1. Packages
  2. Packages
  3. Okta Provider
  4. API Docs
  5. app
  6. getSignOnPolicyRule
Viewing docs for Okta v6.9.0
published on Wednesday, Jul 1, 2026 by Pulumi
okta logo
Viewing docs for Okta v6.9.0
published on Wednesday, Jul 1, 2026 by Pulumi

    Retrieves an app sign-on (access) policy rule by ruleId from Okta.

    WARNING: This feature is only available as a part of the Identity Engine. Contact support for further information.

    Inside the product a sign-on policy rule is referenced as an authentication policy rule, in the public API the parent policy is of type ACCESS_POLICY.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as okta from "@pulumi/okta";
    
    const example = okta.getAppSignonPolicy({
        appId: "<app id>",
    });
    const exampleGetSignOnPolicyRule = example.then(example => okta.app.getSignOnPolicyRule({
        id: "<rule id>",
        policyId: example.id,
    }));
    
    import pulumi
    import pulumi_okta as okta
    
    example = okta.get_app_signon_policy(app_id="<app id>")
    example_get_sign_on_policy_rule = okta.app.get_sign_on_policy_rule(id="<rule id>",
        policy_id=example.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-okta/sdk/v6/go/okta"
    	"github.com/pulumi/pulumi-okta/sdk/v6/go/okta/app"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := okta.GetAppSignonPolicy(ctx, &okta.LookupAppSignonPolicyArgs{
    			AppId: "<app id>",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = app.GetSignOnPolicyRule(ctx, &app.GetSignOnPolicyRuleArgs{
    			Id:       "<rule id>",
    			PolicyId: example.Id,
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Okta = Pulumi.Okta;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Okta.GetAppSignonPolicy.Invoke(new()
        {
            AppId = "<app id>",
        });
    
        var exampleGetSignOnPolicyRule = Okta.App.GetSignOnPolicyRule.Invoke(new()
        {
            Id = "<rule id>",
            PolicyId = example.Apply(getAppSignonPolicyResult => getAppSignonPolicyResult.Id),
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.okta.OktaFunctions;
    import com.pulumi.okta.inputs.GetAppSignonPolicyArgs;
    import com.pulumi.okta.app.AppFunctions;
    import com.pulumi.okta.app.inputs.GetSignOnPolicyRuleArgs;
    import java.util.ArrayList;
    import java.util.Arrays;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = OktaFunctions.getAppSignonPolicy(GetAppSignonPolicyArgs.builder()
                .appId("<app id>")
                .build());
    
            final var exampleGetSignOnPolicyRule = AppFunctions.getSignOnPolicyRule(GetSignOnPolicyRuleArgs.builder()
                .id("<rule id>")
                .policyId(example.id())
                .build());
    
        }
    }
    
    variables:
      example:
        fn::invoke:
          function: okta:getAppSignonPolicy
          arguments:
            appId: <app id>
      exampleGetSignOnPolicyRule:
        fn::invoke:
          function: okta:app:getSignOnPolicyRule
          arguments:
            id: <rule id>
            policyId: ${example.id}
    
    pulumi {
      required_providers {
        okta = {
          source = "pulumi/okta"
        }
      }
    }
    
    data "okta_getappsignonpolicy" "example" {
      app_id = "<app id>"
    }
    data "okta_app_getsignonpolicyrule" "exampleGetSignOnPolicyRule" {
      id        = "<rule id>"
      policy_id = data.okta_getappsignonpolicy.example.id
    }
    

    Using getSignOnPolicyRule

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getSignOnPolicyRule(args: GetSignOnPolicyRuleArgs, opts?: InvokeOptions): Promise<GetSignOnPolicyRuleResult>
    function getSignOnPolicyRuleOutput(args: GetSignOnPolicyRuleOutputArgs, opts?: InvokeOptions): Output<GetSignOnPolicyRuleResult>
    def get_sign_on_policy_rule(actions: Optional[GetSignOnPolicyRuleActions] = None,
                                conditions: Optional[GetSignOnPolicyRuleConditions] = None,
                                id: Optional[str] = None,
                                policy_id: Optional[str] = None,
                                opts: Optional[InvokeOptions] = None) -> GetSignOnPolicyRuleResult
    def get_sign_on_policy_rule_output(actions: pulumi.Input[Optional[GetSignOnPolicyRuleActionsArgs]] = None,
                                conditions: pulumi.Input[Optional[GetSignOnPolicyRuleConditionsArgs]] = None,
                                id: pulumi.Input[Optional[str]] = None,
                                policy_id: pulumi.Input[Optional[str]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetSignOnPolicyRuleResult]
    func GetSignOnPolicyRule(ctx *Context, args *GetSignOnPolicyRuleArgs, opts ...InvokeOption) (*GetSignOnPolicyRuleResult, error)
    func GetSignOnPolicyRuleOutput(ctx *Context, args *GetSignOnPolicyRuleOutputArgs, opts ...InvokeOption) GetSignOnPolicyRuleResultOutput

