Docs
PackagesOkta v4.9.2 published on Tuesday, Jun 25, 2024 by Pulumi
okta.user.User
Explore with Pulumi AI
Creates an Okta User. This resource allows you to create and configure an Okta User.
Example Usage
Full profile:
resource “okta.user.User” “example” { first_name = “John” last_name = “Smith” login = “john.smith@example.com” email = “john.smith@example.com” city = “New York” cost_center = “10” country_code = “US” department = “IT” display_name = “Dr. John Smith” division = “Acquisitions” employee_number = “111111” honorific_prefix = “Dr.” honorific_suffix = “Jr.” locale = “en_US” manager = “Jimbo” manager_id = “222222” middle_name = “John” mobile_phone = “1112223333” nick_name = “Johnny” organization = “Testing Inc.” postal_address = “1234 Testing St.” preferred_language = “en-us” primary_phone = “4445556666” profile_url = “https://www.example.com/profile” second_email = “john.smith.fun@example.com” state = “NY” street_address = “5678 Testing Ave.” timezone = “America/New_York” title = “Director” user_type = “Employee” zip_code = “11111” }
With Password Inline Hook:
resource “okta.user.User” “test2” { first_name = “John” last_name = “Smith” login = “example@example.com” email = “example@example.com” password_inline_hook = “default” }
## Create User Resource {#create}
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see [Resources](/docs/concepts/resources/).
### Constructor syntax
<div>
<pulumi-chooser type="language" options="csharp,go,typescript,python,yaml,java"></pulumi-chooser>
</div>
<div>
<pulumi-choosable type="language" values="javascript,typescript">
<div class="no-copy"><div class="highlight"><pre class="chroma"><code class="language-typescript" data-lang="typescript"><span class="k">new </span><span class="nx">User</span><span class="p">(</span><span class="nx">name</span><span class="p">:</span> <span class="nx">string</span><span class="p">,</span> <span class="nx">args</span><span class="p">:</span> <span class="nx"><a href="#inputs">UserArgs</a></span><span class="p">,</span> <span class="nx">opts</span><span class="p">?:</span> <span class="nx"><a href="/docs/reference/pkg/nodejs/pulumi/pulumi/#CustomResourceOptions">CustomResourceOptions</a></span><span class="p">);</span></code></pre></div>
</div></pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="python">
<div class="no-copy"><div class="highlight"><pre class="chroma"><code class="language-python" data-lang="python"><span class=nd>@overload</span>
<span class="k">def </span><span class="nx">User</span><span class="p">(</span><span class="nx">resource_name</span><span class="p">:</span> <span class="nx">str</span><span class="p">,</span>
<span class="nx">args</span><span class="p">:</span> <span class="nx"><a href="#inputs">UserArgs</a></span><span class="p">,</span>
<span class="nx">opts</span><span class="p">:</span> <span class="nx"><a href="/docs/reference/pkg/python/pulumi/#pulumi.ResourceOptions">Optional[ResourceOptions]</a></span> = None<span class="p">)</span>
<span></span>
<span class=nd>@overload</span>
<span class="k">def </span><span class="nx">User</span><span class="p">(</span><span class="nx">resource_name</span><span class="p">:</span> <span class="nx">str</span><span class="p">,</span>
<span class="nx">opts</span><span class="p">:</span> <span class="nx"><a href="/docs/reference/pkg/python/pulumi/#pulumi.ResourceOptions">Optional[ResourceOptions]</a></span> = None<span class="p">,</span>
<span class="nx">email</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">login</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">last_name</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">first_name</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">mobile_phone</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">user_type</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">display_name</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">division</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">custom_profile_attributes_to_ignores</span><span class="p">:</span> <span class="nx">Optional[Sequence[str]]</span> = None<span class="p">,</span>
<span class="nx">employee_number</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">expire_password_on_create</span><span class="p">:</span> <span class="nx">Optional[bool]</span> = None<span class="p">,</span>
<span class="nx">custom_profile_attributes</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">old_password</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">honorific_suffix</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">country_code</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">locale</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">cost_center</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">manager</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">manager_id</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">middle_name</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">city</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">nick_name</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">honorific_prefix</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">department</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">primary_phone</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">password_hash</span><span class="p">:</span> <span class="nx">Optional[UserPasswordHashArgs]</span> = None<span class="p">,</span>
