Okta

v3.16.0 published on Wednesday, Sep 28, 2022 by Pulumi

ServerPolicyClaim

Deprecated:

okta.auth.ServerPolicyClaim has been deprecated in favor of okta.auth.ServerPolicyRule

Import

Authorization Server Policy Rule can be imported via the Auth Server ID, Policy ID, and Policy Rule ID.

 $ pulumi import okta:auth/serverPolicyClaim:ServerPolicyClaim example <auth server id>/<policy id>/<policy rule id>

Example Usage

using System.Collections.Generic;
using Pulumi;
using Okta = Pulumi.Okta;

return await Deployment.RunAsync(() => 
{
    var example = new Okta.Auth.ServerPolicyRule("example", new()
    {
        AuthServerId = "<auth server id>",
        GrantTypeWhitelists = new[]
        {
            "implicit",
        },
        GroupWhitelists = new[]
        {
            "<group ids>",
        },
        PolicyId = "<auth server policy id>",
        Priority = 1,
        Status = "ACTIVE",
    });

});
package main

import (
	"github.com/pulumi/pulumi-okta/sdk/v3/go/okta/auth"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := auth.NewServerPolicyRule(ctx, "example", &auth.ServerPolicyRuleArgs{
			AuthServerId: pulumi.String("<auth server id>"),
			GrantTypeWhitelists: pulumi.StringArray{
				pulumi.String("implicit"),
			},
			GroupWhitelists: pulumi.StringArray{
				pulumi.String("<group ids>"),
			},
			PolicyId: pulumi.String("<auth server policy id>"),
			Priority: pulumi.Int(1),
			Status:   pulumi.String("ACTIVE"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.auth.ServerPolicyRule;
import com.pulumi.okta.auth.ServerPolicyRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ServerPolicyRule("example", ServerPolicyRuleArgs.builder()        
            .authServerId("<auth server id>")
            .grantTypeWhitelists("implicit")
            .groupWhitelists("<group ids>")
            .policyId("<auth server policy id>")
            .priority(1)
            .status("ACTIVE")
            .build());

    }
}
import pulumi
import pulumi_okta as okta

example = okta.auth.ServerPolicyRule("example",
    auth_server_id="<auth server id>",
    grant_type_whitelists=["implicit"],
    group_whitelists=["<group ids>"],
    policy_id="<auth server policy id>",
    priority=1,
    status="ACTIVE")
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.auth.ServerPolicyRule("example", {
    authServerId: "<auth server id>",
    grantTypeWhitelists: ["implicit"],
    groupWhitelists: ["<group ids>"],
    policyId: "<auth server policy id>",
    priority: 1,
    status: "ACTIVE",
});
resources:
  example:
    type: okta:auth:ServerPolicyRule
    properties:
      authServerId: <auth server id>
      grantTypeWhitelists:
        - implicit
      groupWhitelists:
        - <group ids>
      policyId: <auth server policy id>
      priority: 1
      status: ACTIVE

Create a ServerPolicyClaim Resource

new ServerPolicyClaim(name: string, args: ServerPolicyClaimArgs, opts?: CustomResourceOptions);
@overload
def ServerPolicyClaim(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      access_token_lifetime_minutes: Optional[int] = None,
                      auth_server_id: Optional[str] = None,
                      grant_type_whitelists: Optional[Sequence[str]] = None,
                      group_blacklists: Optional[Sequence[str]] = None,
                      group_whitelists: Optional[Sequence[str]] = None,
                      inline_hook_id: Optional[str] = None,
                      name: Optional[str] = None,
                      policy_id: Optional[str] = None,
                      priority: Optional[int] = None,
                      refresh_token_lifetime_minutes: Optional[int] = None,
                      refresh_token_window_minutes: Optional[int] = None,
                      scope_whitelists: Optional[Sequence[str]] = None,
                      status: Optional[str] = None,
                      type: Optional[str] = None,
                      user_blacklists: Optional[Sequence[str]] = None,
                      user_whitelists: Optional[Sequence[str]] = None)
@overload
def ServerPolicyClaim(resource_name: str,
                      args: ServerPolicyClaimArgs,
                      opts: Optional[ResourceOptions] = None)
func NewServerPolicyClaim(ctx *Context, name string, args ServerPolicyClaimArgs, opts ...ResourceOption) (*ServerPolicyClaim, error)
public ServerPolicyClaim(string name, ServerPolicyClaimArgs args, CustomResourceOptions? opts = null)
public ServerPolicyClaim(String name, ServerPolicyClaimArgs args)
public ServerPolicyClaim(String name, ServerPolicyClaimArgs args, CustomResourceOptions options)
type: okta:auth:ServerPolicyClaim
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ServerPolicyClaimArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

ServerPolicyClaim Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ServerPolicyClaim resource accepts the following input properties:

AuthServerId string

Auth Server ID.