    > Note: This function is named GetSignOnPolicyRule in the Go SDK.

    public static class GetSignOnPolicyRule 
    {
        public static Task<GetSignOnPolicyRuleResult> InvokeAsync(GetSignOnPolicyRuleArgs args, InvokeOptions? opts = null)
        public static Output<GetSignOnPolicyRuleResult> Invoke(GetSignOnPolicyRuleInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetSignOnPolicyRuleResult> getSignOnPolicyRule(GetSignOnPolicyRuleArgs args, InvokeOptions options)
    public static Output<GetSignOnPolicyRuleResult> getSignOnPolicyRule(GetSignOnPolicyRuleArgs args, InvokeOptions options)
    
    fn::invoke:
      function: okta:app/getSignOnPolicyRule:getSignOnPolicyRule
      arguments:
        # arguments dictionary
    data "okta_app_getsignonpolicyrule" "name" {
        # arguments
    }

    The following arguments are supported:

    Id string
    Unique identifier of the access policy rule.
    PolicyId string
    id of the policy
    Actions GetSignOnPolicyRuleActions
    Conditions GetSignOnPolicyRuleConditions
    Id string
    Unique identifier of the access policy rule.
    PolicyId string
    id of the policy
    Actions GetSignOnPolicyRuleActions
    Conditions GetSignOnPolicyRuleConditions
    id string
    Unique identifier of the access policy rule.
    policy_id string
    id of the policy
    actions object
    conditions object
    id String
    Unique identifier of the access policy rule.
    policyId String
    id of the policy
    actions GetSignOnPolicyRuleActions
    conditions GetSignOnPolicyRuleConditions
    id string
    Unique identifier of the access policy rule.
    policyId string
    id of the policy
    actions GetSignOnPolicyRuleActions
    conditions GetSignOnPolicyRuleConditions
    id str
    Unique identifier of the access policy rule.
    policy_id str
    id of the policy
    actions GetSignOnPolicyRuleActions
    conditions GetSignOnPolicyRuleConditions
    id String
    Unique identifier of the access policy rule.
    policyId String
    id of the policy
    actions Property Map
    conditions Property Map

    getSignOnPolicyRule Result

    The following output properties are available:

