1. Packages
  2. Keycloak
  3. API Docs
  4. saml
  5. Client
Keycloak v5.3.2 published on Friday, May 10, 2024 by Pulumi

keycloak.saml.Client

Explore with Pulumi AI

keycloak logo
Keycloak v5.3.2 published on Friday, May 10, 2024 by Pulumi

    # keycloak.saml.Client

    Allows for creating and managing Keycloak clients that use the SAML protocol.

    Clients are entities that can use Keycloak for user authentication. Typically, clients are applications that redirect users to Keycloak for authentication in order to take advantage of Keycloak’s user sessions for SSO.

    Import

    Clients can be imported using the format {{realm_id}}/{{client_keycloak_id}}, where client_keycloak_id is the unique ID that Keycloak assigns to the client upon creation. This value can be found in the URI when editing this client in the GUI, and is typically a GUID.

    Example:

    $ terraform import keycloak_saml_client.saml_client my-realm/dcbc4c73-e478-4928-ae2e-d5e420223352
    

    Create Client Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Client(name: string, args: ClientArgs, opts?: CustomResourceOptions);
    @overload
    def Client(resource_name: str,
               args: ClientArgs,
               opts: Optional[ResourceOptions] = None)
    
    @overload
    def Client(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               client_id: Optional[str] = None,
               realm_id: Optional[str] = None,
               idp_initiated_sso_relay_state: Optional[str] = None,
               signing_certificate: Optional[str] = None,
               canonicalization_method: Optional[str] = None,
               authentication_flow_binding_overrides: Optional[ClientAuthenticationFlowBindingOverridesArgs] = None,
               client_signature_required: Optional[bool] = None,
               description: Optional[str] = None,
               include_authn_statement: Optional[bool] = None,
               encrypt_assertions: Optional[bool] = None,
               encryption_certificate: Optional[str] = None,
               extra_config: Optional[Mapping[str, Any]] = None,
               force_name_id_format: Optional[bool] = None,
               force_post_binding: Optional[bool] = None,
               front_channel_logout: Optional[bool] = None,
               full_scope_allowed: Optional[bool] = None,
               valid_redirect_uris: Optional[Sequence[str]] = None,
               base_url: Optional[str] = None,
               enabled: Optional[bool] = None,
               login_theme: Optional[str] = None,
               logout_service_post_binding_url: Optional[str] = None,
               logout_service_redirect_binding_url: Optional[str] = None,
               master_saml_processing_url: Optional[str] = None,
               name: Optional[str] = None,
               name_id_format: Optional[str] = None,
               assertion_consumer_redirect_url: Optional[str] = None,
               root_url: Optional[str] = None,
               sign_assertions: Optional[bool] = None,
               sign_documents: Optional[bool] = None,
               signature_algorithm: Optional[str] = None,
               signature_key_name: Optional[str] = None,
               idp_initiated_sso_url_name: Optional[str] = None,
               signing_private_key: Optional[str] = None,
               assertion_consumer_post_url: Optional[str] = None)
    func NewClient(ctx *Context, name string, args ClientArgs, opts ...ResourceOption) (*Client, error)
    public Client(string name, ClientArgs args, CustomResourceOptions? opts = null)
    public Client(String name, ClientArgs args)
    public Client(String name, ClientArgs args, CustomResourceOptions options)
    
    type: keycloak:saml:Client
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ClientArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ClientArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ClientArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ClientArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ClientArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var keycloakClientResource = new Keycloak.Saml.Client("keycloakClientResource", new()
    {
        ClientId = "string",
        RealmId = "string",
        IdpInitiatedSsoRelayState = "string",
        SigningCertificate = "string",
        CanonicalizationMethod = "string",
        AuthenticationFlowBindingOverrides = new Keycloak.Saml.Inputs.ClientAuthenticationFlowBindingOverridesArgs
        {
            BrowserId = "string",
            DirectGrantId = "string",
        },
        ClientSignatureRequired = false,
        Description = "string",
        IncludeAuthnStatement = false,
        EncryptAssertions = false,
        EncryptionCertificate = "string",
        ExtraConfig = 
        {
            { "string", "any" },
        },
        ForceNameIdFormat = false,
        ForcePostBinding = false,
        FrontChannelLogout = false,
        FullScopeAllowed = false,
        ValidRedirectUris = new[]
        {
            "string",
        },
        BaseUrl = "string",
        Enabled = false,
        LoginTheme = "string",
        LogoutServicePostBindingUrl = "string",
        LogoutServiceRedirectBindingUrl = "string",
        MasterSamlProcessingUrl = "string",
        Name = "string",
        NameIdFormat = "string",
        AssertionConsumerRedirectUrl = "string",
        RootUrl = "string",
        SignAssertions = false,
        SignDocuments = false,
        SignatureAlgorithm = "string",
        SignatureKeyName = "string",
        IdpInitiatedSsoUrlName = "string",
        SigningPrivateKey = "string",
        AssertionConsumerPostUrl = "string",
    });
    
