Get a federated claim for an Okta application.
Use this data source to retrieve information about a federated claim that has been configured for an application. Federated claims add custom claims to tokens produced for an application using Okta Expression Language.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const example = okta.app.getFederatedClaim({
appId: "0oa1234567890abcdef",
id: "ofcu234567890abcdef",
});
export const claimExpression = example.then(example => example.expression);
import pulumi
import pulumi_okta as okta
example = okta.app.get_federated_claim(app_id="0oa1234567890abcdef",
id="ofcu234567890abcdef")
pulumi.export("claimExpression", example.expression)
package main
import (
"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := app.LookupFederatedClaim(ctx, &app.LookupFederatedClaimArgs{
AppId: "0oa1234567890abcdef",
Id: "ofcu234567890abcdef",
}, nil)
if err != nil {
return err
}
ctx.Export("claimExpression", example.Expression)
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var example = Okta.App.GetFederatedClaim.Invoke(new()
{
AppId = "0oa1234567890abcdef",
Id = "ofcu234567890abcdef",
});
return new Dictionary<string, object?>
{
["claimExpression"] = example.Apply(getFederatedClaimResult => getFederatedClaimResult.Expression),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.app.AppFunctions;
import com.pulumi.okta.app.inputs.GetFederatedClaimArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = AppFunctions.getFederatedClaim(GetFederatedClaimArgs.builder()
.appId("0oa1234567890abcdef")
.id("ofcu234567890abcdef")
.build());
ctx.export("claimExpression", example.expression());
}
}
variables:
example:
fn::invoke:
function: okta:app:getFederatedClaim
arguments:
appId: 0oa1234567890abcdef
id: ofcu234567890abcdef
outputs:
claimExpression: ${example.expression}
Using with a Resource
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const testApp = new okta.app.Saml("test_app", {
label: "example",
ssoUrl: "https://example.com",
recipient: "https://example.com",
destination: "https://example.com",
audience: "https://example.com/audience",
subjectNameIdTemplate: "${user.userName}",
subjectNameIdFormat: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
responseSigned: true,
signatureAlgorithm: "RSA_SHA256",
digestAlgorithm: "SHA256",
});
const exampleFederatedClaim = new okta.app.FederatedClaim("example", {
appId: testApp.id,
name: "role_last_name",
expression: "user.profile.lastName",
});
const example = okta.app.getFederatedClaimOutput({
appId: testApp.id,
id: exampleFederatedClaim.id,
});
export const claimName = example.apply(example => example.name);
export const claimExpression = example.apply(example => example.expression);
import pulumi
import pulumi_okta as okta
test_app = okta.app.Saml("test_app",
label="example",
sso_url="https://example.com",
recipient="https://example.com",
destination="https://example.com",
audience="https://example.com/audience",
subject_name_id_template="${user.userName}",
subject_name_id_format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
response_signed=True,
signature_algorithm="RSA_SHA256",
digest_algorithm="SHA256")
example_federated_claim = okta.app.FederatedClaim("example",
app_id=test_app.id,
name="role_last_name",
expression="user.profile.lastName")
example = okta.app.get_federated_claim_output(app_id=test_app.id,
id=example_federated_claim.id)
pulumi.export("claimName", example.name)
pulumi.export("claimExpression", example.expression)
package main
import (
"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
testApp, err := app.NewSaml(ctx, "test_app", &app.SamlArgs{
Label: pulumi.String("example"),
SsoUrl: pulumi.String("https://example.com"),
Recipient: pulumi.String("https://example.com"),
Destination: pulumi.String("https://example.com"),
Audience: pulumi.String("https://example.com/audience"),
SubjectNameIdTemplate: pulumi.String("${user.userName}"),
SubjectNameIdFormat: pulumi.String("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"),
ResponseSigned: pulumi.Bool(true),
SignatureAlgorithm: pulumi.String("RSA_SHA256"),
DigestAlgorithm: pulumi.String("SHA256"),
})
if err != nil {
return err
}
exampleFederatedClaim, err := app.NewFederatedClaim(ctx, "example", &app.FederatedClaimArgs{
AppId: testApp.ID(),
Name: pulumi.String("role_last_name"),
Expression: pulumi.String("user.profile.lastName"),
})
if err != nil {
return err
}
example := app.LookupFederatedClaimOutput(ctx, app.GetFederatedClaimOutputArgs{
AppId: testApp.ID(),
Id: exampleFederatedClaim.ID(),
}, nil)
ctx.Export("claimName", example.ApplyT(func(example app.GetFederatedClaimResult) (*string, error) {
return &example.Name, nil
}).(pulumi.StringPtrOutput))
ctx.Export("claimExpression", example.ApplyT(func(example app.GetFederatedClaimResult) (*string, error) {
return &example.Expression, nil
}).(pulumi.StringPtrOutput))
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var testApp = new Okta.App.Saml("test_app", new()
{
Label = "example",
SsoUrl = "https://example.com",
Recipient = "https://example.com",
Destination = "https://example.com",
Audience = "https://example.com/audience",
SubjectNameIdTemplate = "${user.userName}",
SubjectNameIdFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
ResponseSigned = true,
SignatureAlgorithm = "RSA_SHA256",
DigestAlgorithm = "SHA256",
});
var exampleFederatedClaim = new Okta.App.FederatedClaim("example", new()
{
AppId = testApp.Id,
Name = "role_last_name",
Expression = "user.profile.lastName",
});
var example = Okta.App.GetFederatedClaim.Invoke(new()
{
AppId = testApp.Id,
Id = exampleFederatedClaim.Id,
});
return new Dictionary<string, object?>
{