    Created string
    Timestamp when the rule was created
    Id string
    Unique identifier of the access policy rule.
    LastUpdated string
    Timestamp when the rule was last modified
    Name string
    Name of the rule
    PolicyId string
    id of the policy
    Priority int
    Priority of the rule
    Status string
    Whether or not the rule is active.
    System bool
    Specifies whether Okta created the policy rule (system=true).
    Actions GetSignOnPolicyRuleActions
    Conditions GetSignOnPolicyRuleConditions
    Created string
    Timestamp when the rule was created
    Id string
    Unique identifier of the access policy rule.
    LastUpdated string
    Timestamp when the rule was last modified
    Name string
    Name of the rule
    PolicyId string
    id of the policy
    Priority int
    Priority of the rule
    Status string
    Whether or not the rule is active.
    System bool
    Specifies whether Okta created the policy rule (system=true).
    Actions GetSignOnPolicyRuleActions
    Conditions GetSignOnPolicyRuleConditions
    created string
    Timestamp when the rule was created
    id string
    Unique identifier of the access policy rule.
    last_updated string
    Timestamp when the rule was last modified
    name string
    Name of the rule
    policy_id string
    id of the policy
    priority number
    Priority of the rule
    status string
    Whether or not the rule is active.
    system bool
    Specifies whether Okta created the policy rule (system=true).
    actions object
    conditions object
    created String
    Timestamp when the rule was created
    id String
    Unique identifier of the access policy rule.
    lastUpdated String
    Timestamp when the rule was last modified
    name String
    Name of the rule
    policyId String
    id of the policy
    priority Integer
    Priority of the rule
    status String
    Whether or not the rule is active.
    system Boolean
    Specifies whether Okta created the policy rule (system=true).
    actions GetSignOnPolicyRuleActions
    conditions GetSignOnPolicyRuleConditions
    created string
    Timestamp when the rule was created
    id string
    Unique identifier of the access policy rule.
    lastUpdated string
    Timestamp when the rule was last modified
    name string
    Name of the rule
    policyId string
    id of the policy
    priority number
    Priority of the rule
    status string
    Whether or not the rule is active.
    system boolean
    Specifies whether Okta created the policy rule (system=true).
    actions GetSignOnPolicyRuleActions
    conditions GetSignOnPolicyRuleConditions
    created str
    Timestamp when the rule was created
    id str
    Unique identifier of the access policy rule.
    last_updated str
    Timestamp when the rule was last modified
    name str
    Name of the rule
    policy_id str
    id of the policy
    priority int
    Priority of the rule
    status str
    Whether or not the rule is active.
    system bool
    Specifies whether Okta created the policy rule (system=true).
    actions GetSignOnPolicyRuleActions
    conditions GetSignOnPolicyRuleConditions
    created String
    Timestamp when the rule was created
    id String
    Unique identifier of the access policy rule.
    lastUpdated String
    Timestamp when the rule was last modified
    name String
    Name of the rule
    policyId String
    id of the policy
    priority Number
    Priority of the rule
    status String
    Whether or not the rule is active.
    system Boolean
    Specifies whether Okta created the policy rule (system=true).
    actions Property Map
    conditions Property Map

    Supporting Types

    GetSignOnPolicyRuleActions

    AppSignOn GetSignOnPolicyRuleActionsAppSignOn
    Specifies the results when a user attempts to sign in
    AppSignOn GetSignOnPolicyRuleActionsAppSignOn
    Specifies the results when a user attempts to sign in
    app_sign_on object
    Specifies the results when a user attempts to sign in
    appSignOn GetSignOnPolicyRuleActionsAppSignOn
    Specifies the results when a user attempts to sign in
    appSignOn GetSignOnPolicyRuleActionsAppSignOn
    Specifies the results when a user attempts to sign in
    app_sign_on GetSignOnPolicyRuleActionsAppSignOn
    Specifies the results when a user attempts to sign in
    appSignOn Property Map
    Specifies the results when a user attempts to sign in

    GetSignOnPolicyRuleActionsAppSignOn

    Access string
    Access
    KeepMeSignedIn GetSignOnPolicyRuleActionsAppSignOnKeepMeSignedIn
    Controls how often the post-authentication prompt is presented to users
    VerificationMethod GetSignOnPolicyRuleActionsAppSignOnVerificationMethod
    The method used to verify a user
    Access string
    Access
    KeepMeSignedIn GetSignOnPolicyRuleActionsAppSignOnKeepMeSignedIn
    Controls how often the post-authentication prompt is presented to users
    VerificationMethod GetSignOnPolicyRuleActionsAppSignOnVerificationMethod
    The method used to verify a user
    access string
    Access
    keep_me_signed_in object
    Controls how often the post-authentication prompt is presented to users
    verification_method object
    The method used to verify a user
    access String
    Access
    keepMeSignedIn GetSignOnPolicyRuleActionsAppSignOnKeepMeSignedIn
    Controls how often the post-authentication prompt is presented to users
    verificationMethod GetSignOnPolicyRuleActionsAppSignOnVerificationMethod
    The method used to verify a user
    access string
    Access
    keepMeSignedIn GetSignOnPolicyRuleActionsAppSignOnKeepMeSignedIn
    Controls how often the post-authentication prompt is presented to users
    verificationMethod GetSignOnPolicyRuleActionsAppSignOnVerificationMethod
    The method used to verify a user
    access str
    Access
    keep_me_signed_in GetSignOnPolicyRuleActionsAppSignOnKeepMeSignedIn
    Controls how often the post-authentication prompt is presented to users
    verification_method GetSignOnPolicyRuleActionsAppSignOnVerificationMethod
    The method used to verify a user
    access String
    Access
    keepMeSignedIn Property Map
    Controls how often the post-authentication prompt is presented to users
    verificationMethod Property Map
    The method used to verify a user

