okta.Authenticator
Explore with Pulumi AI
WARNING: This feature is only available as a part of the Identity Engine. Contact support for further information.
This resource allows you to configure different authenticators.
Create: The Okta API has an odd notion of create for authenticators. If the authenticator doesn’t exist then a one time
POST /api/v1/authenticators
to create the authenticator (hard create) will be performed. Thereafter, that authenticator is never deleted, it is only deactivated (soft delete). Therefore, if the authenticator already exists create is just a soft import of an existing authenticator.
Delete: Authenticators can not be truly deleted therefore delete is soft. Delete will attempt to deativate the authenticator. An authenticator can only be deactivated if it’s not in use by any other policy.
Example Usage
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Okta = Pulumi.Okta;
return await Deployment.RunAsync(() =>
{
var test = new Okta.Authenticator("test", new()
{
Key = "security_question",
Settings = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["allowedFor"] = "recovery",
}),
});
});
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-okta/sdk/v4/go/okta"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
tmpJSON0, err := json.Marshal(map[string]interface{}{
"allowedFor": "recovery",
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = okta.NewAuthenticator(ctx, "test", &okta.AuthenticatorArgs{
Key: pulumi.String("security_question"),
Settings: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.Authenticator;
import com.pulumi.okta.AuthenticatorArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new Authenticator("test", AuthenticatorArgs.builder()
.key("security_question")
.settings(serializeJson(
jsonObject(
jsonProperty("allowedFor", "recovery")
)))
.build());
}
}
import pulumi
import json
import pulumi_okta as okta
test = okta.Authenticator("test",
key="security_question",
settings=json.dumps({
"allowedFor": "recovery",
}))
import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";
const test = new okta.Authenticator("test", {
key: "security_question",
settings: JSON.stringify({
allowedFor: "recovery",
}),
});
resources:
test:
type: okta:Authenticator
properties:
key: security_question
settings:
fn::toJSON:
allowedFor: recovery
Create Authenticator Resource
new Authenticator(name: string, args: AuthenticatorArgs, opts?: CustomResourceOptions);
@overload
def Authenticator(resource_name: str,
opts: Optional[ResourceOptions] = None,
key: Optional[str] = None,
name: Optional[str] = None,
provider_auth_port: Optional[int] = None,
provider_host: Optional[str] = None,
provider_hostname: Optional[str] = None,
provider_integration_key: Optional[str] = None,
provider_json: Optional[str] = None,
provider_secret_key: Optional[str] = None,
provider_shared_secret: Optional[str] = None,
provider_user_name_template: Optional[str] = None,
settings: Optional[str] = None,
status: Optional[str] = None)
@overload
def Authenticator(resource_name: str,
args: AuthenticatorArgs,
opts: Optional[ResourceOptions] = None)
func NewAuthenticator(ctx *Context, name string, args AuthenticatorArgs, opts ...ResourceOption) (*Authenticator, error)
public Authenticator(string name, AuthenticatorArgs args, CustomResourceOptions? opts = null)
public Authenticator(String name, AuthenticatorArgs args)
public Authenticator(String name, AuthenticatorArgs args, CustomResourceOptions options)
type: okta:Authenticator
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthenticatorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AuthenticatorArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AuthenticatorArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthenticatorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AuthenticatorArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Authenticator Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Authenticator resource accepts the following input properties:
- Key string
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- Name string
Name of the authenticator.
- Provider
Auth intPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Provider
Host string (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- Provider
Hostname string Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- Provider
Integration stringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- Provider
Json string Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- Provider
Secret stringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- string
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Provider
User stringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Settings string
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- Status string
Status of the authenticator. Default is
ACTIVE
.
- Key string
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- Name string
Name of the authenticator.
- Provider
Auth intPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Provider
Host string (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- Provider
Hostname string Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- Provider
Integration stringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- Provider
Json string Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- Provider
Secret stringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- string
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Provider
User stringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Settings string
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- Status string
Status of the authenticator. Default is
ACTIVE
.
- key String
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- name String
Name of the authenticator.
- provider
Auth IntegerPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Host String (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- provider
Hostname String Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- provider
Integration StringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- provider
Json String Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- provider
Secret StringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- String
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
User StringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- settings String
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- status String
Status of the authenticator. Default is
ACTIVE
.
- key string
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- name string
Name of the authenticator.
- provider
Auth numberPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Host string (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- provider
Hostname string Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- provider
Integration stringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- provider
Json string Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- provider
Secret stringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- string
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
User stringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- settings string
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- status string
Status of the authenticator. Default is
ACTIVE
.
- key str
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- name str
Name of the authenticator.
- provider_
auth_ intport The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider_
host str (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- provider_
hostname str Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- provider_
integration_ strkey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- provider_
json str Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- provider_
secret_ strkey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- str
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider_
user_ strname_ template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- settings str
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- status str
Status of the authenticator. Default is
ACTIVE
.
- key String
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- name String
Name of the authenticator.
- provider
Auth NumberPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Host String (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- provider
Hostname String Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- provider
Integration StringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- provider
Json String Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- provider
Secret StringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- String
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
User StringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- settings String
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- status String
Status of the authenticator. Default is
ACTIVE
.
Outputs
All input properties are implicitly available as output properties. Additionally, the Authenticator resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Provider
Instance stringId App Instance ID.
- Provider
Type string Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- Type string
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- Id string
The provider-assigned unique ID for this managed resource.
- Provider
Instance stringId App Instance ID.
- Provider
Type string Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- Type string
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- id String
The provider-assigned unique ID for this managed resource.
