid:ClientScope
        name: client_scope
        properties:
          realmId: ${realm.id}
          name: client-scope
      hardcodedRoleMapper:
        type: keycloak:openid:HardcodedRoleProtocolMapper
        name: hardcoded_role_mapper
        properties:
          realmId: ${realm.id}
          clientScopeId: ${clientScope.id}
          name: hardcoded-role-mapper
          roleId: ${role.id}
    

    Create HardcodedRoleProtocolMapper Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new HardcodedRoleProtocolMapper(name: string, args: HardcodedRoleProtocolMapperArgs, opts?: CustomResourceOptions);
    @overload
    def HardcodedRoleProtocolMapper(resource_name: str,
                                    args: HardcodedRoleProtocolMapperArgs,
                                    opts: Optional[ResourceOptions] = None)
    
    @overload
    def HardcodedRoleProtocolMapper(resource_name: str,
                                    opts: Optional[ResourceOptions] = None,
                                    realm_id: Optional[str] = None,
                                    role_id: Optional[str] = None,
                                    client_id: Optional[str] = None,
                                    client_scope_id: Optional[str] = None,
                                    name: Optional[str] = None)
    func NewHardcodedRoleProtocolMapper(ctx *Context, name string, args HardcodedRoleProtocolMapperArgs, opts ...ResourceOption) (*HardcodedRoleProtocolMapper, error)
    public HardcodedRoleProtocolMapper(string name, HardcodedRoleProtocolMapperArgs args, CustomResourceOptions? opts = null)
    public HardcodedRoleProtocolMapper(String name, HardcodedRoleProtocolMapperArgs args)
    public HardcodedRoleProtocolMapper(String name, HardcodedRoleProtocolMapperArgs args, CustomResourceOptions options)
    
    type: keycloak:openid:HardcodedRoleProtocolMapper
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args HardcodedRoleProtocolMapperArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args HardcodedRoleProtocolMapperArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args HardcodedRoleProtocolMapperArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args HardcodedRoleProtocolMapperArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args HardcodedRoleProtocolMapperArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var hardcodedRoleProtocolMapperResource = new Keycloak.OpenId.HardcodedRoleProtocolMapper("hardcodedRoleProtocolMapperResource", new()
    {
        RealmId = "string",
        RoleId = "string",
        ClientId = "string",
        ClientScopeId = "string",
        Name = "string",
    });
    
    example, err := openid.NewHardcodedRoleProtocolMapper(ctx, "hardcodedRoleProtocolMapperResource", &openid.HardcodedRoleProtocolMapperArgs{
    	RealmId:       pulumi.String("string"),
    	RoleId:        pulumi.String("string"),
    	ClientId:      pulumi.String("string"),
    	ClientScopeId: pulumi.String("string"),
    	Name:          pulumi.String("string"),
    })
    
    var hardcodedRoleProtocolMapperResource = new HardcodedRoleProtocolMapper("hardcodedRoleProtocolMapperResource", HardcodedRoleProtocolMapperArgs.builder()
        .realmId("string")
        .roleId("string")
        .clientId("string")
        .clientScopeId("string")
        .name("string")
        .build());
    
    hardcoded_role_protocol_mapper_resource = keycloak.openid.HardcodedRoleProtocolMapper("hardcodedRoleProtocolMapperResource",
        realm_id="string",
        role_id="string",
        client_id="string",
        client_scope_id="string",
        name="string")
    
    const hardcodedRoleProtocolMapperResource = new keycloak.openid.HardcodedRoleProtocolMapper("hardcodedRoleProtocolMapperResource", {
        realmId: "string",
        roleId: "string",
        clientId: "string",
        clientScopeId: "string",
        name: "string",
    });
    
    type: keycloak:openid:HardcodedRoleProtocolMapper
    properties:
        clientId: string
        clientScopeId: string
        name: string
        realmId: string
        roleId: string
    

    HardcodedRoleProtocolMapper Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The HardcodedRoleProtocolMapper resource accepts the following input properties:

