Okta v4.0.0, Jun 1 23

okta.AuthServerClaimDefault

Explore with Pulumi AI

Configures Default Authorization Server Claim.

This resource allows you to configure Default Authorization Server Claims.

Example Usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;

return await Deployment.RunAsync(() => 
{
    var example = new Okta.AuthServerClaimDefault("example", new()
    {
        AuthServerId = "<auth server id>",
        Value = "(appuser != null) ? appuser.userName : app.clientId",
    });

});

package main

import (
	"github.com/pulumi/pulumi-okta/sdk/v4/go/okta"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := okta.NewAuthServerClaimDefault(ctx, "example", &okta.AuthServerClaimDefaultArgs{
			AuthServerId: pulumi.String("<auth server id>"),
			Value:        pulumi.String("(appuser != null) ? appuser.userName : app.clientId"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.AuthServerClaimDefault;
import com.pulumi.okta.AuthServerClaimDefaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new AuthServerClaimDefault("example", AuthServerClaimDefaultArgs.builder()        
            .authServerId("<auth server id>")
            .value("(appuser != null) ? appuser.userName : app.clientId")
            .build());

    }
}

import pulumi
import pulumi_okta as okta

example = okta.AuthServerClaimDefault("example",
    auth_server_id="<auth server id>",
    value="(appuser != null) ? appuser.userName : app.clientId")

import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const example = new okta.AuthServerClaimDefault("example", {
    authServerId: "<auth server id>",
    value: "(appuser != null) ? appuser.userName : app.clientId",
});

resources:
  example:
    type: okta:AuthServerClaimDefault
    properties:
      authServerId: <auth server id>
      value: '(appuser != null) ? appuser.userName : app.clientId'

Create AuthServerClaimDefault Resource

new AuthServerClaimDefault(name: string, args: AuthServerClaimDefaultArgs, opts?: CustomResourceOptions);

@overload
def AuthServerClaimDefault(resource_name: str,
                           opts: Optional[ResourceOptions] = None,
                           always_include_in_token: Optional[bool] = None,
                           auth_server_id: Optional[str] = None,
                           name: Optional[str] = None,
                           value: Optional[str] = None)
@overload
def AuthServerClaimDefault(resource_name: str,
                           args: AuthServerClaimDefaultArgs,
                           opts: Optional[ResourceOptions] = None)

func NewAuthServerClaimDefault(ctx *Context, name string, args AuthServerClaimDefaultArgs, opts ...ResourceOption) (*AuthServerClaimDefault, error)

public AuthServerClaimDefault(string name, AuthServerClaimDefaultArgs args, CustomResourceOptions? opts = null)

public AuthServerClaimDefault(String name, AuthServerClaimDefaultArgs args)
public AuthServerClaimDefault(String name, AuthServerClaimDefaultArgs args, CustomResourceOptions options)

type: okta:AuthServerClaimDefault
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AuthServerClaimDefaultArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AuthServerClaimDefaultArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AuthServerClaimDefaultArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AuthServerClaimDefaultArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AuthServerClaimDefaultArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

AuthServerClaimDefault Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AuthServerClaimDefault resource accepts the following input properties:

AuthServerId string: ID of the authorization server.
AlwaysIncludeInToken bool: Specifies whether to include claims in token.
Name string: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
Value string: The value of the claim. Only required for "sub" claim.

AuthServerId string: ID of the authorization server.
AlwaysIncludeInToken bool: Specifies whether to include claims in token.
Name string: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
Value string: The value of the claim. Only required for "sub" claim.

authServerId String: ID of the authorization server.
alwaysIncludeInToken Boolean: Specifies whether to include claims in token.
name String: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
value String: The value of the claim. Only required for "sub" claim.

authServerId string: ID of the authorization server.
alwaysIncludeInToken boolean: Specifies whether to include claims in token.
name string: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
value string: The value of the claim. Only required for "sub" claim.

auth_server_id str: ID of the authorization server.
always_include_in_token bool: Specifies whether to include claims in token.
name str: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
value str: The value of the claim. Only required for "sub" claim.

authServerId String: ID of the authorization server.
alwaysIncludeInToken Boolean: Specifies whether to include claims in token.
name String: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
value String: The value of the claim. Only required for "sub" claim.

Outputs

All input properties are implicitly available as output properties. Additionally, the AuthServerClaimDefault resource produces the following output properties:

ClaimType string: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
Id string: The provider-assigned unique ID for this managed resource.
Scopes List<string>: The list of scopes the auth server claim is tied to.
Status string: The status of the application.
ValueType string: The type of value of the claim.