    example, err := saml.NewClient(ctx, "keycloakClientResource", &saml.ClientArgs{
    	ClientId:                  pulumi.String("string"),
    	RealmId:                   pulumi.String("string"),
    	IdpInitiatedSsoRelayState: pulumi.String("string"),
    	SigningCertificate:        pulumi.String("string"),
    	CanonicalizationMethod:    pulumi.String("string"),
    	AuthenticationFlowBindingOverrides: &saml.ClientAuthenticationFlowBindingOverridesArgs{
    		BrowserId:     pulumi.String("string"),
    		DirectGrantId: pulumi.String("string"),
    	},
    	ClientSignatureRequired: pulumi.Bool(false),
    	Description:             pulumi.String("string"),
    	IncludeAuthnStatement:   pulumi.Bool(false),
    	EncryptAssertions:       pulumi.Bool(false),
    	EncryptionCertificate:   pulumi.String("string"),
    	ExtraConfig: pulumi.Map{
    		"string": pulumi.Any("any"),
    	},
    	ForceNameIdFormat:  pulumi.Bool(false),
    	ForcePostBinding:   pulumi.Bool(false),
    	FrontChannelLogout: pulumi.Bool(false),
    	FullScopeAllowed:   pulumi.Bool(false),
    	ValidRedirectUris: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	BaseUrl:                         pulumi.String("string"),
    	Enabled:                         pulumi.Bool(false),
    	LoginTheme:                      pulumi.String("string"),
    	LogoutServicePostBindingUrl:     pulumi.String("string"),
    	LogoutServiceRedirectBindingUrl: pulumi.String("string"),
    	MasterSamlProcessingUrl:         pulumi.String("string"),
    	Name:                            pulumi.String("string"),
    	NameIdFormat:                    pulumi.String("string"),
    	AssertionConsumerRedirectUrl:    pulumi.String("string"),
    	RootUrl:                         pulumi.String("string"),
    	SignAssertions:                  pulumi.Bool(false),
    	SignDocuments:                   pulumi.Bool(false),
    	SignatureAlgorithm:              pulumi.String("string"),
    	SignatureKeyName:                pulumi.String("string"),
    	IdpInitiatedSsoUrlName:          pulumi.String("string"),
    	SigningPrivateKey:               pulumi.String("string"),
    	AssertionConsumerPostUrl:        pulumi.String("string"),
    })
    
    var keycloakClientResource = new Client("keycloakClientResource", ClientArgs.builder()
        .clientId("string")
        .realmId("string")
        .idpInitiatedSsoRelayState("string")
        .signingCertificate("string")
        .canonicalizationMethod("string")
        .authenticationFlowBindingOverrides(ClientAuthenticationFlowBindingOverridesArgs.builder()
            .browserId("string")
            .directGrantId("string")
            .build())
        .clientSignatureRequired(false)
        .description("string")
        .includeAuthnStatement(false)
        .encryptAssertions(false)
        .encryptionCertificate("string")
        .extraConfig(Map.of("string", "any"))
        .forceNameIdFormat(false)
        .forcePostBinding(false)
        .frontChannelLogout(false)
        .fullScopeAllowed(false)
        .validRedirectUris("string")
        .baseUrl("string")
        .enabled(false)
        .loginTheme("string")
        .logoutServicePostBindingUrl("string")
        .logoutServiceRedirectBindingUrl("string")
        .masterSamlProcessingUrl("string")
        .name("string")
        .nameIdFormat("string")
        .assertionConsumerRedirectUrl("string")
        .rootUrl("string")
        .signAssertions(false)
        .signDocuments(false)
        .signatureAlgorithm("string")
        .signatureKeyName("string")
        .idpInitiatedSsoUrlName("string")
        .signingPrivateKey("string")
        .assertionConsumerPostUrl("string")
        .build());
    
