Docs Home
Okta v4.18.0 published on Wednesday, May 7, 2025 by Pulumi
okta.auth.ServerScope
Explore with Pulumi AI
Creates an Authorization Server Scope. This resource allows you to create and configure an Authorization Server Scope.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const example = new okta.auth.ServerScope("example", {
authServerId: "<auth server id>",
metadataPublish: "NO_CLIENTS",
name: "example",
consent: "IMPLICIT",
});
import pulumi
import pulumi_okta as okta
example = okta.auth.ServerScope("example",
auth_server_id="<auth server id>",
metadata_publish="NO_CLIENTS",
name="example",
consent="IMPLICIT")
package main
import (
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta/auth"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := auth.NewServerScope(ctx, "example", &auth.ServerScopeArgs{
AuthServerId: pulumi.String("<auth server id>"),
MetadataPublish: pulumi.String("NO_CLIENTS"),
Name: pulumi.String("example"),
Consent: pulumi.String("IMPLICIT"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var example = new Okta.Auth.ServerScope("example", new()
{
AuthServerId = "<auth server id>",
MetadataPublish = "NO_CLIENTS",
Name = "example",
Consent = "IMPLICIT",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.auth.ServerScope;
import com.pulumi.okta.auth.ServerScopeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ServerScope("example", ServerScopeArgs.builder()
.authServerId("<auth server id>")
.metadataPublish("NO_CLIENTS")
.name("example")
.consent("IMPLICIT")
.build());
}
}
resources:
example:
type: okta:auth:ServerScope
properties:
authServerId: <auth server id>
metadataPublish: NO_CLIENTS
name: example
consent: IMPLICIT
Create ServerScope Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ServerScope(name: string, args: ServerScopeArgs, opts?: CustomResourceOptions);@overload
def ServerScope(resource_name: str,
args: ServerScopeArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ServerScope(resource_name: str,
opts: Optional[ResourceOptions] = None,
auth_server_id: Optional[str] = None,
consent: Optional[str] = None,
default: Optional[bool] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
metadata_publish: Optional[str] = None,
name: Optional[str] = None,
optional: Optional[bool] = None)func NewServerScope(ctx *Context, name string, args ServerScopeArgs, opts ...ResourceOption) (*ServerScope, error)public ServerScope(string name, ServerScopeArgs args, CustomResourceOptions? opts = null)
public ServerScope(String name, ServerScopeArgs args)
public ServerScope(String name, ServerScopeArgs args, CustomResourceOptions options)
type: okta:auth:ServerScope
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ServerScopeArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ServerScopeArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ServerScopeArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ServerScopeArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ServerScopeArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var serverScopeResource = new Okta.Auth.ServerScope("serverScopeResource", new()
{
AuthServerId = "string",
Consent = "string",
Default = false,
Description = "string",
DisplayName = "string",
MetadataPublish = "string",
Name = "string",
Optional = false,
});
example, err := auth.NewServerScope(ctx, "serverScopeResource", &auth.ServerScopeArgs{
AuthServerId: pulumi.String("string"),
Consent: pulumi.String("string"),
Default: pulumi.Bool(false),
Description: pulumi.String("string"),
DisplayName: pulumi.String("string"),
MetadataPublish: pulumi.String("string"),
Name: pulumi.String("string"),
Optional: pulumi.Bool(false),
})
var serverScopeResource = new ServerScope("serverScopeResource", ServerScopeArgs.builder()
.authServerId("string")
.consent("string")
.default_(false)
.description("string")
.displayName("string")
.metadataPublish("string")
.name("string")
.optional(false)
.build());
server_scope_resource = okta.auth.ServerScope("serverScopeResource",
auth_server_id="string",
consent="string",
default=False,
description="string",
display_name="string",
metadata_publish="string",
name="string",
optional=False)
const serverScopeResource = new okta.auth.ServerScope("serverScopeResource", {
authServerId: "string",
consent: "string",
"default": false,
description: "string",
displayName: "string",
metadataPublish: "string",
name: "string",
optional: false,
});
type: okta:auth:ServerScope
properties:
authServerId: string
consent: string
default: false
description: string
displayName: string
metadataPublish: string
name: string
optional: false
ServerScope Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ServerScope resource accepts the following input properties:
- Auth
Server stringId - Auth server ID
- Consent string
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - Default bool
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- Description string
- Description of the Auth Server Scope.
- Display
Name string - Name of the end user displayed in a consent dialog box
- Metadata
Publish string - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - Name string
- Auth server scope name
- Optional bool
- Whether the scope optional
- Auth
Server stringId - Auth server ID
- Consent string
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - Default bool
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- Description string
- Description of the Auth Server Scope.