<span class="nx">password_inline_hook</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">postal_address</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">preferred_language</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">password</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">profile_url</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">recovery_answer</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">recovery_question</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">second_email</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">skip_roles</span><span class="p">:</span> <span class="nx">Optional[bool]</span> = None<span class="p">,</span>
<span class="nx">state</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">status</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">street_address</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">timezone</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">title</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">organization</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">,</span>
<span class="nx">zip_code</span><span class="p">:</span> <span class="nx">Optional[str]</span> = None<span class="p">)</span></code></pre></div>
</div></pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="go">
<div class="no-copy"><div class="highlight"><pre class="chroma"><code class="language-go" data-lang="go"><span class="k">func </span><span class="nx">NewUser</span><span class="p">(</span><span class="nx">ctx</span><span class="p"> *</span><span class="nx"><a href="https://pkg.go.dev/github.com/pulumi/pulumi/sdk/v3/go/pulumi?tab=doc#Context">Context</a></span><span class="p">,</span> <span class="nx">name</span><span class="p"> </span><span class="nx">string</span><span class="p">,</span> <span class="nx">args</span><span class="p"> </span><span class="nx"><a href="#inputs">UserArgs</a></span><span class="p">,</span> <span class="nx">opts</span><span class="p"> ...</span><span class="nx"><a href="https://pkg.go.dev/github.com/pulumi/pulumi/sdk/v3/go/pulumi?tab=doc#ResourceOption">ResourceOption</a></span><span class="p">) (*<span class="nx">User</span>, error)</span></code></pre></div>
</div></pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="csharp">
<div class="no-copy"><div class="highlight"><pre class="chroma"><code class="language-csharp" data-lang="csharp"><span class="k">public </span><span class="nx">User</span><span class="p">(</span><span class="nx">string</span><span class="p"> </span><span class="nx">name<span class="p">,</span> <span class="nx"><a href="#inputs">UserArgs</a></span><span class="p"> </span><span class="nx">args<span class="p">,</span> <span class="nx"><a href="/docs/reference/pkg/dotnet/Pulumi/Pulumi.CustomResourceOptions.html">CustomResourceOptions</a></span><span class="p">? </span><span class="nx">opts = null<span class="p">)</span></code></pre></div>
</div></pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="java">
<div class="no-copy"><div class="highlight"><pre class="chroma">
<code class="language-java" data-lang="java"><span class="k">public </span><span class="nx">User</span><span class="p">(</span><span class="nx">String</span><span class="p"> </span><span class="nx">name<span class="p">,</span> <span class="nx"><a href="#inputs">UserArgs</a></span><span class="p"> </span><span class="nx">args<span class="p">)</span>
<span class="k">public </span><span class="nx">User</span><span class="p">(</span><span class="nx">String</span><span class="p"> </span><span class="nx">name<span class="p">,</span> <span class="nx"><a href="#inputs">UserArgs</a></span><span class="p"> </span><span class="nx">args<span class="p">,</span> <span class="nx">CustomResourceOptions</span><span class="p"> </span><span class="nx">options<span class="p">)</span>
</code></pre></div></div>
</pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="yaml">
<div class="no-copy"><div class="highlight"><pre class="chroma"><code class="language-yaml" data-lang="yaml">type: <span class="nx">okta:user:User</span><span class="p"></span>
<span class="p">properties</span><span class="p">: </span><span class="c"># The arguments to resource properties.</span>
<span class="p"></span><span class="p">options</span><span class="p">: </span><span class="c"># Bag of options to control resource's behavior.</span>
<span class="p"></span>
</code></pre></div></div>
</pulumi-choosable>
</div>
#### Parameters
<div>
<pulumi-choosable type="language" values="javascript,typescript">
<dl class="resources-properties"><dt
class="property-required" title="Required">
<span>name</span>
<span class="property-indicator"></span>