["claimName"] = example.Apply(getFederatedClaimResult => getFederatedClaimResult.Name),
["claimExpression"] = example.Apply(getFederatedClaimResult => getFederatedClaimResult.Expression),
};
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.app.Saml;
import com.pulumi.okta.app.SamlArgs;
import com.pulumi.okta.app.FederatedClaim;
import com.pulumi.okta.app.FederatedClaimArgs;
import com.pulumi.okta.app.AppFunctions;
import com.pulumi.okta.app.inputs.GetFederatedClaimArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testApp = new Saml("testApp", SamlArgs.builder()
.label("example")
.ssoUrl("https://example.com")
.recipient("https://example.com")
.destination("https://example.com")
.audience("https://example.com/audience")
.subjectNameIdTemplate("${user.userName}")
.subjectNameIdFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress")
.responseSigned(true)
.signatureAlgorithm("RSA_SHA256")
.digestAlgorithm("SHA256")
.build());
var exampleFederatedClaim = new FederatedClaim("exampleFederatedClaim", FederatedClaimArgs.builder()
.appId(testApp.id())
.name("role_last_name")
.expression("user.profile.lastName")
.build());
final var example = AppFunctions.getFederatedClaim(GetFederatedClaimArgs.builder()
.appId(testApp.id())
.id(exampleFederatedClaim.id())
.build());
ctx.export("claimName", example.applyValue(_example -> _example.name()));
ctx.export("claimExpression", example.applyValue(_example -> _example.expression()));
}
}
resources:
testApp:
type: okta:app:Saml
name: test_app
properties:
label: example
ssoUrl: https://example.com
recipient: https://example.com
destination: https://example.com
audience: https://example.com/audience
subjectNameIdTemplate: $${user.userName}
subjectNameIdFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
responseSigned: true
signatureAlgorithm: RSA_SHA256
digestAlgorithm: SHA256
exampleFederatedClaim:
type: okta:app:FederatedClaim
name: example
properties:
appId: ${testApp.id}
name: role_last_name
expression: user.profile.lastName
variables:
example:
fn::invoke:
function: okta:app:getFederatedClaim
arguments:
appId: ${testApp.id}
id: ${exampleFederatedClaim.id}
outputs:
claimName: ${example.name}
claimExpression: ${example.expression}
Using getFederatedClaim
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getFederatedClaim(args: GetFederatedClaimArgs, opts?: InvokeOptions): Promise<GetFederatedClaimResult>
function getFederatedClaimOutput(args: GetFederatedClaimOutputArgs, opts?: InvokeOptions): Output<GetFederatedClaimResult>def get_federated_claim(app_id: Optional[str] = None,
id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetFederatedClaimResult
def get_federated_claim_output(app_id: Optional[pulumi.Input[str]] = None,
id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetFederatedClaimResult]func LookupFederatedClaim(ctx *Context, args *LookupFederatedClaimArgs, opts ...InvokeOption) (*LookupFederatedClaimResult, error)
func LookupFederatedClaimOutput(ctx *Context, args *LookupFederatedClaimOutputArgs, opts ...InvokeOption) LookupFederatedClaimResultOutput> Note: This function is named LookupFederatedClaim in the Go SDK.
public static class GetFederatedClaim
{
public static Task<GetFederatedClaimResult> InvokeAsync(GetFederatedClaimArgs args, InvokeOptions? opts = null)
public static Output<GetFederatedClaimResult> Invoke(GetFederatedClaimInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetFederatedClaimResult> getFederatedClaim(GetFederatedClaimArgs args, InvokeOptions options)
public static Output<GetFederatedClaimResult> getFederatedClaim(GetFederatedClaimArgs args, InvokeOptions options)
fn::invoke:
function: okta:app/getFederatedClaim:getFederatedClaim
arguments:
# arguments dictionaryThe following arguments are supported:
getFederatedClaim Result
The following output properties are available:
- App
Id string - The ID of the application that the federated claim belongs to.
- Expression string
- The Okta Expression Language expression to be evaluated at runtime.
- Id string
- The unique identifier for the federated claim.
- Name string
- The name of the claim to be used in the produced token.
- App
Id string - The ID of the application that the federated claim belongs to.
- Expression string
- The Okta Expression Language expression to be evaluated at runtime.
- Id string
- The unique identifier for the federated claim.
- Name string
- The name of the claim to be used in the produced token.
- app
Id String - The ID of the application that the federated claim belongs to.
- expression String
- The Okta Expression Language expression to be evaluated at runtime.
- id String
- The unique identifier for the federated claim.
- name String
- The name of the claim to be used in the produced token.
- app
Id string - The ID of the application that the federated claim belongs to.
- expression string
- The Okta Expression Language expression to be evaluated at runtime.
- id string
- The unique identifier for the federated claim.
- name string
- The name of the claim to be used in the produced token.
- app_
id str - The ID of the application that the federated claim belongs to.
- expression str
- The Okta Expression Language expression to be evaluated at runtime.
- id str
- The unique identifier for the federated claim.
- name str
- The name of the claim to be used in the produced token.
- app
Id String - The ID of the application that the federated claim belongs to.
- expression String
- The Okta Expression Language expression to be evaluated at runtime.
- id String
- The unique identifier for the federated claim.
- name String
- The name of the claim to be used in the produced token.
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oktaTerraform Provider.