GrantTypeWhitelists List<string>

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

PolicyId string

Auth Server Policy ID.

Priority int

Priority of the auth server policy rule.

AccessTokenLifetimeMinutes int

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

GroupBlacklists List<string>

Specifies a set of Groups whose Users are to be excluded.

GroupWhitelists List<string>

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

InlineHookId string

The ID of the inline token to trigger.

Name string

Auth Server Policy Rule name.

RefreshTokenLifetimeMinutes int

Lifetime of refresh token.

RefreshTokenWindowMinutes int

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

ScopeWhitelists List<string>

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

Status string

The status of the Auth Server Policy Rule.

Type string

The type of the Auth Server Policy Rule.

UserBlacklists List<string>

Specifies a set of Users to be excluded.

UserWhitelists List<string>

Specifies a set of Users to be included.

AuthServerId string

Auth Server ID.

GrantTypeWhitelists []string

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

PolicyId string

Auth Server Policy ID.

Priority int

Priority of the auth server policy rule.

AccessTokenLifetimeMinutes int

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

GroupBlacklists []string

Specifies a set of Groups whose Users are to be excluded.

GroupWhitelists []string

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

InlineHookId string

The ID of the inline token to trigger.

Name string

Auth Server Policy Rule name.

RefreshTokenLifetimeMinutes int

Lifetime of refresh token.

RefreshTokenWindowMinutes int

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

ScopeWhitelists []string

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

Status string

The status of the Auth Server Policy Rule.

Type string

The type of the Auth Server Policy Rule.

UserBlacklists []string

Specifies a set of Users to be excluded.

UserWhitelists []string

Specifies a set of Users to be included.

authServerId String

Auth Server ID.

grantTypeWhitelists List<String>

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

policyId String

Auth Server Policy ID.

priority Integer

Priority of the auth server policy rule.

accessTokenLifetimeMinutes Integer

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

groupBlacklists List<String>

Specifies a set of Groups whose Users are to be excluded.

groupWhitelists List<String>

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

inlineHookId String

The ID of the inline token to trigger.

name String

Auth Server Policy Rule name.

refreshTokenLifetimeMinutes Integer

Lifetime of refresh token.

refreshTokenWindowMinutes Integer

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

scopeWhitelists List<String>

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

status String

The status of the Auth Server Policy Rule.

type String

The type of the Auth Server Policy Rule.

userBlacklists List<String>

Specifies a set of Users to be excluded.

userWhitelists List<String>

Specifies a set of Users to be included.

authServerId string

Auth Server ID.

grantTypeWhitelists string[]

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

policyId string

Auth Server Policy ID.

priority number

Priority of the auth server policy rule.

accessTokenLifetimeMinutes number

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

groupBlacklists string[]

Specifies a set of Groups whose Users are to be excluded.

groupWhitelists string[]

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

inlineHookId string

The ID of the inline token to trigger.

name string

Auth Server Policy Rule name.

refreshTokenLifetimeMinutes number

Lifetime of refresh token.

refreshTokenWindowMinutes number

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

scopeWhitelists string[]

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

status string

The status of the Auth Server Policy Rule.

type string

The type of the Auth Server Policy Rule.

userBlacklists string[]

Specifies a set of Users to be excluded.

userWhitelists string[]

Specifies a set of Users to be included.

auth_server_id str

Auth Server ID.

grant_type_whitelists Sequence[str]

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

policy_id str

Auth Server Policy ID.

priority int

Priority of the auth server policy rule.

access_token_lifetime_minutes int

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

group_blacklists Sequence[str]

Specifies a set of Groups whose Users are to be excluded.

group_whitelists Sequence[str]

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

inline_hook_id str

The ID of the inline token to trigger.