    GetSignOnPolicyRuleActionsAppSignOnKeepMeSignedIn

    PostAuth string
    Whether the post-authentication Keep Me Signed In (KMSI) flow is allowed.
    PostAuthPromptFrequency string
    A time duration specified as an ISO 8601 duration
    PostAuth string
    Whether the post-authentication Keep Me Signed In (KMSI) flow is allowed.
    PostAuthPromptFrequency string
    A time duration specified as an ISO 8601 duration
    post_auth string
    Whether the post-authentication Keep Me Signed In (KMSI) flow is allowed.
    post_auth_prompt_frequency string
    A time duration specified as an ISO 8601 duration
    postAuth String
    Whether the post-authentication Keep Me Signed In (KMSI) flow is allowed.
    postAuthPromptFrequency String
    A time duration specified as an ISO 8601 duration
    postAuth string
    Whether the post-authentication Keep Me Signed In (KMSI) flow is allowed.
    postAuthPromptFrequency string
    A time duration specified as an ISO 8601 duration
    post_auth str
    Whether the post-authentication Keep Me Signed In (KMSI) flow is allowed.
    post_auth_prompt_frequency str
    A time duration specified as an ISO 8601 duration
    postAuth String
    Whether the post-authentication Keep Me Signed In (KMSI) flow is allowed.
    postAuthPromptFrequency String
    A time duration specified as an ISO 8601 duration

    GetSignOnPolicyRuleActionsAppSignOnVerificationMethod

    Type string
    Verification method type
    Type string
    Verification method type
    type string
    Verification method type
    type String
    Verification method type
    type string
    Verification method type
    type str
    Verification method type
    type String
    Verification method type

    GetSignOnPolicyRuleConditions

    Device GetSignOnPolicyRuleConditionsDevice
    Specifies the device condition to match on
    ElCondition GetSignOnPolicyRuleConditionsElCondition
    Specifies Okta Expression Language expressions
    Network GetSignOnPolicyRuleConditionsNetwork
    Specifies a network selection mode and a set of network zones to be included or excluded.
    People GetSignOnPolicyRuleConditionsPeople
    Specifies the users and groups that are included or excluded by the policy rule
    Platform GetSignOnPolicyRuleConditionsPlatform
    Specifies a particular platform or device to match on
    RiskScore GetSignOnPolicyRuleConditionsRiskScore
    Specifies a particular level of risk to match on
    UserType GetSignOnPolicyRuleConditionsUserType
    Specifies which user types to include and/or exclude
    Device GetSignOnPolicyRuleConditionsDevice
    Specifies the device condition to match on
    ElCondition GetSignOnPolicyRuleConditionsElCondition
    Specifies Okta Expression Language expressions
    Network GetSignOnPolicyRuleConditionsNetwork
    Specifies a network selection mode and a set of network zones to be included or excluded.
    People GetSignOnPolicyRuleConditionsPeople
    Specifies the users and groups that are included or excluded by the policy rule
    Platform GetSignOnPolicyRuleConditionsPlatform
    Specifies a particular platform or device to match on
    RiskScore GetSignOnPolicyRuleConditionsRiskScore
    Specifies a particular level of risk to match on
    UserType GetSignOnPolicyRuleConditionsUserType
    Specifies which user types to include and/or exclude
    device object
    Specifies the device condition to match on
    el_condition object
    Specifies Okta Expression Language expressions
    network object
    Specifies a network selection mode and a set of network zones to be included or excluded.
    people object
    Specifies the users and groups that are included or excluded by the policy rule
    platform object
    Specifies a particular platform or device to match on
    risk_score object
    Specifies a particular level of risk to match on
    user_type object
    Specifies which user types to include and/or exclude
    device GetSignOnPolicyRuleConditionsDevice
    Specifies the device condition to match on
    elCondition GetSignOnPolicyRuleConditionsElCondition
    Specifies Okta Expression Language expressions
    network GetSignOnPolicyRuleConditionsNetwork
    Specifies a network selection mode and a set of network zones to be included or excluded.
    people GetSignOnPolicyRuleConditionsPeople
    Specifies the users and groups that are included or excluded by the policy rule
    platform GetSignOnPolicyRuleConditionsPlatform
    Specifies a particular platform or device to match on
    riskScore GetSignOnPolicyRuleConditionsRiskScore
    Specifies a particular level of risk to match on
    userType GetSignOnPolicyRuleConditionsUserType
    Specifies which user types to include and/or exclude
    device GetSignOnPolicyRuleConditionsDevice
    Specifies the device condition to match on
    elCondition GetSignOnPolicyRuleConditionsElCondition
    Specifies Okta Expression Language expressions
    network GetSignOnPolicyRuleConditionsNetwork
    Specifies a network selection mode and a set of network zones to be included or excluded.
    people GetSignOnPolicyRuleConditionsPeople
    Specifies the users and groups that are included or excluded by the policy rule
    platform GetSignOnPolicyRuleConditionsPlatform
    Specifies a particular platform or device to match on
    riskScore GetSignOnPolicyRuleConditionsRiskScore
    Specifies a particular level of risk to match on
    userType GetSignOnPolicyRuleConditionsUserType
    Specifies which user types to include and/or exclude
    device GetSignOnPolicyRuleConditionsDevice
    Specifies the device condition to match on
    el_condition GetSignOnPolicyRuleConditionsElCondition
    Specifies Okta Expression Language expressions
    network GetSignOnPolicyRuleConditionsNetwork
    Specifies a network selection mode and a set of network zones to be included or excluded.
    people GetSignOnPolicyRuleConditionsPeople
    Specifies the users and groups that are included or excluded by the policy rule
    platform GetSignOnPolicyRuleConditionsPlatform
    Specifies a particular platform or device to match on
    risk_score GetSignOnPolicyRuleConditionsRiskScore
    Specifies a particular level of risk to match on
    user_type GetSignOnPolicyRuleConditionsUserType
    Specifies which user types to include and/or exclude
    device Property Map
    Specifies the device condition to match on
    elCondition Property Map
    Specifies Okta Expression Language expressions
    network Property Map
    Specifies a network selection mode and a set of network zones to be included or excluded.
    people Property Map
    Specifies the users and groups that are included or excluded by the policy rule
    platform Property Map
    Specifies a particular platform or device to match on
    riskScore Property Map
    Specifies a particular level of risk to match on
    userType Property Map
    Specifies which user types to include and/or exclude