<span class="property-type">string</span>
</dt>
<dd>The unique name of the resource.</dd><dt
class="property-required" title="Required">
<span>args</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="#inputs">UserArgs</a></span>
</dt>
<dd>The arguments to resource properties.</dd><dt
class="property-optional" title="Optional">
<span>opts</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="/docs/reference/pkg/nodejs/pulumi/pulumi/#CustomResourceOptions">CustomResourceOptions</a></span>
</dt>
<dd>Bag of options to control resource's behavior.</dd></dl>
</pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="python">
<dl class="resources-properties"><dt
class="property-required" title="Required">
<span>resource_name</span>
<span class="property-indicator"></span>
<span class="property-type">str</span>
</dt>
<dd>The unique name of the resource.</dd><dt
class="property-required" title="Required">
<span>args</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="#inputs">UserArgs</a></span>
</dt>
<dd>The arguments to resource properties.</dd><dt
class="property-optional" title="Optional">
<span>opts</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="/docs/reference/pkg/python/pulumi/#pulumi.ResourceOptions">ResourceOptions</a></span>
</dt>
<dd>Bag of options to control resource's behavior.</dd></dl>
</pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="go">
<dl class="resources-properties"><dt
class="property-optional" title="Optional">
<span>ctx</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="https://pkg.go.dev/github.com/pulumi/pulumi/sdk/v3/go/pulumi?tab=doc#Context">Context</a></span>
</dt>
<dd>Context object for the current deployment.</dd><dt
class="property-required" title="Required">
<span>name</span>
<span class="property-indicator"></span>
<span class="property-type">string</span>
</dt>
<dd>The unique name of the resource.</dd><dt
class="property-required" title="Required">
<span>args</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="#inputs">UserArgs</a></span>
</dt>
<dd>The arguments to resource properties.</dd><dt
class="property-optional" title="Optional">
<span>opts</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="https://pkg.go.dev/github.com/pulumi/pulumi/sdk/v3/go/pulumi?tab=doc#ResourceOption">ResourceOption</a></span>
</dt>
<dd>Bag of options to control resource's behavior.</dd></dl>
</pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="csharp">
<dl class="resources-properties"><dt
class="property-required" title="Required">
<span>name</span>
<span class="property-indicator"></span>
<span class="property-type">string</span>
</dt>
<dd>The unique name of the resource.</dd><dt
class="property-required" title="Required">
<span>args</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="#inputs">UserArgs</a></span>
</dt>
<dd>The arguments to resource properties.</dd><dt
class="property-optional" title="Optional">
<span>opts</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="/docs/reference/pkg/dotnet/Pulumi/Pulumi.CustomResourceOptions.html">CustomResourceOptions</a></span>
</dt>
<dd>Bag of options to control resource's behavior.</dd></dl>
</pulumi-choosable>
</div>
<div>
<pulumi-choosable type="language" values="java">
<dl class="resources-properties"><dt
class="property-required" title="Required">
<span>name</span>
<span class="property-indicator"></span>
<span class="property-type">String</span>
</dt>
<dd>The unique name of the resource.</dd><dt
class="property-required" title="Required">
<span>args</span>
<span class="property-indicator"></span>
<span class="property-type"><a href="#inputs">UserArgs</a></span>
</dt>
<dd>The arguments to resource properties.</dd><dt
class="property-optional" title="Optional">
<span>options</span>
<span class="property-indicator"></span>
<span class="property-type">CustomResourceOptions</span>
</dt>
<dd>Bag of options to control resource's behavior.</dd></dl>
</pulumi-choosable>
</div>
### Constructor example
The following reference example uses placeholder values for all [input properties](#inputs).
<div>
<pulumi-chooser type="language" options="csharp,go,typescript,python,yaml,java"></pulumi-chooser>
</div>
<div>
<pulumi-choosable type="language" values="csharp">
```csharp
var oktaUserResource = new Okta.User.User("oktaUserResource", new()
{
Email = "string",
Login = "string",
LastName = "string",
FirstName = "string",
MobilePhone = "string",
UserType = "string",
DisplayName = "string",
Division = "string",
CustomProfileAttributesToIgnores = new[]
{
"string",
},
EmployeeNumber = "string",
ExpirePasswordOnCreate = false,
CustomProfileAttributes = "string",
OldPassword = "string",
HonorificSuffix = "string",
CountryCode = "string",
Locale = "string",
CostCenter = "string",
Manager = "string",
ManagerId = "string",
MiddleName = "string",
City = "string",
NickName = "string",
HonorificPrefix = "string",
Department = "string",
PrimaryPhone = "string",
PasswordHash = new Okta.User.Inputs.UserPasswordHashArgs
{
Algorithm = "string",
Value = "string",
Salt = "string",