ClaimType string: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
Id string: The provider-assigned unique ID for this managed resource.
Scopes []string: The list of scopes the auth server claim is tied to.
Status string: The status of the application.
ValueType string: The type of value of the claim.

claimType String: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
id String: The provider-assigned unique ID for this managed resource.
scopes List<String>: The list of scopes the auth server claim is tied to.
status String: The status of the application.
valueType String: The type of value of the claim.

claimType string: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
id string: The provider-assigned unique ID for this managed resource.
scopes string[]: The list of scopes the auth server claim is tied to.
status string: The status of the application.
valueType string: The type of value of the claim.

claim_type str: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
id str: The provider-assigned unique ID for this managed resource.
scopes Sequence[str]: The list of scopes the auth server claim is tied to.
status str: The status of the application.
value_type str: The type of value of the claim.

claimType String: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
id String: The provider-assigned unique ID for this managed resource.
scopes List<String>: The list of scopes the auth server claim is tied to.
status String: The status of the application.
valueType String: The type of value of the claim.

Look up Existing AuthServerClaimDefault Resource

Get an existing AuthServerClaimDefault resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AuthServerClaimDefaultState, opts?: CustomResourceOptions): AuthServerClaimDefault

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        always_include_in_token: Optional[bool] = None,
        auth_server_id: Optional[str] = None,
        claim_type: Optional[str] = None,
        name: Optional[str] = None,
        scopes: Optional[Sequence[str]] = None,
        status: Optional[str] = None,
        value: Optional[str] = None,
        value_type: Optional[str] = None) -> AuthServerClaimDefault

func GetAuthServerClaimDefault(ctx *Context, name string, id IDInput, state *AuthServerClaimDefaultState, opts ...ResourceOption) (*AuthServerClaimDefault, error)

public static AuthServerClaimDefault Get(string name, Input<string> id, AuthServerClaimDefaultState? state, CustomResourceOptions? opts = null)

public static AuthServerClaimDefault get(String name, Output<String> id, AuthServerClaimDefaultState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AlwaysIncludeInToken bool: Specifies whether to include claims in token.
AuthServerId string: ID of the authorization server.
ClaimType string: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
Name string: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
Scopes List<string>: The list of scopes the auth server claim is tied to.
Status string: The status of the application.
Value string: The value of the claim. Only required for "sub" claim.
ValueType string: The type of value of the claim.

AlwaysIncludeInToken bool: Specifies whether to include claims in token.
AuthServerId string: ID of the authorization server.
ClaimType string: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
Name string: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
Scopes []string: The list of scopes the auth server claim is tied to.
Status string: The status of the application.
Value string: The value of the claim. Only required for "sub" claim.
ValueType string: The type of value of the claim.

alwaysIncludeInToken Boolean: Specifies whether to include claims in token.
authServerId String: ID of the authorization server.
claimType String: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
name String: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
scopes List<String>: The list of scopes the auth server claim is tied to.
status String: The status of the application.
value String: The value of the claim. Only required for "sub" claim.
valueType String: The type of value of the claim.

alwaysIncludeInToken boolean: Specifies whether to include claims in token.
authServerId string: ID of the authorization server.
claimType string: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
name string: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
scopes string[]: The list of scopes the auth server claim is tied to.
status string: The status of the application.
value string: The value of the claim. Only required for "sub" claim.
valueType string: The type of value of the claim.

always_include_in_token bool: Specifies whether to include claims in token.
auth_server_id str: ID of the authorization server.
claim_type str: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
name str: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
scopes Sequence[str]: The list of scopes the auth server claim is tied to.
status str: The status of the application.
value str: The value of the claim. Only required for "sub" claim.
value_type str: The type of value of the claim.

alwaysIncludeInToken Boolean: Specifies whether to include claims in token.
authServerId String: ID of the authorization server.
claimType String: Specifies whether the claim is for an access token "RESOURCE" or ID token "IDENTITY".
name String: The name of the claim. Can be set to "sub", "address", "birthdate", "email", "email_verified", "family_name", "gender", "given_name", "locale", "middle_name", "name", "nickname", "phone_number", "picture", "preferred_username", "profile", "updated_at", "website", "zoneinfo".
scopes List<String>: The list of scopes the auth server claim is tied to.
status String: The status of the application.
value String: The value of the claim. Only required for "sub" claim.
valueType String: The type of value of the claim.

Import

Authorization Server Claim can be imported via the Auth Server ID and Claim ID or Claim Name.

 $ pulumi import okta:index/authServerClaimDefault:AuthServerClaimDefault example &#60;auth server id&#62;/&#60;claim id&#62;

 $ pulumi import okta:index/authServerClaimDefault:AuthServerClaimDefault example &#60;auth server id&#62;/&#60;claim name&#62;

Package Details

Repository: Okta pulumi/pulumi-okta
License: Apache-2.0
Notes: This Pulumi package is based on the okta Terraform Provider.