    GetSignOnPolicyRuleConditionsDevice

    Managed bool
    Indicates if the device is managed.
    Registered bool
    Indicates if the device is registered.
    Assurance GetSignOnPolicyRuleConditionsDeviceAssurance
    Specifies device assurance policies in the policy rule.
    Managed bool
    Indicates if the device is managed.
    Registered bool
    Indicates if the device is registered.
    Assurance GetSignOnPolicyRuleConditionsDeviceAssurance
    Specifies device assurance policies in the policy rule.
    managed bool
    Indicates if the device is managed.
    registered bool
    Indicates if the device is registered.
    assurance object
    Specifies device assurance policies in the policy rule.
    managed Boolean
    Indicates if the device is managed.
    registered Boolean
    Indicates if the device is registered.
    assurance GetSignOnPolicyRuleConditionsDeviceAssurance
    Specifies device assurance policies in the policy rule.
    managed boolean
    Indicates if the device is managed.
    registered boolean
    Indicates if the device is registered.
    assurance GetSignOnPolicyRuleConditionsDeviceAssurance
    Specifies device assurance policies in the policy rule.
    managed bool
    Indicates if the device is managed.
    registered bool
    Indicates if the device is registered.
    assurance GetSignOnPolicyRuleConditionsDeviceAssurance
    Specifies device assurance policies in the policy rule.
    managed Boolean
    Indicates if the device is managed.
    registered Boolean
    Indicates if the device is registered.
    assurance Property Map
    Specifies device assurance policies in the policy rule.

    GetSignOnPolicyRuleConditionsDeviceAssurance

    Includes List<string>
    Specifies the device assurance policy ID
    Includes []string
    Specifies the device assurance policy ID
    includes list(string)
    Specifies the device assurance policy ID
    includes List<String>
    Specifies the device assurance policy ID
    includes string[]
    Specifies the device assurance policy ID
    includes Sequence[str]
    Specifies the device assurance policy ID
    includes List<String>
    Specifies the device assurance policy ID

    GetSignOnPolicyRuleConditionsElCondition

    Condition string
    expression to match
    Condition string
    expression to match
    condition string
    expression to match
    condition String
    expression to match
    condition string
    expression to match
    condition str
    expression to match
    condition String
    expression to match

