Docs
PackagesMongoDB Atlas v3.14.3 published on Monday, Apr 1, 2024 by Pulumi
mongodbatlas.FederatedSettingsIdentityProvider
Explore with Pulumi AI
mongodbatlas.FederatedSettingsIdentityProvider provides an Atlas federated settings identity provider resource provides a subset of settings to be maintained post import of the existing resource.
NOTE: OIDC Workforce IdP is currently in preview. To learn more about OIDC and existing limitations see the OIDC Authentication Documentation.
Example Usage
IMPORTANT You MUST import this resource before you can manage it with this provider.
import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";
const identityProvider = new mongodbatlas.FederatedSettingsIdentityProvider("identityProvider", {
associatedDomains: ["yourdomain.com"],
federationSettingsId: "627a9687f7f7f7f774de306f14",
issuerUri: "http://www.okta.com/exk17q7f7f7f7fp50h8",
requestBinding: "HTTP-POST",
responseSignatureAlgorithm: "SHA-256",
ssoDebugEnabled: true,
ssoUrl: "https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
status: "ACTIVE",
});
import pulumi
import pulumi_mongodbatlas as mongodbatlas
identity_provider = mongodbatlas.FederatedSettingsIdentityProvider("identityProvider",
associated_domains=["yourdomain.com"],
federation_settings_id="627a9687f7f7f7f774de306f14",
issuer_uri="http://www.okta.com/exk17q7f7f7f7fp50h8",
request_binding="HTTP-POST",
response_signature_algorithm="SHA-256",
sso_debug_enabled=True,
sso_url="https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
status="ACTIVE")
package main
import (
"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := mongodbatlas.NewFederatedSettingsIdentityProvider(ctx, "identityProvider", &mongodbatlas.FederatedSettingsIdentityProviderArgs{
AssociatedDomains: pulumi.StringArray{
pulumi.String("yourdomain.com"),
},
FederationSettingsId: pulumi.String("627a9687f7f7f7f774de306f14"),
IssuerUri: pulumi.String("http://www.okta.com/exk17q7f7f7f7fp50h8"),
RequestBinding: pulumi.String("HTTP-POST"),
ResponseSignatureAlgorithm: pulumi.String("SHA-256"),
SsoDebugEnabled: pulumi.Bool(true),
SsoUrl: pulumi.String("https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml"),
Status: pulumi.String("ACTIVE"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;
return await Deployment.RunAsync(() =>
{
var identityProvider = new Mongodbatlas.FederatedSettingsIdentityProvider("identityProvider", new()
{
AssociatedDomains = new[]
{
"yourdomain.com",
},
FederationSettingsId = "627a9687f7f7f7f774de306f14",
IssuerUri = "http://www.okta.com/exk17q7f7f7f7fp50h8",
RequestBinding = "HTTP-POST",
ResponseSignatureAlgorithm = "SHA-256",
SsoDebugEnabled = true,
SsoUrl = "https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
Status = "ACTIVE",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.FederatedSettingsIdentityProvider;
import com.pulumi.mongodbatlas.FederatedSettingsIdentityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var identityProvider = new FederatedSettingsIdentityProvider("identityProvider", FederatedSettingsIdentityProviderArgs.builder()
.associatedDomains("yourdomain.com")
.federationSettingsId("627a9687f7f7f7f774de306f14")
.issuerUri("http://www.okta.com/exk17q7f7f7f7fp50h8")
.requestBinding("HTTP-POST")
.responseSignatureAlgorithm("SHA-256")
.ssoDebugEnabled(true)
.ssoUrl("https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml")
.status("ACTIVE")
.build());
}
}
resources:
identityProvider:
type: mongodbatlas:FederatedSettingsIdentityProvider
properties:
associatedDomains:
- yourdomain.com
federationSettingsId: 627a9687f7f7f7f774de306f14
issuerUri: http://www.okta.com/exk17q7f7f7f7fp50h8
requestBinding: HTTP-POST
responseSignatureAlgorithm: SHA-256
ssoDebugEnabled: true
ssoUrl: https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml
status: ACTIVE
Create FederatedSettingsIdentityProvider Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new FederatedSettingsIdentityProvider(name: string, args: FederatedSettingsIdentityProviderArgs, opts?: CustomResourceOptions);@overload
def FederatedSettingsIdentityProvider(resource_name: str,
args: FederatedSettingsIdentityProviderArgs,
opts: Optional[ResourceOptions] = None)
@overload
def FederatedSettingsIdentityProvider(resource_name: str,
opts: Optional[ResourceOptions] = None,
federation_settings_id: Optional[str] = None,
issuer_uri: Optional[str] = None,
name: Optional[str] = None,
client_id: Optional[str] = None,
groups_claim: Optional[str] = None,
audience_claims: Optional[Sequence[str]] = None,
associated_domains: Optional[Sequence[str]] = None,
protocol: Optional[str] = None,
request_binding: Optional[str] = None,
requested_scopes: Optional[Sequence[str]] = None,
response_signature_algorithm: Optional[str] = None,