name str

Auth Server Policy Rule name.

refresh_token_lifetime_minutes int

Lifetime of refresh token.

refresh_token_window_minutes int

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

scope_whitelists Sequence[str]

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

status str

The status of the Auth Server Policy Rule.

type str

The type of the Auth Server Policy Rule.

user_blacklists Sequence[str]

Specifies a set of Users to be excluded.

user_whitelists Sequence[str]

Specifies a set of Users to be included.

authServerId String

Auth Server ID.

grantTypeWhitelists List<String>

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

policyId String

Auth Server Policy ID.

priority Number

Priority of the auth server policy rule.

accessTokenLifetimeMinutes Number

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

groupBlacklists List<String>

Specifies a set of Groups whose Users are to be excluded.

groupWhitelists List<String>

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

inlineHookId String

The ID of the inline token to trigger.

name String

Auth Server Policy Rule name.

refreshTokenLifetimeMinutes Number

Lifetime of refresh token.

refreshTokenWindowMinutes Number

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

scopeWhitelists List<String>

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

status String

The status of the Auth Server Policy Rule.

type String

The type of the Auth Server Policy Rule.

userBlacklists List<String>

Specifies a set of Users to be excluded.

userWhitelists List<String>

Specifies a set of Users to be included.

Outputs

All input properties are implicitly available as output properties. Additionally, the ServerPolicyClaim resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up an Existing ServerPolicyClaim Resource

Get an existing ServerPolicyClaim resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ServerPolicyClaimState, opts?: CustomResourceOptions): ServerPolicyClaim
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_token_lifetime_minutes: Optional[int] = None,
        auth_server_id: Optional[str] = None,
        grant_type_whitelists: Optional[Sequence[str]] = None,
        group_blacklists: Optional[Sequence[str]] = None,
        group_whitelists: Optional[Sequence[str]] = None,
        inline_hook_id: Optional[str] = None,
        name: Optional[str] = None,
        policy_id: Optional[str] = None,
        priority: Optional[int] = None,
        refresh_token_lifetime_minutes: Optional[int] = None,
        refresh_token_window_minutes: Optional[int] = None,
        scope_whitelists: Optional[Sequence[str]] = None,
        status: Optional[str] = None,
        type: Optional[str] = None,
        user_blacklists: Optional[Sequence[str]] = None,
        user_whitelists: Optional[Sequence[str]] = None) -> ServerPolicyClaim
func GetServerPolicyClaim(ctx *Context, name string, id IDInput, state *ServerPolicyClaimState, opts ...ResourceOption) (*ServerPolicyClaim, error)
public static ServerPolicyClaim Get(string name, Input<string> id, ServerPolicyClaimState? state, CustomResourceOptions? opts = null)
public static ServerPolicyClaim get(String name, Output<String> id, ServerPolicyClaimState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccessTokenLifetimeMinutes int

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

AuthServerId string

Auth Server ID.

GrantTypeWhitelists List<string>

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

GroupBlacklists List<string>

Specifies a set of Groups whose Users are to be excluded.

GroupWhitelists List<string>

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

InlineHookId string

The ID of the inline token to trigger.

Name string

Auth Server Policy Rule name.

PolicyId string

Auth Server Policy ID.

Priority int

Priority of the auth server policy rule.

RefreshTokenLifetimeMinutes int

Lifetime of refresh token.

RefreshTokenWindowMinutes int

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

ScopeWhitelists List<string>

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

Status string

The status of the Auth Server Policy Rule.

Type string

The type of the Auth Server Policy Rule.

UserBlacklists List<string>

Specifies a set of Users to be excluded.

UserWhitelists List<string>

Specifies a set of Users to be included.

AccessTokenLifetimeMinutes int

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

AuthServerId string

Auth Server ID.

GrantTypeWhitelists []string

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

GroupBlacklists []string

Specifies a set of Groups whose Users are to be excluded.

GroupWhitelists []string

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

InlineHookId string

The ID of the inline token to trigger.

Name string

Auth Server Policy Rule name.

PolicyId string

Auth Server Policy ID.

Priority int

Priority of the auth server policy rule.

RefreshTokenLifetimeMinutes int

Lifetime of refresh token.

RefreshTokenWindowMinutes int

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

ScopeWhitelists []string

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

Status string

The status of the Auth Server Policy Rule.

