1. Packages
  2. Keycloak Provider
  3. API Docs
  4. saml
  5. getClientScope
Viewing docs for Keycloak v6.10.0
published on Saturday, Feb 21, 2026 by Pulumi
Schema (JSON)
pulumi/pulumi-keycloak

keycloak.saml.getClientScope

keycloak logo
Viewing docs for Keycloak v6.10.0
published on Saturday, Feb 21, 2026 by Pulumi
Schema (JSON)
pulumi/pulumi-keycloak

    This data source can be used to fetch properties of a Keycloak SAML client scope for usage with other resources.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";

const mysamlscope = keycloak.saml.getClientScope({
    realmId: "my-realm",
    name: "mysamlscope",
});
const samlClient = new keycloak.saml.Client("saml_client", {
    realmId: "my-realm",
    clientId: "saml-client",
});
// use the data source
const _default = new keycloak.saml.ClientDefaultScope("default", {
    realmId: "my-realm",
    clientId: samlClient.id,
    defaultScopes: [mysamlscope.then(mysamlscope => mysamlscope.name)],
});

    import pulumi
import pulumi_keycloak as keycloak

mysamlscope = keycloak.saml.get_client_scope(realm_id="my-realm",
    name="mysamlscope")
saml_client = keycloak.saml.Client("saml_client",
    realm_id="my-realm",
    client_id="saml-client")
# use the data source
default = keycloak.saml.ClientDefaultScope("default",
    realm_id="my-realm",
    client_id=saml_client.id,
    default_scopes=[mysamlscope.name])

    package main

import (
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak/saml"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		mysamlscope, err := saml.LookupClientScope(ctx, &saml.LookupClientScopeArgs{
			RealmId: "my-realm",
			Name:    "mysamlscope",
		}, nil)
		if err != nil {
			return err
		}
		samlClient, err := saml.NewClient(ctx, "saml_client", &saml.ClientArgs{
			RealmId:  pulumi.String("my-realm"),
			ClientId: pulumi.String("saml-client"),
		})
		if err != nil {
			return err
		}
		// use the data source
		_, err = saml.NewClientDefaultScope(ctx, "default", &saml.ClientDefaultScopeArgs{
			RealmId:  pulumi.String("my-realm"),
			ClientId: samlClient.ID(),
			DefaultScopes: pulumi.StringArray{
				pulumi.String(mysamlscope.Name),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;

return await Deployment.RunAsync(() => 
{
    var mysamlscope = Keycloak.Saml.GetClientScope.Invoke(new()
    {
        RealmId = "my-realm",
        Name = "mysamlscope",
    });

    var samlClient = new Keycloak.Saml.Client("saml_client", new()
    {
        RealmId = "my-realm",
        ClientId = "saml-client",
    });

    // use the data source
    var @default = new Keycloak.Saml.ClientDefaultScope("default", new()
    {
        RealmId = "my-realm",
        ClientId = samlClient.Id,
        DefaultScopes = new[]
        {
            mysamlscope.Apply(getClientScopeResult => getClientScopeResult.Name),
        },
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.saml.SamlFunctions;
import com.pulumi.keycloak.saml.inputs.GetClientScopeArgs;
import com.pulumi.keycloak.saml.Client;
import com.pulumi.keycloak.saml.ClientArgs;
import com.pulumi.keycloak.saml.ClientDefaultScope;
import com.pulumi.keycloak.saml.ClientDefaultScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var mysamlscope = SamlFunctions.getClientScope(GetClientScopeArgs.builder()
            .realmId("my-realm")
            .name("mysamlscope")
            .build());

        var samlClient = new Client("samlClient", ClientArgs.builder()
            .realmId("my-realm")
            .clientId("saml-client")
            .build());

        // use the data source
        var default_ = new ClientDefaultScope("default", ClientDefaultScopeArgs.builder()
            .realmId("my-realm")
            .clientId(samlClient.id())
            .defaultScopes(mysamlscope.name())
            .build());