sso_debug_enabled: Optional[bool] = None,
sso_url: Optional[str] = None,
status: Optional[str] = None,
user_claim: Optional[str] = None)func NewFederatedSettingsIdentityProvider(ctx *Context, name string, args FederatedSettingsIdentityProviderArgs, opts ...ResourceOption) (*FederatedSettingsIdentityProvider, error)public FederatedSettingsIdentityProvider(string name, FederatedSettingsIdentityProviderArgs args, CustomResourceOptions? opts = null)
public FederatedSettingsIdentityProvider(String name, FederatedSettingsIdentityProviderArgs args)
public FederatedSettingsIdentityProvider(String name, FederatedSettingsIdentityProviderArgs args, CustomResourceOptions options)
type: mongodbatlas:FederatedSettingsIdentityProvider
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FederatedSettingsIdentityProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FederatedSettingsIdentityProviderArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FederatedSettingsIdentityProviderArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FederatedSettingsIdentityProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FederatedSettingsIdentityProviderArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var federatedSettingsIdentityProviderResource = new Mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", new()
{
FederationSettingsId = "string",
IssuerUri = "string",
Name = "string",
ClientId = "string",
GroupsClaim = "string",
AudienceClaims = new[]
{
"string",
},
AssociatedDomains = new[]
{
"string",
},
Protocol = "string",
RequestBinding = "string",
RequestedScopes = new[]
{
"string",
},
ResponseSignatureAlgorithm = "string",
SsoDebugEnabled = false,
SsoUrl = "string",
Status = "string",
UserClaim = "string",
});
example, err := mongodbatlas.NewFederatedSettingsIdentityProvider(ctx, "federatedSettingsIdentityProviderResource", &mongodbatlas.FederatedSettingsIdentityProviderArgs{
FederationSettingsId: pulumi.String("string"),
IssuerUri: pulumi.String("string"),
Name: pulumi.String("string"),
ClientId: pulumi.String("string"),
GroupsClaim: pulumi.String("string"),
AudienceClaims: pulumi.StringArray{
pulumi.String("string"),
},
AssociatedDomains: pulumi.StringArray{
pulumi.String("string"),
},
Protocol: pulumi.String("string"),
RequestBinding: pulumi.String("string"),
RequestedScopes: pulumi.StringArray{
pulumi.String("string"),
},
ResponseSignatureAlgorithm: pulumi.String("string"),
SsoDebugEnabled: pulumi.Bool(false),
SsoUrl: pulumi.String("string"),
Status: pulumi.String("string"),
UserClaim: pulumi.String("string"),
})
var federatedSettingsIdentityProviderResource = new FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", FederatedSettingsIdentityProviderArgs.builder()
.federationSettingsId("string")
.issuerUri("string")
.name("string")
.clientId("string")
.groupsClaim("string")
.audienceClaims("string")
.associatedDomains("string")
.protocol("string")
.requestBinding("string")
.requestedScopes("string")
.responseSignatureAlgorithm("string")
.ssoDebugEnabled(false)
.ssoUrl("string")
.status("string")
.userClaim("string")
.build());
federated_settings_identity_provider_resource = mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource",
federation_settings_id="string",
issuer_uri="string",
name="string",
client_id="string",
groups_claim="string",
audience_claims=["string"],
associated_domains=["string"],
protocol="string",
request_binding="string",
requested_scopes=["string"],
response_signature_algorithm="string",
sso_debug_enabled=False,
sso_url="string",
status="string",
user_claim="string")
const federatedSettingsIdentityProviderResource = new mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", {
federationSettingsId: "string",
issuerUri: "string",
name: "string",
clientId: "string",
groupsClaim: "string",
audienceClaims: ["string"],
associatedDomains: ["string"],
protocol: "string",
requestBinding: "string",
requestedScopes: ["string"],
responseSignatureAlgorithm: "string",
ssoDebugEnabled: false,
ssoUrl: "string",
status: "string",
userClaim: "string",
});
type: mongodbatlas:FederatedSettingsIdentityProvider
properties:
associatedDomains:
- string
audienceClaims:
- string
clientId: string
federationSettingsId: string
groupsClaim: string
issuerUri: string
name: string
protocol: string
requestBinding: string
requestedScopes:
- string
responseSignatureAlgorithm: string
ssoDebugEnabled: false
ssoUrl: string
status: string
userClaim: string
FederatedSettingsIdentityProvider Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The FederatedSettingsIdentityProvider resource accepts the following input properties:
- Federation
Settings stringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- Issuer
Uri string - Unique string that identifies the issuer of the IdP.