Type string

The type of the Auth Server Policy Rule.

UserBlacklists []string

Specifies a set of Users to be excluded.

UserWhitelists []string

Specifies a set of Users to be included.

accessTokenLifetimeMinutes Integer

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

authServerId String

Auth Server ID.

grantTypeWhitelists List<String>

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

groupBlacklists List<String>

Specifies a set of Groups whose Users are to be excluded.

groupWhitelists List<String>

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

inlineHookId String

The ID of the inline token to trigger.

name String

Auth Server Policy Rule name.

policyId String

Auth Server Policy ID.

priority Integer

Priority of the auth server policy rule.

refreshTokenLifetimeMinutes Integer

Lifetime of refresh token.

refreshTokenWindowMinutes Integer

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

scopeWhitelists List<String>

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

status String

The status of the Auth Server Policy Rule.

type String

The type of the Auth Server Policy Rule.

userBlacklists List<String>

Specifies a set of Users to be excluded.

userWhitelists List<String>

Specifies a set of Users to be included.

accessTokenLifetimeMinutes number

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

authServerId string

Auth Server ID.

grantTypeWhitelists string[]

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

groupBlacklists string[]

Specifies a set of Groups whose Users are to be excluded.

groupWhitelists string[]

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

inlineHookId string

The ID of the inline token to trigger.

name string

Auth Server Policy Rule name.

policyId string

Auth Server Policy ID.

priority number

Priority of the auth server policy rule.

refreshTokenLifetimeMinutes number

Lifetime of refresh token.

refreshTokenWindowMinutes number

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

scopeWhitelists string[]

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

status string

The status of the Auth Server Policy Rule.

type string

The type of the Auth Server Policy Rule.

userBlacklists string[]

Specifies a set of Users to be excluded.

userWhitelists string[]

Specifies a set of Users to be included.

access_token_lifetime_minutes int

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

auth_server_id str

Auth Server ID.

grant_type_whitelists Sequence[str]

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

group_blacklists Sequence[str]

Specifies a set of Groups whose Users are to be excluded.

group_whitelists Sequence[str]

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

inline_hook_id str

The ID of the inline token to trigger.

name str

Auth Server Policy Rule name.

policy_id str

Auth Server Policy ID.

priority int

Priority of the auth server policy rule.

refresh_token_lifetime_minutes int

Lifetime of refresh token.

refresh_token_window_minutes int

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

scope_whitelists Sequence[str]

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

status str

The status of the Auth Server Policy Rule.

type str

The type of the Auth Server Policy Rule.

user_blacklists Sequence[str]

Specifies a set of Users to be excluded.

user_whitelists Sequence[str]

Specifies a set of Users to be included.

accessTokenLifetimeMinutes Number

Lifetime of access token. Can be set to a value between 5 and 1440 minutes.

authServerId String

Auth Server ID.

grantTypeWhitelists List<String>

Accepted grant type values, "authorization_code", "implicit", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:saml2-bearer" (Early Access Property), "urn:ietf:params:oauth:grant-type:token-exchange" (Early Access Property), "urn:ietf:params:oauth:grant-type:device_code" (Early Access Property), "interaction_code" (OIE only). For "implicit" value either user_whitelist or group_whitelist should be set.

groupBlacklists List<String>

Specifies a set of Groups whose Users are to be excluded.

groupWhitelists List<String>

Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: "EVERYONE".

inlineHookId String

The ID of the inline token to trigger.

name String

Auth Server Policy Rule name.

policyId String

Auth Server Policy ID.

priority Number

Priority of the auth server policy rule.

refreshTokenLifetimeMinutes Number

Lifetime of refresh token.

refreshTokenWindowMinutes Number

Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. "refresh_token_window_minutes" must be between "access_token_lifetime_minutes" and "refresh_token_lifetime_minutes".

scopeWhitelists List<String>

Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with "*".

status String

The status of the Auth Server Policy Rule.

type String

The type of the Auth Server Policy Rule.

userBlacklists List<String>

Specifies a set of Users to be excluded.

userWhitelists List<String>

Specifies a set of Users to be included.

Package Details

Repository
https://github.com/pulumi/pulumi-okta
License
Apache-2.0
Notes

This Pulumi package is based on the okta Terraform Provider.