    RealmId string
    The realm this protocol mapper exists within.
    RoleId string
    The ID of the role to map to an access token.
    ClientId string
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    ClientScopeId string
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    Name string
    The display name of this protocol mapper in the GUI.
    RealmId string
    The realm this protocol mapper exists within.
    RoleId string
    The ID of the role to map to an access token.
    ClientId string
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    ClientScopeId string
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    Name string
    The display name of this protocol mapper in the GUI.
    realmId String
    The realm this protocol mapper exists within.
    roleId String
    The ID of the role to map to an access token.
    clientId String
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    clientScopeId String
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    name String
    The display name of this protocol mapper in the GUI.
    realmId string
    The realm this protocol mapper exists within.
    roleId string
    The ID of the role to map to an access token.
    clientId string
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    clientScopeId string
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    name string
    The display name of this protocol mapper in the GUI.
    realm_id str
    The realm this protocol mapper exists within.
    role_id str
    The ID of the role to map to an access token.
    client_id str
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    client_scope_id str
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    name str
    The display name of this protocol mapper in the GUI.
    realmId String
    The realm this protocol mapper exists within.
    roleId String
    The ID of the role to map to an access token.
    clientId String
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    clientScopeId String
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    name String
    The display name of this protocol mapper in the GUI.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the HardcodedRoleProtocolMapper resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing HardcodedRoleProtocolMapper Resource

    Get an existing HardcodedRoleProtocolMapper resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: HardcodedRoleProtocolMapperState, opts?: CustomResourceOptions): HardcodedRoleProtocolMapper
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            client_id: Optional[str] = None,
            client_scope_id: Optional[str] = None,
            name: Optional[str] = None,
            realm_id: Optional[str] = None,
            role_id: Optional[str] = None) -> HardcodedRoleProtocolMapper
    func GetHardcodedRoleProtocolMapper(ctx *Context, name string, id IDInput, state *HardcodedRoleProtocolMapperState, opts ...ResourceOption) (*HardcodedRoleProtocolMapper, error)
    public static HardcodedRoleProtocolMapper Get(string name, Input<string> id, HardcodedRoleProtocolMapperState? state, CustomResourceOptions? opts = null)
    public static HardcodedRoleProtocolMapper get(String name, Output<String> id, HardcodedRoleProtocolMapperState state, CustomResourceOptions options)
    resources:  _:    type: keycloak:openid:HardcodedRoleProtocolMapper    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ClientId string
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    ClientScopeId string
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    Name string
    The display name of this protocol mapper in the GUI.
    RealmId string
    The realm this protocol mapper exists within.
    RoleId string
    The ID of the role to map to an access token.
    ClientId string
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    ClientScopeId string
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    Name string
    The display name of this protocol mapper in the GUI.
    RealmId string
    The realm this protocol mapper exists within.
    RoleId string
    The ID of the role to map to an access token.
    clientId String
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    clientScopeId String
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    name String
    The display name of this protocol mapper in the GUI.
    realmId String
    The realm this protocol mapper exists within.
    roleId String
    The ID of the role to map to an access token.
    clientId string
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    clientScopeId string
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    name string
    The display name of this protocol mapper in the GUI.
    realmId string
    The realm this protocol mapper exists within.
    roleId string
    The ID of the role to map to an access token.
    client_id str
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    client_scope_id str
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    name str
    The display name of this protocol mapper in the GUI.
    realm_id str
    The realm this protocol mapper exists within.
    role_id str
    The ID of the role to map to an access token.
    clientId String
    The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.
    clientScopeId String
    The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.
    name String
    The display name of this protocol mapper in the GUI.
    realmId String
    The realm this protocol mapper exists within.
    roleId String
    The ID of the role to map to an access token.

    Import

    Protocol mappers can be imported using one of the following formats:

    • Client: {{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}

    • Client Scope: {{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}}

    Example:

    bash

    $ pulumi import keycloak:openid/hardcodedRoleProtocolMapper:HardcodedRoleProtocolMapper hardcoded_role_mapper my-realm/client/a7202154-8793-4656-b655-1dd18c181e14/71602afa-f7d1-4788-8c49-ef8fd00af0f4
    
    $ pulumi import keycloak:openid/hardcodedRoleProtocolMapper:HardcodedRoleProtocolMapper hardcoded_role_mapper my-realm/client-scope/b799ea7e-73ee-4a73-990a-1eafebe8e20a/71602afa-f7d1-4788-8c49-ef8fd00af0f4
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Keycloak pulumi/pulumi-keycloak
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the keycloak Terraform Provider.
    keycloak logo
    Keycloak v6.1.0 published on Friday, Jan 17, 2025 by Pulumi