- Associated
Domains List<string> - List that contains the domains associated with the identity provider.
- Audience
Claims List<string> - Identifier of the intended recipient of the token used in OIDC IdP.
- Client
Id string - Client identifier that is assigned to an application by the OIDC Identity Provider.
- Groups
Claim string - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- Name string
- Human-readable label that identifies the identity provider.
- Protocol string
- The protocol of the identity provider. Either
SAMLorOIDC. - Request
Binding string - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- Requested
Scopes List<string> - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- Response
Signature stringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - Sso
Debug boolEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- Sso
Url string - Unique string that identifies the intended audience of the SAML assertion.
- Status string
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- User
Claim string - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- Federation
Settings stringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- Issuer
Uri string - Unique string that identifies the issuer of the IdP.
- Associated
Domains []string - List that contains the domains associated with the identity provider.
- Audience
Claims []string - Identifier of the intended recipient of the token used in OIDC IdP.
- Client
Id string - Client identifier that is assigned to an application by the OIDC Identity Provider.
- Groups
Claim string - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- Name string
- Human-readable label that identifies the identity provider.
- Protocol string
- The protocol of the identity provider. Either
SAMLorOIDC. - Request
Binding string - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- Requested
Scopes []string - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- Response
Signature stringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - Sso
Debug boolEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- Sso
Url string - Unique string that identifies the intended audience of the SAML assertion.
- Status string
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- User
Claim string - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- federation
Settings StringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- issuer
Uri String - Unique string that identifies the issuer of the IdP.
- associated
Domains List<String> - List that contains the domains associated with the identity provider.
- audience
Claims List<String> - Identifier of the intended recipient of the token used in OIDC IdP.
- client
Id String - Client identifier that is assigned to an application by the OIDC Identity Provider.
- groups
Claim String - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- name String
- Human-readable label that identifies the identity provider.
- protocol String
- The protocol of the identity provider. Either
SAMLorOIDC. - request
Binding String - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- requested
Scopes List<String> - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- response
Signature StringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - sso
Debug BooleanEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- sso
Url String - Unique string that identifies the intended audience of the SAML assertion.
- status String
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- user
Claim String - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- federation
Settings stringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- issuer
Uri string - Unique string that identifies the issuer of the IdP.
- associated
Domains string[] - List that contains the domains associated with the identity provider.
- audience
Claims string[] - Identifier of the intended recipient of the token used in OIDC IdP.
- client
Id string - Client identifier that is assigned to an application by the OIDC Identity Provider.
- groups
Claim string - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- name string
- Human-readable label that identifies the identity provider.
- protocol string
- The protocol of the identity provider. Either
SAMLorOIDC. - request
Binding string - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- requested
Scopes string[] - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- response
Signature stringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - sso
Debug booleanEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- sso
Url string - Unique string that identifies the intended audience of the SAML assertion.
- status string
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- user
Claim string - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- federation_
settings_ strid - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- issuer_
uri str - Unique string that identifies the issuer of the IdP.
- associated_
domains Sequence[str] - List that contains the domains associated with the identity provider.
- audience_
claims Sequence[str] - Identifier of the intended recipient of the token used in OIDC IdP.
- client_
id str - Client identifier that is assigned to an application by the OIDC Identity Provider.
- groups_
claim str - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- name str
- Human-readable label that identifies the identity provider.
- protocol str
- The protocol of the identity provider. Either
SAMLorOIDC. - request_
binding str - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- requested_
scopes Sequence[str] - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- response_
signature_ stralgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - sso_
debug_ boolenabled - Flag that indicates whether the identity provider has SSO debug enabled.
- sso_
url str - Unique string that identifies the intended audience of the SAML assertion.
- status str
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- user_
claim str - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- federation
Settings StringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- issuer
Uri String - Unique string that identifies the issuer of the IdP.
- associated
Domains List<String> - List that contains the domains associated with the identity provider.
- audience
Claims List<String> - Identifier of the intended recipient of the token used in OIDC IdP.
