keycloak logo
Keycloak v5.1.0, Mar 14 23

keycloak.saml.getClient

This data source can be used to fetch properties of a Keycloak client that uses the SAML protocol.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Keycloak = Pulumi.Keycloak;

return await Deployment.RunAsync(() => 
{
    var realmManagement = Keycloak.Saml.GetClient.Invoke(new()
    {
        RealmId = "my-realm",
        ClientId = "realm-management",
    });

    var admin = Keycloak.GetRole.Invoke(new()
    {
        RealmId = "my-realm",
        ClientId = realmManagement.Apply(getClientResult => getClientResult.Id),
        Name = "realm-admin",
    });

});
package main

import (
	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
	"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realmManagement, err := saml.LookupClient(ctx, &saml.LookupClientArgs{
			RealmId:  "my-realm",
			ClientId: "realm-management",
		}, nil)
		if err != nil {
			return err
		}
		_, err = keycloak.LookupRole(ctx, &keycloak.LookupRoleArgs{
			RealmId:  "my-realm",
			ClientId: pulumi.StringRef(realmManagement.Id),
			Name:     "realm-admin",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.saml.SamlFunctions;
import com.pulumi.keycloak.saml.inputs.GetClientArgs;
import com.pulumi.keycloak.KeycloakFunctions;
import com.pulumi.keycloak.inputs.GetRoleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var realmManagement = SamlFunctions.getClient(GetClientArgs.builder()
            .realmId("my-realm")
            .clientId("realm-management")
            .build());

        final var admin = KeycloakFunctions.getRole(GetRoleArgs.builder()
            .realmId("my-realm")
            .clientId(realmManagement.applyValue(getClientResult -> getClientResult.id()))
            .name("realm-admin")
            .build());

    }
}
import pulumi
import pulumi_keycloak as keycloak

realm_management = keycloak.saml.get_client(realm_id="my-realm",
    client_id="realm-management")
admin = keycloak.get_role(realm_id="my-realm",
    client_id=realm_management.id,
    name="realm-admin")
import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";

const realmManagement = keycloak.saml.getClient({
    realmId: "my-realm",
    clientId: "realm-management",
});
const admin = realmManagement.then(realmManagement => keycloak.getRole({
    realmId: "my-realm",
    clientId: realmManagement.id,
    name: "realm-admin",
}));
variables:
  realmManagement:
    fn::invoke:
      Function: keycloak:saml:getClient
      Arguments:
        realmId: my-realm
        clientId: realm-management
  admin:
    fn::invoke:
      Function: keycloak:getRole
      Arguments:
        realmId: my-realm
        clientId: ${realmManagement.id}
        name: realm-admin

Using getClient

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getClient(args: GetClientArgs, opts?: InvokeOptions): Promise<GetClientResult>
function getClientOutput(args: GetClientOutputArgs, opts?: InvokeOptions): Output<GetClientResult>
def get_client(client_id: Optional[str] = None,
               realm_id: Optional[str] = None,
               opts: Optional[InvokeOptions] = None) -> GetClientResult
def get_client_output(client_id: Optional[pulumi.Input[str]] = None,
               realm_id: Optional[pulumi.Input[str]] = None,
               opts: Optional[InvokeOptions] = None) -> Output[GetClientResult]
func LookupClient(ctx *Context, args *LookupClientArgs, opts ...InvokeOption) (*LookupClientResult, error)
func LookupClientOutput(ctx *Context, args *LookupClientOutputArgs, opts ...InvokeOption) LookupClientResultOutput

> Note: This function is named LookupClient in the Go SDK.

public static class GetClient 
{
    public static Task<GetClientResult> InvokeAsync(GetClientArgs args, InvokeOptions? opts = null)
    public static Output<GetClientResult> Invoke(GetClientInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetClientResult> getClient(GetClientArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: keycloak:saml/getClient:getClient
  arguments:
    # arguments dictionary

The following arguments are supported:

ClientId string

The client id (not its unique ID).