    keycloak_client_resource = keycloak.saml.Client("keycloakClientResource",
        client_id="string",
        realm_id="string",
        idp_initiated_sso_relay_state="string",
        signing_certificate="string",
        canonicalization_method="string",
        authentication_flow_binding_overrides=keycloak.saml.ClientAuthenticationFlowBindingOverridesArgs(
            browser_id="string",
            direct_grant_id="string",
        ),
        client_signature_required=False,
        description="string",
        include_authn_statement=False,
        encrypt_assertions=False,
        encryption_certificate="string",
        extra_config={
            "string": "any",
        },
        force_name_id_format=False,
        force_post_binding=False,
        front_channel_logout=False,
        full_scope_allowed=False,
        valid_redirect_uris=["string"],
        base_url="string",
        enabled=False,
        login_theme="string",
        logout_service_post_binding_url="string",
        logout_service_redirect_binding_url="string",
        master_saml_processing_url="string",
        name="string",
        name_id_format="string",
        assertion_consumer_redirect_url="string",
        root_url="string",
        sign_assertions=False,
        sign_documents=False,
        signature_algorithm="string",
        signature_key_name="string",
        idp_initiated_sso_url_name="string",
        signing_private_key="string",
        assertion_consumer_post_url="string")
    
    const keycloakClientResource = new keycloak.saml.Client("keycloakClientResource", {
        clientId: "string",
        realmId: "string",
        idpInitiatedSsoRelayState: "string",
        signingCertificate: "string",
        canonicalizationMethod: "string",
        authenticationFlowBindingOverrides: {
            browserId: "string",
            directGrantId: "string",
        },
        clientSignatureRequired: false,
        description: "string",
        includeAuthnStatement: false,
        encryptAssertions: false,
        encryptionCertificate: "string",
        extraConfig: {
            string: "any",
        },
        forceNameIdFormat: false,
        forcePostBinding: false,
        frontChannelLogout: false,
        fullScopeAllowed: false,
        validRedirectUris: ["string"],
        baseUrl: "string",
        enabled: false,
        loginTheme: "string",
        logoutServicePostBindingUrl: "string",
        logoutServiceRedirectBindingUrl: "string",
        masterSamlProcessingUrl: "string",
        name: "string",
        nameIdFormat: "string",
        assertionConsumerRedirectUrl: "string",
        rootUrl: "string",
        signAssertions: false,
        signDocuments: false,
        signatureAlgorithm: "string",
        signatureKeyName: "string",
        idpInitiatedSsoUrlName: "string",
        signingPrivateKey: "string",
        assertionConsumerPostUrl: "string",
    });
    
    type: keycloak:saml:Client
    properties:
        assertionConsumerPostUrl: string
        assertionConsumerRedirectUrl: string
        authenticationFlowBindingOverrides:
            browserId: string
            directGrantId: string
        baseUrl: string
        canonicalizationMethod: string
        clientId: string
        clientSignatureRequired: false
        description: string
        enabled: false
        encryptAssertions: false
        encryptionCertificate: string
        extraConfig:
            string: any
        forceNameIdFormat: false
        forcePostBinding: false
        frontChannelLogout: false
        fullScopeAllowed: false
        idpInitiatedSsoRelayState: string
        idpInitiatedSsoUrlName: string
        includeAuthnStatement: false
        loginTheme: string
        logoutServicePostBindingUrl: string
        logoutServiceRedirectBindingUrl: string
        masterSamlProcessingUrl: string
        name: string
        nameIdFormat: string
        realmId: string
        rootUrl: string
        signAssertions: false
        signDocuments: false
        signatureAlgorithm: string
        signatureKeyName: string
        signingCertificate: string
        signingPrivateKey: string
        validRedirectUris:
            - string
    