    }
}

    resources:
  samlClient:
    type: keycloak:saml:Client
    name: saml_client
    properties:
      realmId: my-realm
      clientId: saml-client
  # use the data source
  default:
    type: keycloak:saml:ClientDefaultScope
    properties:
      realmId: my-realm
      clientId: ${samlClient.id}
      defaultScopes:
        - ${mysamlscope.name}
variables:
  mysamlscope:
    fn::invoke:
      function: keycloak:saml:getClientScope
      arguments:
        realmId: my-realm
        name: mysamlscope

    Using getClientScope

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getClientScope(args: GetClientScopeArgs, opts?: InvokeOptions): Promise<GetClientScopeResult>
function getClientScopeOutput(args: GetClientScopeOutputArgs, opts?: InvokeOptions): Output<GetClientScopeResult>
    def get_client_scope(extra_config: Optional[Mapping[str, str]] = None,
                     name: Optional[str] = None,
                     realm_id: Optional[str] = None,
                     opts: Optional[InvokeOptions] = None) -> GetClientScopeResult
def get_client_scope_output(extra_config: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                     name: Optional[pulumi.Input[str]] = None,
                     realm_id: Optional[pulumi.Input[str]] = None,
                     opts: Optional[InvokeOptions] = None) -> Output[GetClientScopeResult]
    func LookupClientScope(ctx *Context, args *LookupClientScopeArgs, opts ...InvokeOption) (*LookupClientScopeResult, error)
func LookupClientScopeOutput(ctx *Context, args *LookupClientScopeOutputArgs, opts ...InvokeOption) LookupClientScopeResultOutput

    > Note: This function is named LookupClientScope in the Go SDK.

    public static class GetClientScope 
{
    public static Task<GetClientScopeResult> InvokeAsync(GetClientScopeArgs args, InvokeOptions? opts = null)
    public static Output<GetClientScopeResult> Invoke(GetClientScopeInvokeArgs args, InvokeOptions? opts = null)
}
    public static CompletableFuture<GetClientScopeResult> getClientScope(GetClientScopeArgs args, InvokeOptions options)
public static Output<GetClientScopeResult> getClientScope(GetClientScopeArgs args, InvokeOptions options)

    fn::invoke:
  function: keycloak:saml/getClientScope:getClientScope
  arguments:
    # arguments dictionary

    The following arguments are supported:

    Name string
    The name of the client scope.
    RealmId string
    The realm id.
    ExtraConfig Dictionary<string, string>
    Name string
    The name of the client scope.
    RealmId string
    The realm id.
    ExtraConfig map[string]string
    name String
    The name of the client scope.
    realmId String
    The realm id.
    extraConfig Map<String,String>
    name string
    The name of the client scope.
    realmId string
    The realm id.
    extraConfig {[key: string]: string}
    name str
    The name of the client scope.
    realm_id str
    The realm id.
    extra_config Mapping[str, str]
    name String
    The name of the client scope.
    realmId String
    The realm id.
    extraConfig Map<String>

    getClientScope Result

    The following output properties are available:

    ConsentScreenText string
    Description string
    ExtraConfig Dictionary<string, string>
    GuiOrder int
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    RealmId string
    ConsentScreenText string
    Description string
    ExtraConfig map[string]string
    GuiOrder int
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    RealmId string
    consentScreenText String
    description String
    extraConfig Map<String,String>
    guiOrder Integer
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    realmId String
    consentScreenText string
    description string
    extraConfig {[key: string]: string}
    guiOrder number
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    realmId string
    consent_screen_text str
    description str
    extra_config Mapping[str, str]
    gui_order int
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    realm_id str
    consentScreenText String
    description String
    extraConfig Map<String>
    guiOrder Number
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    realmId String

    Package Details

    Repository
    Keycloak pulumi/pulumi-keycloak
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the keycloak Terraform Provider.
    keycloak logo
    Viewing docs for Keycloak v6.10.0
    published on Saturday, Feb 21, 2026 by Pulumi
    Schema (JSON)
    pulumi/pulumi-keycloak
      Try Pulumi Cloud free. Your team will thank you.