- Display
Name string - Name of the end user displayed in a consent dialog box
- Metadata
Publish string - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - Name string
- Auth server scope name
- Optional bool
- Whether the scope optional
- auth
Server StringId - Auth server ID
- consent String
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - default_ Boolean
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- description String
- Description of the Auth Server Scope.
- display
Name String - Name of the end user displayed in a consent dialog box
- metadata
Publish String - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - name String
- Auth server scope name
- optional Boolean
- Whether the scope optional
- auth
Server stringId - Auth server ID
- consent string
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - default boolean
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- description string
- Description of the Auth Server Scope.
- display
Name string - Name of the end user displayed in a consent dialog box
- metadata
Publish string - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - name string
- Auth server scope name
- optional boolean
- Whether the scope optional
- auth_
server_ strid - Auth server ID
- consent str
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - default bool
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- description str
- Description of the Auth Server Scope.
- display_
name str - Name of the end user displayed in a consent dialog box
- metadata_
publish str - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - name str
- Auth server scope name
- optional bool
- Whether the scope optional
- auth
Server StringId - Auth server ID
- consent String
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - default Boolean
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- description String
- Description of the Auth Server Scope.
- display
Name String - Name of the end user displayed in a consent dialog box
- metadata
Publish String - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - name String
- Auth server scope name
- optional Boolean
- Whether the scope optional
Outputs
All input properties are implicitly available as output properties. Additionally, the ServerScope resource produces the following output properties:
Look up Existing ServerScope Resource
Get an existing ServerScope resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ServerScopeState, opts?: CustomResourceOptions): ServerScope@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auth_server_id: Optional[str] = None,
consent: Optional[str] = None,
default: Optional[bool] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
metadata_publish: Optional[str] = None,
name: Optional[str] = None,
optional: Optional[bool] = None,
system: Optional[bool] = None) -> ServerScopefunc GetServerScope(ctx *Context, name string, id IDInput, state *ServerScopeState, opts ...ResourceOption) (*ServerScope, error)public static ServerScope Get(string name, Input<string> id, ServerScopeState? state, CustomResourceOptions? opts = null)public static ServerScope get(String name, Output<String> id, ServerScopeState state, CustomResourceOptions options)resources: _: type: okta:auth:ServerScope get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Auth
Server stringId - Auth server ID
- Consent string
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - Default bool
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- Description string
- Description of the Auth Server Scope.
- Display
Name string - Name of the end user displayed in a consent dialog box
- Metadata
Publish string - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - Name string
- Auth server scope name
- Optional bool
- Whether the scope optional
- System bool
- Whether Okta created the Scope
- Auth
Server stringId - Auth server ID
- Consent string
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - Default bool
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- Description string
- Description of the Auth Server Scope.
- Display
Name string - Name of the end user displayed in a consent dialog box
- Metadata
Publish string - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - Name string
- Auth server scope name
- Optional bool
- Whether the scope optional
- System bool
- Whether Okta created the Scope
- auth
Server StringId - Auth server ID
- consent String
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - default_ Boolean
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- description String
- Description of the Auth Server Scope.
- display
Name String - Name of the end user displayed in a consent dialog box
- metadata
Publish String - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - name String
- Auth server scope name
- optional Boolean
- Whether the scope optional
- system Boolean
- Whether Okta created the Scope
- auth
Server stringId - Auth server ID
- consent string
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - default boolean
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- description string
- Description of the Auth Server Scope.
- display
Name string - Name of the end user displayed in a consent dialog box
- metadata
Publish string - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - name string
- Auth server scope name
- optional boolean
- Whether the scope optional
- system boolean
- Whether Okta created the Scope
- auth_
server_ strid - Auth server ID
- consent str
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - default bool
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- description str
- Description of the Auth Server Scope.
- display_
name str - Name of the end user displayed in a consent dialog box
- metadata_
publish str - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - name str
- Auth server scope name
- optional bool
- Whether the scope optional
- system bool
- Whether Okta created the Scope
- auth
Server StringId - Auth server ID
- consent String
- Indicates whether a consent dialog is needed for the scope. It can be set to
REQUIREDorIMPLICIT. Default:IMPLICIT - default Boolean
- A default scope will be returned in an access token when the client omits the scope parameter in a token request, provided this scope is allowed as part of the access policy rule.
- description String
- Description of the Auth Server Scope.
- display
Name String - Name of the end user displayed in a consent dialog box
- metadata
Publish String - Whether to publish metadata or not. It can be set to
ALL_CLIENTSorNO_CLIENTS. Default:ALL_CLIENTS - name String
- Auth server scope name
- optional Boolean
- Whether the scope optional
- system Boolean
- Whether Okta created the Scope
Import
$ pulumi import okta:auth/serverScope:ServerScope example <auth_server_id>/<scope_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oktaTerraform Provider.