    Client Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Client resource accepts the following input properties:

    ClientId string
    RealmId string
    AssertionConsumerPostUrl string
    AssertionConsumerRedirectUrl string
    AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverrides
    BaseUrl string
    CanonicalizationMethod string
    ClientSignatureRequired bool
    Description string
    Enabled bool
    EncryptAssertions bool
    EncryptionCertificate string
    ExtraConfig Dictionary<string, object>
    ForceNameIdFormat bool
    ForcePostBinding bool
    FrontChannelLogout bool
    FullScopeAllowed bool
    IdpInitiatedSsoRelayState string
    IdpInitiatedSsoUrlName string
    IncludeAuthnStatement bool
    LoginTheme string
    LogoutServicePostBindingUrl string
    LogoutServiceRedirectBindingUrl string
    MasterSamlProcessingUrl string
    Name string
    NameIdFormat string
    RootUrl string
    SignAssertions bool
    SignDocuments bool
    SignatureAlgorithm string
    SignatureKeyName string
    SigningCertificate string
    SigningPrivateKey string
    ValidRedirectUris List<string>
    ClientId string
    RealmId string
    AssertionConsumerPostUrl string
    AssertionConsumerRedirectUrl string
    AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverridesArgs
    BaseUrl string
    CanonicalizationMethod string
    ClientSignatureRequired bool
    Description string
    Enabled bool
    EncryptAssertions bool
    EncryptionCertificate string
    ExtraConfig map[string]interface{}
    ForceNameIdFormat bool
    ForcePostBinding bool
    FrontChannelLogout bool
    FullScopeAllowed bool
    IdpInitiatedSsoRelayState string
    IdpInitiatedSsoUrlName string
    IncludeAuthnStatement bool
    LoginTheme string
    LogoutServicePostBindingUrl string
    LogoutServiceRedirectBindingUrl string
    MasterSamlProcessingUrl string
    Name string
    NameIdFormat string
    RootUrl string
    SignAssertions bool
    SignDocuments bool
    SignatureAlgorithm string
    SignatureKeyName string
    SigningCertificate string
    SigningPrivateKey string
    ValidRedirectUris []string
    clientId String
    realmId String
    assertionConsumerPostUrl String
    assertionConsumerRedirectUrl String
    authenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverrides
    baseUrl String
    canonicalizationMethod String
    clientSignatureRequired Boolean
    description String
    enabled Boolean
    encryptAssertions Boolean
    encryptionCertificate String
    extraConfig Map<String,Object>
    forceNameIdFormat Boolean
    forcePostBinding Boolean
    frontChannelLogout Boolean
    fullScopeAllowed Boolean
    idpInitiatedSsoRelayState String
    idpInitiatedSsoUrlName String
    includeAuthnStatement Boolean
    loginTheme String
    logoutServicePostBindingUrl String
    logoutServiceRedirectBindingUrl String
    masterSamlProcessingUrl String
    name String
    nameIdFormat String
    rootUrl String
    signAssertions Boolean
    signDocuments Boolean
    signatureAlgorithm String
    signatureKeyName String
    signingCertificate String
    signingPrivateKey String
    validRedirectUris List<String>
    clientId string
    realmId string
    assertionConsumerPostUrl string
    assertionConsumerRedirectUrl string
    authenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverrides
    baseUrl string
    canonicalizationMethod string
    clientSignatureRequired boolean
    description string
    enabled boolean
    encryptAssertions boolean
    encryptionCertificate string
    extraConfig {[key: string]: any}
    forceNameIdFormat boolean
    forcePostBinding boolean
    frontChannelLogout boolean
    fullScopeAllowed boolean
    idpInitiatedSsoRelayState string
    idpInitiatedSsoUrlName string
    includeAuthnStatement boolean
    loginTheme string
    logoutServicePostBindingUrl string
    logoutServiceRedirectBindingUrl string
    masterSamlProcessingUrl string
    name string
    nameIdFormat string
    rootUrl string
    signAssertions boolean
    signDocuments boolean
    signatureAlgorithm string
    signatureKeyName string
    signingCertificate string
    signingPrivateKey string
    validRedirectUris string[]
    client_id str
    realm_id str
    assertion_consumer_post_url str
    assertion_consumer_redirect_url str
    authentication_flow_binding_overrides ClientAuthenticationFlowBindingOverridesArgs
    base_url str
    canonicalization_method str
    client_signature_required bool
    description str
    enabled bool
    encrypt_assertions bool
    encryption_certificate str
    extra_config Mapping[str, Any]
    force_name_id_format bool
    force_post_binding bool
    front_channel_logout bool
    full_scope_allowed bool
    idp_initiated_sso_relay_state str
    idp_initiated_sso_url_name str
    include_authn_statement bool
    login_theme str
    logout_service_post_binding_url str
    logout_service_redirect_binding_url str
    master_saml_processing_url str
    name str
    name_id_format str
    root_url str
    sign_assertions bool
    sign_documents bool
    signature_algorithm str
    signature_key_name str
    signing_certificate str
    signing_private_key str
    valid_redirect_uris Sequence[str]
    clientId String
    realmId String
    assertionConsumerPostUrl String
    assertionConsumerRedirectUrl String
    authenticationFlowBindingOverrides Property Map
    baseUrl String
    canonicalizationMethod String
    clientSignatureRequired Boolean
    description String
    enabled Boolean
    encryptAssertions Boolean
    encryptionCertificate String
    extraConfig Map<Any>
    forceNameIdFormat Boolean
    forcePostBinding Boolean
    frontChannelLogout Boolean
    fullScopeAllowed Boolean
    idpInitiatedSsoRelayState String
    idpInitiatedSsoUrlName String
    includeAuthnStatement Boolean
    loginTheme String
    logoutServicePostBindingUrl String
    logoutServiceRedirectBindingUrl String
    masterSamlProcessingUrl String
    name String
    nameIdFormat String
    rootUrl String
    signAssertions Boolean
    signDocuments Boolean
    signatureAlgorithm String
    signatureKeyName String
    signingCertificate String
    signingPrivateKey String
    validRedirectUris List<String>