- client
Id String - Client identifier that is assigned to an application by the OIDC Identity Provider.
- groups
Claim String - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- name String
- Human-readable label that identifies the identity provider.
- protocol String
- The protocol of the identity provider. Either
SAMLorOIDC. - request
Binding String - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- requested
Scopes List<String> - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- response
Signature StringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - sso
Debug BooleanEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- sso
Url String - Unique string that identifies the intended audience of the SAML assertion.
- status String
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- user
Claim String - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
Outputs
All input properties are implicitly available as output properties. Additionally, the FederatedSettingsIdentityProvider resource produces the following output properties:
- id str
- The provider-assigned unique ID for this managed resource.
- idp_
id str - Unique 24-hexadecimal digit string that identifies the IdP.
- okta_
idp_ strid - Unique 20-hexadecimal digit string that identifies the IdP.
Look up Existing FederatedSettingsIdentityProvider Resource
Get an existing FederatedSettingsIdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FederatedSettingsIdentityProviderState, opts?: CustomResourceOptions): FederatedSettingsIdentityProvider@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
associated_domains: Optional[Sequence[str]] = None,
audience_claims: Optional[Sequence[str]] = None,
client_id: Optional[str] = None,
federation_settings_id: Optional[str] = None,
groups_claim: Optional[str] = None,
idp_id: Optional[str] = None,
issuer_uri: Optional[str] = None,
name: Optional[str] = None,
okta_idp_id: Optional[str] = None,
protocol: Optional[str] = None,
request_binding: Optional[str] = None,
requested_scopes: Optional[Sequence[str]] = None,
response_signature_algorithm: Optional[str] = None,
sso_debug_enabled: Optional[bool] = None,
sso_url: Optional[str] = None,
status: Optional[str] = None,
user_claim: Optional[str] = None) -> FederatedSettingsIdentityProviderfunc GetFederatedSettingsIdentityProvider(ctx *Context, name string, id IDInput, state *FederatedSettingsIdentityProviderState, opts ...ResourceOption) (*FederatedSettingsIdentityProvider, error)public static FederatedSettingsIdentityProvider Get(string name, Input<string> id, FederatedSettingsIdentityProviderState? state, CustomResourceOptions? opts = null)public static FederatedSettingsIdentityProvider get(String name, Output<String> id, FederatedSettingsIdentityProviderState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Associated
Domains List<string> - List that contains the domains associated with the identity provider.
- Audience
Claims List<string> - Identifier of the intended recipient of the token used in OIDC IdP.
- Client
Id string - Client identifier that is assigned to an application by the OIDC Identity Provider.
- Federation
Settings stringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- Groups
Claim string - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- Idp
Id string - Unique 24-hexadecimal digit string that identifies the IdP.
- Issuer
Uri string - Unique string that identifies the issuer of the IdP.
- Name string
- Human-readable label that identifies the identity provider.
- Okta
Idp stringId - Unique 20-hexadecimal digit string that identifies the IdP.
- Protocol string
- The protocol of the identity provider. Either
SAMLorOIDC. - Request
Binding string - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- Requested
Scopes List<string> - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- Response
Signature stringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - Sso
Debug boolEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- Sso
Url string - Unique string that identifies the intended audience of the SAML assertion.
- Status string
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- User
Claim string - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- Associated
Domains []string - List that contains the domains associated with the identity provider.
- Audience
Claims []string - Identifier of the intended recipient of the token used in OIDC IdP.
- Client
Id string - Client identifier that is assigned to an application by the OIDC Identity Provider.
- Federation
Settings stringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- Groups
Claim string - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- Idp
Id string - Unique 24-hexadecimal digit string that identifies the IdP.
- Issuer
Uri string - Unique string that identifies the issuer of the IdP.
- Name string
- Human-readable label that identifies the identity provider.
- Okta
Idp stringId - Unique 20-hexadecimal digit string that identifies the IdP.
- Protocol string
- The protocol of the identity provider. Either
SAMLorOIDC. - Request
Binding string - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- Requested
Scopes []string - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- Response
Signature stringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - Sso
Debug boolEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- Sso
Url string - Unique string that identifies the intended audience of the SAML assertion.
- Status string
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- User
Claim string - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- associated
Domains List<String> - List that contains the domains associated with the identity provider.
- audience
Claims List<String> - Identifier of the intended recipient of the token used in OIDC IdP.
- client
Id String - Client identifier that is assigned to an application by the OIDC Identity Provider.
- federation
Settings StringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- groups
Claim String - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- idp
Id String - Unique 24-hexadecimal digit string that identifies the IdP.