RealmId string

The realm id.

ClientId string

The client id (not its unique ID).

RealmId string

The realm id.

clientId String

The client id (not its unique ID).

realmId String

The realm id.

clientId string

The client id (not its unique ID).

realmId string

The realm id.

client_id str

The client id (not its unique ID).

realm_id str

The realm id.

clientId String

The client id (not its unique ID).

realmId String

The realm id.

getClient Result

The following output properties are available:

AssertionConsumerPostUrl string
AssertionConsumerRedirectUrl string
AuthenticationFlowBindingOverrides List<GetClientAuthenticationFlowBindingOverride>
BaseUrl string
CanonicalizationMethod string
ClientId string
ClientSignatureRequired bool
Description string
Enabled bool
EncryptAssertions bool
EncryptionCertificate string
EncryptionCertificateSha1 string
ExtraConfig Dictionary<string, object>
ForceNameIdFormat bool
ForcePostBinding bool
FrontChannelLogout bool
FullScopeAllowed bool
Id string

The provider-assigned unique ID for this managed resource.

IdpInitiatedSsoRelayState string
IdpInitiatedSsoUrlName string
IncludeAuthnStatement bool
LoginTheme string
LogoutServicePostBindingUrl string
LogoutServiceRedirectBindingUrl string
MasterSamlProcessingUrl string
Name string
NameIdFormat string
RealmId string
RootUrl string
SamlSignatureKeyName string
SignAssertions bool
SignDocuments bool
SignatureAlgorithm string
SignatureKeyName string
SigningCertificate string
SigningCertificateSha1 string
SigningPrivateKey string
SigningPrivateKeySha1 string
ValidRedirectUris List<string>
AssertionConsumerPostUrl string
AssertionConsumerRedirectUrl string
AuthenticationFlowBindingOverrides []GetClientAuthenticationFlowBindingOverride
BaseUrl string
CanonicalizationMethod string
ClientId string
ClientSignatureRequired bool
Description string
Enabled bool
EncryptAssertions bool
EncryptionCertificate string
EncryptionCertificateSha1 string
ExtraConfig map[string]interface{}
ForceNameIdFormat bool
ForcePostBinding bool
FrontChannelLogout bool
FullScopeAllowed bool
Id string

The provider-assigned unique ID for this managed resource.

IdpInitiatedSsoRelayState string
IdpInitiatedSsoUrlName string
IncludeAuthnStatement bool
LoginTheme string
LogoutServicePostBindingUrl string
LogoutServiceRedirectBindingUrl string
MasterSamlProcessingUrl string
Name string
NameIdFormat string
RealmId string
RootUrl string
SamlSignatureKeyName string
SignAssertions bool
SignDocuments bool
SignatureAlgorithm string
SignatureKeyName string
SigningCertificate string
SigningCertificateSha1 string
SigningPrivateKey string
SigningPrivateKeySha1 string
ValidRedirectUris []string
assertionConsumerPostUrl String
assertionConsumerRedirectUrl String
authenticationFlowBindingOverrides List<GetClientAuthenticationFlowBindingOverride>
baseUrl String
canonicalizationMethod String
clientId String
clientSignatureRequired Boolean
description String
enabled Boolean
encryptAssertions Boolean
encryptionCertificate String
encryptionCertificateSha1 String
extraConfig Map<String,Object>
forceNameIdFormat Boolean
forcePostBinding Boolean
frontChannelLogout Boolean
fullScopeAllowed Boolean
id String

The provider-assigned unique ID for this managed resource.