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Client resource produces the following output properties:

    EncryptionCertificateSha1 string
    Id string
    The provider-assigned unique ID for this managed resource.
    SigningCertificateSha1 string
    SigningPrivateKeySha1 string
    EncryptionCertificateSha1 string
    Id string
    The provider-assigned unique ID for this managed resource.
    SigningCertificateSha1 string
    SigningPrivateKeySha1 string
    encryptionCertificateSha1 String
    id String
    The provider-assigned unique ID for this managed resource.
    signingCertificateSha1 String
    signingPrivateKeySha1 String
    encryptionCertificateSha1 string
    id string
    The provider-assigned unique ID for this managed resource.
    signingCertificateSha1 string
    signingPrivateKeySha1 string
    encryption_certificate_sha1 str
    id str
    The provider-assigned unique ID for this managed resource.
    signing_certificate_sha1 str
    signing_private_key_sha1 str
    encryptionCertificateSha1 String
    id String
    The provider-assigned unique ID for this managed resource.
    signingCertificateSha1 String
    signingPrivateKeySha1 String

    Look up Existing Client Resource

    Get an existing Client resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ClientState, opts?: CustomResourceOptions): Client
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            assertion_consumer_post_url: Optional[str] = None,
            assertion_consumer_redirect_url: Optional[str] = None,
            authentication_flow_binding_overrides: Optional[ClientAuthenticationFlowBindingOverridesArgs] = None,
            base_url: Optional[str] = None,
            canonicalization_method: Optional[str] = None,
            client_id: Optional[str] = None,
            client_signature_required: Optional[bool] = None,
            description: Optional[str] = None,
            enabled: Optional[bool] = None,
            encrypt_assertions: Optional[bool] = None,
            encryption_certificate: Optional[str] = None,
            encryption_certificate_sha1: Optional[str] = None,
            extra_config: Optional[Mapping[str, Any]] = None,
            force_name_id_format: Optional[bool] = None,
            force_post_binding: Optional[bool] = None,
            front_channel_logout: Optional[bool] = None,
            full_scope_allowed: Optional[bool] = None,
            idp_initiated_sso_relay_state: Optional[str] = None,
            idp_initiated_sso_url_name: Optional[str] = None,
            include_authn_statement: Optional[bool] = None,
            login_theme: Optional[str] = None,
            logout_service_post_binding_url: Optional[str] = None,
            logout_service_redirect_binding_url: Optional[str] = None,
            master_saml_processing_url: Optional[str] = None,
            name: Optional[str] = None,
            name_id_format: Optional[str] = None,
            realm_id: Optional[str] = None,
            root_url: Optional[str] = None,
            sign_assertions: Optional[bool] = None,
            sign_documents: Optional[bool] = None,
            signature_algorithm: Optional[str] = None,
            signature_key_name: Optional[str] = None,
            signing_certificate: Optional[str] = None,
            signing_certificate_sha1: Optional[str] = None,
            signing_private_key: Optional[str] = None,
            signing_private_key_sha1: Optional[str] = None,
            valid_redirect_uris: Optional[Sequence[str]] = None) -> Client
    func GetClient(ctx *Context, name string, id IDInput, state *ClientState, opts ...ResourceOption) (*Client, error)