- issuer
Uri String - Unique string that identifies the issuer of the IdP.
- name String
- Human-readable label that identifies the identity provider.
- okta
Idp StringId - Unique 20-hexadecimal digit string that identifies the IdP.
- protocol String
- The protocol of the identity provider. Either
SAMLorOIDC. - request
Binding String - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- requested
Scopes List<String> - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- response
Signature StringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - sso
Debug BooleanEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- sso
Url String - Unique string that identifies the intended audience of the SAML assertion.
- status String
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- user
Claim String - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- associated
Domains string[] - List that contains the domains associated with the identity provider.
- audience
Claims string[] - Identifier of the intended recipient of the token used in OIDC IdP.
- client
Id string - Client identifier that is assigned to an application by the OIDC Identity Provider.
- federation
Settings stringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- groups
Claim string - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- idp
Id string - Unique 24-hexadecimal digit string that identifies the IdP.
- issuer
Uri string - Unique string that identifies the issuer of the IdP.
- name string
- Human-readable label that identifies the identity provider.
- okta
Idp stringId - Unique 20-hexadecimal digit string that identifies the IdP.
- protocol string
- The protocol of the identity provider. Either
SAMLorOIDC. - request
Binding string - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- requested
Scopes string[] - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- response
Signature stringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - sso
Debug booleanEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- sso
Url string - Unique string that identifies the intended audience of the SAML assertion.
- status string
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- user
Claim string - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- associated_
domains Sequence[str] - List that contains the domains associated with the identity provider.
- audience_
claims Sequence[str] - Identifier of the intended recipient of the token used in OIDC IdP.
- client_
id str - Client identifier that is assigned to an application by the OIDC Identity Provider.
- federation_
settings_ strid - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- groups_
claim str - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- idp_
id str - Unique 24-hexadecimal digit string that identifies the IdP.
- issuer_
uri str - Unique string that identifies the issuer of the IdP.
- name str
- Human-readable label that identifies the identity provider.
- okta_
idp_ strid - Unique 20-hexadecimal digit string that identifies the IdP.
- protocol str
- The protocol of the identity provider. Either
SAMLorOIDC. - request_
binding str - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- requested_
scopes Sequence[str] - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- response_
signature_ stralgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - sso_
debug_ boolenabled - Flag that indicates whether the identity provider has SSO debug enabled.
- sso_
url str - Unique string that identifies the intended audience of the SAML assertion.
- status str
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- user_
claim str - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
- associated
Domains List<String> - List that contains the domains associated with the identity provider.
- audience
Claims List<String> - Identifier of the intended recipient of the token used in OIDC IdP.
- client
Id String - Client identifier that is assigned to an application by the OIDC Identity Provider.
- federation
Settings StringId - Unique 24-hexadecimal digit string that identifies the federated authentication configuration.
- groups
Claim String - Identifier of the claim which contains OIDC IdP Group IDs in the token.
- idp
Id String - Unique 24-hexadecimal digit string that identifies the IdP.
- issuer
Uri String - Unique string that identifies the issuer of the IdP.
- name String
- Human-readable label that identifies the identity provider.
- okta
Idp StringId - Unique 20-hexadecimal digit string that identifies the IdP.
- protocol String
- The protocol of the identity provider. Either
SAMLorOIDC. - request
Binding String - SAML Authentication Request Protocol HTTP method binding (
POSTorREDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:- HTTP POST
- HTTP REDIRECT
- requested
Scopes List<String> - Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.
- response
Signature StringAlgorithm - Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include
SHA-1andSHA-256. - sso
Debug BooleanEnabled - Flag that indicates whether the identity provider has SSO debug enabled.
- sso
Url String - Unique string that identifies the intended audience of the SAML assertion.
- status String
- String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.
- user
Claim String - Identifier of the claim which contains the user ID in the token used for OIDC IdPs.
Import
Identity Provider must be imported before using federation_settings_id-idp_id, e.g.
$ pulumi import mongodbatlas:index/federatedSettingsIdentityProvider:FederatedSettingsIdentityProvider identity_provider 6287a663c660f52b1c441c6c-0oad4fas87jL5Xnk1297
WARNING: Starting from terraform provider version 1.16.0, to import the resource a 24-hexadecimal digit string that identifies the IdP (idp_id) will have to be used instead of okta_idp_id. See more here
For more information see: MongoDB Atlas API Reference.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- MongoDB Atlas pulumi/pulumi-mongodbatlas
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
mongodbatlasTerraform Provider.