idpInitiatedSsoRelayState String
idpInitiatedSsoUrlName String
includeAuthnStatement Boolean
loginTheme String
logoutServicePostBindingUrl String
logoutServiceRedirectBindingUrl String
masterSamlProcessingUrl String
name String
nameIdFormat String
realmId String
rootUrl String
samlSignatureKeyName String
signAssertions Boolean
signDocuments Boolean
signatureAlgorithm String
signatureKeyName String
signingCertificate String
signingCertificateSha1 String
signingPrivateKey String
signingPrivateKeySha1 String
validRedirectUris List<String>
assertionConsumerPostUrl string
assertionConsumerRedirectUrl string
authenticationFlowBindingOverrides GetClientAuthenticationFlowBindingOverride[]
baseUrl string
canonicalizationMethod string
clientId string
clientSignatureRequired boolean
description string
enabled boolean
encryptAssertions boolean
encryptionCertificate string
encryptionCertificateSha1 string
extraConfig {[key: string]: any}
forceNameIdFormat boolean
forcePostBinding boolean
frontChannelLogout boolean
fullScopeAllowed boolean
id string

The provider-assigned unique ID for this managed resource.

idpInitiatedSsoRelayState string
idpInitiatedSsoUrlName string
includeAuthnStatement boolean
loginTheme string
logoutServicePostBindingUrl string
logoutServiceRedirectBindingUrl string
masterSamlProcessingUrl string
name string
nameIdFormat string
realmId string
rootUrl string
samlSignatureKeyName string
signAssertions boolean
signDocuments boolean
signatureAlgorithm string
signatureKeyName string
signingCertificate string
signingCertificateSha1 string
signingPrivateKey string
signingPrivateKeySha1 string
validRedirectUris string[]
assertion_consumer_post_url str
assertion_consumer_redirect_url str
authentication_flow_binding_overrides Sequence[GetClientAuthenticationFlowBindingOverride]
base_url str
canonicalization_method str
client_id str
client_signature_required bool
description str
enabled bool
encrypt_assertions bool
encryption_certificate str
encryption_certificate_sha1 str
extra_config Mapping[str, Any]
force_name_id_format bool
force_post_binding bool
front_channel_logout bool
full_scope_allowed bool
id str

The provider-assigned unique ID for this managed resource.

idp_initiated_sso_relay_state str
idp_initiated_sso_url_name str
include_authn_statement bool
login_theme str
logout_service_post_binding_url str
logout_service_redirect_binding_url str
master_saml_processing_url str
name str
name_id_format str
realm_id str
root_url str
saml_signature_key_name str
sign_assertions bool
sign_documents bool
signature_algorithm str
signature_key_name str
signing_certificate str
signing_certificate_sha1 str
signing_private_key str
signing_private_key_sha1 str
valid_redirect_uris Sequence[str]
assertionConsumerPostUrl String
assertionConsumerRedirectUrl String
authenticationFlowBindingOverrides List<Property Map>
baseUrl String
canonicalizationMethod String
clientId String
clientSignatureRequired Boolean
description String
enabled Boolean
encryptAssertions Boolean
encryptionCertificate String
encryptionCertificateSha1 String
extraConfig Map<Any>
forceNameIdFormat Boolean
forcePostBinding Boolean
frontChannelLogout Boolean
fullScopeAllowed Boolean
id String

The provider-assigned unique ID for this managed resource.

idpInitiatedSsoRelayState String
idpInitiatedSsoUrlName String
includeAuthnStatement Boolean
loginTheme String
logoutServicePostBindingUrl String
logoutServiceRedirectBindingUrl String
masterSamlProcessingUrl String
name String
nameIdFormat String
realmId String
rootUrl String
samlSignatureKeyName String
signAssertions Boolean
signDocuments Boolean
signatureAlgorithm String
signatureKeyName String
signingCertificate String
signingCertificateSha1 String
signingPrivateKey String
signingPrivateKeySha1 String
validRedirectUris List<String>

Supporting Types

GetClientAuthenticationFlowBindingOverride

Package Details

Repository
Keycloak pulumi/pulumi-keycloak
License
Apache-2.0
Notes

This Pulumi package is based on the keycloak Terraform Provider.