    public static Client Get(string name, Input<string> id, ClientState? state, CustomResourceOptions? opts = null)
    public static Client get(String name, Output<String> id, ClientState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AssertionConsumerPostUrl string
    AssertionConsumerRedirectUrl string
    AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverrides
    BaseUrl string
    CanonicalizationMethod string
    ClientId string
    ClientSignatureRequired bool
    Description string
    Enabled bool
    EncryptAssertions bool
    EncryptionCertificate string
    EncryptionCertificateSha1 string
    ExtraConfig Dictionary<string, object>
    ForceNameIdFormat bool
    ForcePostBinding bool
    FrontChannelLogout bool
    FullScopeAllowed bool
    IdpInitiatedSsoRelayState string
    IdpInitiatedSsoUrlName string
    IncludeAuthnStatement bool
    LoginTheme string
    LogoutServicePostBindingUrl string
    LogoutServiceRedirectBindingUrl string
    MasterSamlProcessingUrl string
    Name string
    NameIdFormat string
    RealmId string
    RootUrl string
    SignAssertions bool
    SignDocuments bool
    SignatureAlgorithm string
    SignatureKeyName string
    SigningCertificate string
    SigningCertificateSha1 string
    SigningPrivateKey string
    SigningPrivateKeySha1 string
    ValidRedirectUris List<string>
    AssertionConsumerPostUrl string
    AssertionConsumerRedirectUrl string
    AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverridesArgs
    BaseUrl string
    CanonicalizationMethod string
    ClientId string
    ClientSignatureRequired bool
    Description string
    Enabled bool
    EncryptAssertions bool
    EncryptionCertificate string
    EncryptionCertificateSha1 string
    ExtraConfig map[string]interface{}
    ForceNameIdFormat bool
    ForcePostBinding bool
    FrontChannelLogout bool
    FullScopeAllowed bool
    IdpInitiatedSsoRelayState string
    IdpInitiatedSsoUrlName string
    IncludeAuthnStatement bool
    LoginTheme string
    LogoutServicePostBindingUrl string
    LogoutServiceRedirectBindingUrl string
    MasterSamlProcessingUrl string
    Name string
    NameIdFormat string
    RealmId string
    RootUrl string
    SignAssertions bool
    SignDocuments bool
    SignatureAlgorithm string
    SignatureKeyName string
    SigningCertificate string
    SigningCertificateSha1 string
    SigningPrivateKey string
    SigningPrivateKeySha1 string
    ValidRedirectUris []string
    assertionConsumerPostUrl String
    assertionConsumerRedirectUrl String
    authenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverrides
    baseUrl String
    canonicalizationMethod String
    clientId String
    clientSignatureRequired Boolean
    description String
    enabled Boolean
    encryptAssertions Boolean
    encryptionCertificate String
    encryptionCertificateSha1 String
    extraConfig Map<String,Object>
    forceNameIdFormat Boolean
    forcePostBinding Boolean
    frontChannelLogout Boolean
    fullScopeAllowed Boolean
    idpInitiatedSsoRelayState String
    idpInitiatedSsoUrlName String
    includeAuthnStatement Boolean
    loginTheme String
    logoutServicePostBindingUrl String
    logoutServiceRedirectBindingUrl String
    masterSamlProcessingUrl String
    name String
    nameIdFormat String
    realmId String
    rootUrl String
    signAssertions Boolean
    signDocuments Boolean
    signatureAlgorithm String
    signatureKeyName String
    signingCertificate String
    signingCertificateSha1 String
    signingPrivateKey String
    signingPrivateKeySha1 String
    validRedirectUris List<String>
    assertionConsumerPostUrl string
    assertionConsumerRedirectUrl string
    authenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverrides
    baseUrl string
    canonicalizationMethod string
    clientId string
    clientSignatureRequired boolean
    description string
    enabled boolean
    encryptAssertions boolean
    encryptionCertificate string
    encryptionCertificateSha1 string
    extraConfig {[key: string]: any}
    forceNameIdFormat boolean
    forcePostBinding boolean
    frontChannelLogout boolean
    fullScopeAllowed boolean
    idpInitiatedSsoRelayState string
    idpInitiatedSsoUrlName string
    includeAuthnStatement boolean
    loginTheme string
    logoutServicePostBindingUrl string
    logoutServiceRedirectBindingUrl string
    masterSamlProcessingUrl string
    name string
    nameIdFormat string
    realmId string
    rootUrl string
    signAssertions boolean
    signDocuments boolean
    signatureAlgorithm string
    signatureKeyName string
    signingCertificate string
    signingCertificateSha1 string
    signingPrivateKey string
    signingPrivateKeySha1 string
    validRedirectUris string[]
    assertion_consumer_post_url str
    assertion_consumer_redirect_url str
    authentication_flow_binding_overrides ClientAuthenticationFlowBindingOverridesArgs
    base_url str
    canonicalization_method str
    client_id str
    client_signature_required bool
    description str
    enabled bool
    encrypt_assertions bool
    encryption_certificate str
    encryption_certificate_sha1 str
    extra_config Mapping[str, Any]
    force_name_id_format bool
    force_post_binding bool
    front_channel_logout bool
    full_scope_allowed bool
    idp_initiated_sso_relay_state str
    idp_initiated_sso_url_name str
    include_authn_statement bool
    login_theme str
    logout_service_post_binding_url str
    logout_service_redirect_binding_url str
    master_saml_processing_url str
    name str
    name_id_format str
    realm_id str
    root_url str
    sign_assertions bool
    sign_documents bool
    signature_algorithm str
    signature_key_name str
    signing_certificate str
    signing_certificate_sha1 str
    signing_private_key str
    signing_private_key_sha1 str
    valid_redirect_uris Sequence[str]
    assertionConsumerPostUrl String
    assertionConsumerRedirectUrl String
    authenticationFlowBindingOverrides Property Map
    baseUrl String
    canonicalizationMethod String
    clientId String
    clientSignatureRequired Boolean
    description String
    enabled Boolean
    encryptAssertions Boolean
    encryptionCertificate String
    encryptionCertificateSha1 String
    extraConfig Map<Any>
    forceNameIdFormat Boolean
    forcePostBinding Boolean
    frontChannelLogout Boolean
    fullScopeAllowed Boolean
    idpInitiatedSsoRelayState String
    idpInitiatedSsoUrlName String
    includeAuthnStatement Boolean
    loginTheme String
    logoutServicePostBindingUrl String
    logoutServiceRedirectBindingUrl String
    masterSamlProcessingUrl String
    name String
    nameIdFormat String
    realmId String
    rootUrl String
    signAssertions Boolean
    signDocuments Boolean
    signatureAlgorithm String
    signatureKeyName String
    signingCertificate String
    signingCertificateSha1 String
    signingPrivateKey String
    signingPrivateKeySha1 String
    validRedirectUris List<String>

    Supporting Types

    ClientAuthenticationFlowBindingOverrides, ClientAuthenticationFlowBindingOverridesArgs

    Package Details

    Repository
    Keycloak pulumi/pulumi-keycloak
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the keycloak Terraform Provider.
    keycloak logo
    Keycloak v5.3.2 published on Friday, May 10, 2024 by Pulumi