SaltOrder = "string",
WorkFactor = 0,
},
PasswordInlineHook = "string",
PostalAddress = "string",
PreferredLanguage = "string",
Password = "string",
ProfileUrl = "string",
RecoveryAnswer = "string",
RecoveryQuestion = "string",
SecondEmail = "string",
State = "string",
Status = "string",
StreetAddress = "string",
Timezone = "string",
Title = "string",
Organization = "string",
ZipCode = "string",
});
example, err := user.NewUser(ctx, "oktaUserResource", &user.UserArgs{
Email: pulumi.String("string"),
Login: pulumi.String("string"),
LastName: pulumi.String("string"),
FirstName: pulumi.String("string"),
MobilePhone: pulumi.String("string"),
UserType: pulumi.String("string"),
DisplayName: pulumi.String("string"),
Division: pulumi.String("string"),
CustomProfileAttributesToIgnores: pulumi.StringArray{
pulumi.String("string"),
},
EmployeeNumber: pulumi.String("string"),
ExpirePasswordOnCreate: pulumi.Bool(false),
CustomProfileAttributes: pulumi.String("string"),
OldPassword: pulumi.String("string"),
HonorificSuffix: pulumi.String("string"),
CountryCode: pulumi.String("string"),
Locale: pulumi.String("string"),
CostCenter: pulumi.String("string"),
Manager: pulumi.String("string"),
ManagerId: pulumi.String("string"),
MiddleName: pulumi.String("string"),
City: pulumi.String("string"),
NickName: pulumi.String("string"),
HonorificPrefix: pulumi.String("string"),
Department: pulumi.String("string"),
PrimaryPhone: pulumi.String("string"),
PasswordHash: &user.UserPasswordHashArgs{
Algorithm: pulumi.String("string"),
Value: pulumi.String("string"),
Salt: pulumi.String("string"),
SaltOrder: pulumi.String("string"),
WorkFactor: pulumi.Int(0),
},
PasswordInlineHook: pulumi.String("string"),
PostalAddress: pulumi.String("string"),
PreferredLanguage: pulumi.String("string"),
Password: pulumi.String("string"),
ProfileUrl: pulumi.String("string"),
RecoveryAnswer: pulumi.String("string"),
RecoveryQuestion: pulumi.String("string"),
SecondEmail: pulumi.String("string"),
State: pulumi.String("string"),
Status: pulumi.String("string"),
StreetAddress: pulumi.String("string"),
Timezone: pulumi.String("string"),
Title: pulumi.String("string"),
Organization: pulumi.String("string"),
ZipCode: pulumi.String("string"),
})
var oktaUserResource = new User("oktaUserResource", UserArgs.builder()
.email("string")
.login("string")
.lastName("string")
.firstName("string")
.mobilePhone("string")
.userType("string")
.displayName("string")
.division("string")
.customProfileAttributesToIgnores("string")
.employeeNumber("string")
.expirePasswordOnCreate(false)
.customProfileAttributes("string")
.oldPassword("string")
.honorificSuffix("string")
.countryCode("string")
.locale("string")
.costCenter("string")
.manager("string")
.managerId("string")
.middleName("string")
.city("string")
.nickName("string")
.honorificPrefix("string")
.department("string")
.primaryPhone("string")
.passwordHash(UserPasswordHashArgs.builder()
.algorithm("string")
.value("string")
.salt("string")
.saltOrder("string")
.workFactor(0)
.build())
.passwordInlineHook("string")
.postalAddress("string")
.preferredLanguage("string")
.password("string")
.profileUrl("string")
.recoveryAnswer("string")
.recoveryQuestion("string")
.secondEmail("string")
.state("string")
.status("string")
.streetAddress("string")
.timezone("string")
.title("string")
.organization("string")
.zipCode("string")
.build());
okta_user_resource = okta.user.User("oktaUserResource",
email="string",
login="string",
last_name="string",
first_name="string",
mobile_phone="string",
user_type="string",
display_name="string",
division="string",
custom_profile_attributes_to_ignores=["string"],
employee_number="string",
expire_password_on_create=False,
custom_profile_attributes="string",
old_password="string",
honorific_suffix="string",
country_code="string",
locale="string",
cost_center="string",
manager="string",
manager_id="string",
middle_name="string",
city="string",
nick_name="string",
honorific_prefix="string",
department="string",
primary_phone="string",
password_hash=okta.user.UserPasswordHashArgs(
algorithm="string",
value="string",
salt="string",
salt_order="string",
work_factor=0,
),
password_inline_hook="string",
postal_address="string",
preferred_language="string",
password="string",
profile_url="string",
recovery_answer="string",
recovery_question="string",
second_email="string",
state="string",
status="string",
street_address="string",
timezone="string",
title="string",
organization="string",
zip_code="string")
const oktaUserResource = new okta.user.User("oktaUserResource", {
email: "string",
login: "string",
lastName: "string",
firstName: "string",
mobilePhone: "string",
userType: "string",
displayName: "string",
division: "string",
customProfileAttributesToIgnores: ["string"],
employeeNumber: "string",
expirePasswordOnCreate: false,
customProfileAttributes: "string",
oldPassword: "string",
honorificSuffix: "string",
countryCode: "string",
locale: "string",
costCenter: "string",
manager: "string",
managerId: "string",
middleName: "string",
city: "string",
nickName: "string",
honorificPrefix: "string",