    GetSignOnPolicyRuleConditionsNetwork

    Connection string
    Network selection mode
    Excludes List<string>
    The zones to exclude.
    Includes List<string>
    The zones to include.
    Connection string
    Network selection mode
    Excludes []string
    The zones to exclude.
    Includes []string
    The zones to include.
    connection string
    Network selection mode
    excludes list(string)
    The zones to exclude.
    includes list(string)
    The zones to include.
    connection String
    Network selection mode
    excludes List<String>
    The zones to exclude.
    includes List<String>
    The zones to include.
    connection string
    Network selection mode
    excludes string[]
    The zones to exclude.
    includes string[]
    The zones to include.
    connection str
    Network selection mode
    excludes Sequence[str]
    The zones to exclude.
    includes Sequence[str]
    The zones to include.
    connection String
    Network selection mode
    excludes List<String>
    The zones to exclude.
    includes List<String>
    The zones to include.

    GetSignOnPolicyRuleConditionsPeople

    Groups GetSignOnPolicyRuleConditionsPeopleGroups
    Specifies a set of groups whose users are to be included or excluded
    Users GetSignOnPolicyRuleConditionsPeopleUsers
    Specifies a set of users to be included or excluded
    Groups GetSignOnPolicyRuleConditionsPeopleGroups
    Specifies a set of groups whose users are to be included or excluded
    Users GetSignOnPolicyRuleConditionsPeopleUsers
    Specifies a set of users to be included or excluded
    groups object
    Specifies a set of groups whose users are to be included or excluded
    users object
    Specifies a set of users to be included or excluded
    groups GetSignOnPolicyRuleConditionsPeopleGroups
    Specifies a set of groups whose users are to be included or excluded
    users GetSignOnPolicyRuleConditionsPeopleUsers
    Specifies a set of users to be included or excluded
    groups GetSignOnPolicyRuleConditionsPeopleGroups
    Specifies a set of groups whose users are to be included or excluded
    users GetSignOnPolicyRuleConditionsPeopleUsers
    Specifies a set of users to be included or excluded
    groups GetSignOnPolicyRuleConditionsPeopleGroups
    Specifies a set of groups whose users are to be included or excluded
    users GetSignOnPolicyRuleConditionsPeopleUsers
    Specifies a set of users to be included or excluded
    groups Property Map
    Specifies a set of groups whose users are to be included or excluded
    users Property Map
    Specifies a set of users to be included or excluded

    GetSignOnPolicyRuleConditionsPeopleGroups

    Excludes List<string>
    Groups to be excluded
    Includes List<string>
    Groups to be included
    Excludes []string
    Groups to be excluded
    Includes []string
    Groups to be included
    excludes list(string)
    Groups to be excluded
    includes list(string)
    Groups to be included
    excludes List<String>
    Groups to be excluded
    includes List<String>
    Groups to be included
    excludes string[]
    Groups to be excluded
    includes string[]
    Groups to be included
    excludes Sequence[str]
    Groups to be excluded
    includes Sequence[str]
    Groups to be included
    excludes List<String>
    Groups to be excluded
    includes List<String>
    Groups to be included

    GetSignOnPolicyRuleConditionsPeopleUsers

    Excludes List<string>
    Users to be excluded
    Includes List<string>
    Users to be included
    Excludes []string
    Users to be excluded
    Includes []string
    Users to be included
    excludes list(string)
    Users to be excluded
    includes list(string)
    Users to be included
    excludes List<String>
    Users to be excluded
    includes List<String>
    Users to be included
    excludes string[]
    Users to be excluded
    includes string[]
    Users to be included
    excludes Sequence[str]
    Users to be excluded
    includes Sequence[str]
    Users to be included
    excludes List<String>
    Users to be excluded
    includes List<String>
    Users to be included

    GetSignOnPolicyRuleConditionsPlatform

    GetSignOnPolicyRuleConditionsPlatformExclude

    type string
    The type of platform
    os object
    Os
    type String
    The type of platform
    os Property Map
    Os