- provider
Instance StringId App Instance ID.
- provider
Type String Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- type String
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- id string
The provider-assigned unique ID for this managed resource.
- provider
Instance stringId App Instance ID.
- provider
Type string Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- type string
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- id str
The provider-assigned unique ID for this managed resource.
- provider_
instance_ strid App Instance ID.
- provider_
type str Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- type str
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- id String
The provider-assigned unique ID for this managed resource.
- provider
Instance StringId App Instance ID.
- provider
Type String Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- type String
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
Look up Existing Authenticator Resource
Get an existing Authenticator resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AuthenticatorState, opts?: CustomResourceOptions): Authenticator
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
key: Optional[str] = None,
name: Optional[str] = None,
provider_auth_port: Optional[int] = None,
provider_host: Optional[str] = None,
provider_hostname: Optional[str] = None,
provider_instance_id: Optional[str] = None,
provider_integration_key: Optional[str] = None,
provider_json: Optional[str] = None,
provider_secret_key: Optional[str] = None,
provider_shared_secret: Optional[str] = None,
provider_type: Optional[str] = None,
provider_user_name_template: Optional[str] = None,
settings: Optional[str] = None,
status: Optional[str] = None,
type: Optional[str] = None) -> Authenticator
func GetAuthenticator(ctx *Context, name string, id IDInput, state *AuthenticatorState, opts ...ResourceOption) (*Authenticator, error)
public static Authenticator Get(string name, Input<string> id, AuthenticatorState? state, CustomResourceOptions? opts = null)
public static Authenticator get(String name, Output<String> id, AuthenticatorState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Key string
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- Name string
Name of the authenticator.
- Provider
Auth intPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Provider
Host string (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- Provider
Hostname string Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- Provider
Instance stringId App Instance ID.
- Provider
Integration stringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- Provider
Json string Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- Provider
Secret stringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- string
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Provider
Type string Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- Provider
User stringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Settings string
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- Status string
Status of the authenticator. Default is
ACTIVE
.- Type string
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- Key string
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- Name string
Name of the authenticator.
- Provider
Auth intPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Provider
Host string (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- Provider
Hostname string Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- Provider
Instance stringId App Instance ID.
- Provider
Integration stringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- Provider
Json string Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- Provider
Secret stringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- string
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Provider
Type string Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- Provider
User stringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- Settings string
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- Status string
Status of the authenticator. Default is
ACTIVE
.- Type string
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- key String
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- name String
Name of the authenticator.
- provider
Auth IntegerPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Host String (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- provider
Hostname String Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- provider
Instance StringId App Instance ID.
- provider
Integration StringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- provider
Json String Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- provider
Secret StringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- String
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Type String Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- provider
User StringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- settings String
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- status String
Status of the authenticator. Default is
ACTIVE
.- type String
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- key string
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- name string
Name of the authenticator.
- provider
Auth numberPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Host string (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- provider
Hostname string Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- provider
Instance stringId App Instance ID.
- provider
Integration stringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- provider
Json string Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- provider
Secret stringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- string
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Type string Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- provider
User stringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- settings string
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- status string
Status of the authenticator. Default is
ACTIVE
.- type string
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- key str
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- name str
Name of the authenticator.
- provider_
auth_ intport The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider_
host str (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- provider_
hostname str Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- provider_
instance_ strid App Instance ID.
- provider_
integration_ strkey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- provider_
json str Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- provider_
secret_ strkey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- str
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider_
type str Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- provider_
user_ strname_ template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- settings str
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- status str
Status of the authenticator. Default is
ACTIVE
.- type str
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
- key String
A human-readable string that identifies the authenticator. Some authenticators are available by feature flag on the organization. Possible values inclue:
duo
,external_idp
,google_otp
,okta_email
,okta_password
,okta_verify
,onprem_mfa
,phone_number
,rsa_token
,security_question
,webauthn
- name String
Name of the authenticator.
- provider
Auth NumberPort The RADIUS server port (for example 1812). This is defined when the On-Prem RADIUS server is configured. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Host String (DUO specific) - The Duo Security API hostname". Conflicts with
provider_json
argument.- provider
Hostname String Server host name or IP address. Default is
"localhost"
. Used only for authenticators with type"security_key"
. Conflicts withprovider_json
argument.- provider
Instance StringId App Instance ID.
- provider
Integration StringKey (DUO specific) - The Duo Security integration key. Conflicts with
provider_json
argument.- provider
Json String Provider JSON allows for expressive provider values. This argument conflicts with the other
provider_xxx
arguments. The Create Provider illustrates detailed provider values for a Duo authenticator. Provider values are listed in Okta API.- provider
Secret StringKey (DUO specific) - The Duo Security secret key. Conflicts with
provider_json
argument.- String
An authentication key that must be defined when the RADIUS server is configured, and must be the same on both the RADIUS client and server. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- provider
Type String Provider type. Supported value for Duo:
DUO
. Supported value for Custom App:PUSH
- provider
User StringName Template Username template expected by the provider. Used only for authenticators with type
"security_key"
. Conflicts withprovider_json
argument.- settings String
Settings for the authenticator. The settings JSON contains values based on Authenticator key. It is not used for authenticators with type
"security_key"
.- status String
Status of the authenticator. Default is
ACTIVE
.- type String
The type of Authenticator. Values include:
"password"
,"security_question"
,"phone"
,"email"
,"app"
,"federated"
, and"security_key"
.
Import
Okta authenticator can be imported via the Okta ID.
$ pulumi import okta:index/authenticator:Authenticator example <authenticator_id>
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
okta
Terraform Provider.