    GetSignOnPolicyRuleConditionsPlatformExcludeOs

    Expression string
    Expression
    Type string
    The type of operating system
    Version GetSignOnPolicyRuleConditionsPlatformExcludeOsVersion
    Version
    Expression string
    Expression
    Type string
    The type of operating system
    Version GetSignOnPolicyRuleConditionsPlatformExcludeOsVersion
    Version
    expression string
    Expression
    type string
    The type of operating system
    version object
    Version
    expression String
    Expression
    type String
    The type of operating system
    version GetSignOnPolicyRuleConditionsPlatformExcludeOsVersion
    Version
    expression string
    Expression
    type string
    The type of operating system
    version GetSignOnPolicyRuleConditionsPlatformExcludeOsVersion
    Version
    expression str
    Expression
    type str
    The type of operating system
    version GetSignOnPolicyRuleConditionsPlatformExcludeOsVersion
    Version
    expression String
    Expression
    type String
    The type of operating system
    version Property Map
    Version

    GetSignOnPolicyRuleConditionsPlatformExcludeOsVersion

    MatchType string
    MatchType
    Value string
    Value
    MatchType string
    MatchType
    Value string
    Value
    match_type string
    MatchType
    value string
    Value
    matchType String
    MatchType
    value String
    Value
    matchType string
    MatchType
    value string
    Value
    match_type str
    MatchType
    value str
    Value
    matchType String
    MatchType
    value String
    Value

    GetSignOnPolicyRuleConditionsPlatformInclude

    type string
    The type of platform
    os object
    Os
    type String
    The type of platform
    os Property Map
    Os

    GetSignOnPolicyRuleConditionsPlatformIncludeOs

    Expression string
    Expression
    Type string
    The type of operating system
    Version GetSignOnPolicyRuleConditionsPlatformIncludeOsVersion
    Version
    Expression string
    Expression
    Type string
    The type of operating system
    Version GetSignOnPolicyRuleConditionsPlatformIncludeOsVersion
    Version
    expression string
    Expression
    type string
    The type of operating system
    version object
    Version
    expression String
    Expression
    type String
    The type of operating system
    version GetSignOnPolicyRuleConditionsPlatformIncludeOsVersion
    Version
    expression string
    Expression
    type string
    The type of operating system
    version GetSignOnPolicyRuleConditionsPlatformIncludeOsVersion
    Version
    expression str
    Expression
    type str
    The type of operating system
    version GetSignOnPolicyRuleConditionsPlatformIncludeOsVersion
    Version
    expression String
    Expression
    type String
    The type of operating system
    version Property Map
    Version

    GetSignOnPolicyRuleConditionsPlatformIncludeOsVersion

    MatchType string
    MatchType
    Value string
    Value
    MatchType string
    MatchType
    Value string
    Value
    match_type string
    MatchType
    value string
    Value
    matchType String
    MatchType
    value String
    Value
    matchType string
    MatchType
    value string
    Value
    match_type str
    MatchType
    value str
    Value
    matchType String
    MatchType
    value String
    Value

    GetSignOnPolicyRuleConditionsRiskScore

    Level string
    The level to match
    MinRiskLevel string
    The minimum risk level to match.
    Level string
    The level to match
    MinRiskLevel string
    The minimum risk level to match.
    level string
    The level to match
    min_risk_level string
    The minimum risk level to match.
    level String
    The level to match
    minRiskLevel String
    The minimum risk level to match.
    level string
    The level to match
    minRiskLevel string
    The minimum risk level to match.
    level str
    The level to match
    min_risk_level str
    The minimum risk level to match.
    level String
    The level to match
    minRiskLevel String
    The minimum risk level to match.

    GetSignOnPolicyRuleConditionsUserType

    Excludes List<string>
    The user types to exclude
    Includes List<string>
    The user types to include
    Excludes []string
    The user types to exclude
    Includes []string
    The user types to include
    excludes list(string)
    The user types to exclude
    includes list(string)
    The user types to include
    excludes List<String>
    The user types to exclude
    includes List<String>
    The user types to include
    excludes string[]
    The user types to exclude
    includes string[]
    The user types to include
    excludes Sequence[str]
    The user types to exclude
    includes Sequence[str]
    The user types to include
    excludes List<String>
    The user types to exclude
    includes List<String>
    The user types to include

    Package Details

    Repository
    Okta pulumi/pulumi-okta
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the okta Terraform Provider.
    okta logo
    Viewing docs for Okta v6.9.0
    published on Wednesday, Jul 1, 2026 by Pulumi

      Try Pulumi Cloud free.
      Your team will thank you.

      Start free trial