department: "string",
primaryPhone: "string",
passwordHash: {
algorithm: "string",
value: "string",
salt: "string",
saltOrder: "string",
workFactor: 0,
},
passwordInlineHook: "string",
postalAddress: "string",
preferredLanguage: "string",
password: "string",
profileUrl: "string",
recoveryAnswer: "string",
recoveryQuestion: "string",
secondEmail: "string",
state: "string",
status: "string",
streetAddress: "string",
timezone: "string",
title: "string",
organization: "string",
zipCode: "string",
});
type: okta:user:User
properties:
city: string
costCenter: string
countryCode: string
customProfileAttributes: string
customProfileAttributesToIgnores:
- string
department: string
displayName: string
division: string
email: string
employeeNumber: string
expirePasswordOnCreate: false
firstName: string
honorificPrefix: string
honorificSuffix: string
lastName: string
locale: string
login: string
manager: string
managerId: string
middleName: string
mobilePhone: string
nickName: string
oldPassword: string
organization: string
password: string
passwordHash:
algorithm: string
salt: string
saltOrder: string
value: string
workFactor: 0
passwordInlineHook: string
postalAddress: string
preferredLanguage: string
primaryPhone: string
profileUrl: string
recoveryAnswer: string
recoveryQuestion: string
secondEmail: string
state: string
status: string
streetAddress: string
timezone: string
title: string
userType: string
zipCode: string
User Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The User resource accepts the following input properties:
- Email string
- User primary email address
- First
Name string - User first name
- Last
Name string - User last name
- Login string
- User Okta login
- City string
- User city
- Cost
Center string - User cost center
- Country
Code string - User country code
- Custom
Profile stringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- Custom
Profile List<string>Attributes To Ignores - Department string
- User department
- Display
Name string - User display name, suitable to show end users
- Division string
- User division
- Employee
Number string - User employee number
- Expire
Password boolOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - Honorific
Prefix string - User honorific prefix
- Honorific
Suffix string - User honorific suffix
- Locale string
- User default location
- Manager string
- Manager of User
- Manager
Id string - Manager ID of User
- Middle
Name string - User middle name
- Mobile
Phone string - User mobile phone number
- Nick
Name string - User nickname
- Old
Password string - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - Organization string
- User organization
- Password string
- User Password
- Password
Hash UserPassword Hash - Specifies a hashed password to import into Okta.
- Password
Inline stringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - Postal
Address string - User mailing address
- Preferred
Language string - User preferred language
- Primary
Phone string - User primary phone number
- Profile
Url string - User online profile (web page)
- Recovery
Answer string - User Password Recovery Answer
- Recovery
Question string - User Password Recovery Question
- Second
Email string - User secondary email address, used for account recovery
- Skip
Roles bool - Do not populate user roles information (prevents additional API call)
- State string
- User state or region
- Status string
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - Street
Address string - User street address
- Timezone string
- User default timezone
- Title string
- User title
- User
Type string - User employee type
- Zip
Code string - User zipcode or postal code
- Email string
- User primary email address
- First
Name string - User first name
- Last
Name string - User last name
- Login string
- User Okta login
- City string
- User city
- Cost
Center string - User cost center
- Country
Code string - User country code
- Custom
Profile stringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- Custom
Profile []stringAttributes To Ignores - Department string
- User department
- Display
Name string - User display name, suitable to show end users
- Division string
- User division
- Employee
Number string - User employee number
- Expire
Password boolOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - Honorific
Prefix string - User honorific prefix
- Honorific
Suffix string - User honorific suffix
- Locale string
- User default location
- Manager string
- Manager of User
- Manager
Id string - Manager ID of User
- Middle
Name string - User middle name
- Mobile
Phone string - User mobile phone number
- Nick
Name string - User nickname
- Old
Password string - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - Organization string
- User organization
- Password string
- User Password
- Password
Hash UserPassword Hash Args - Specifies a hashed password to import into Okta.
- Password
Inline stringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - Postal
Address string - User mailing address
- Preferred
Language string - User preferred language
- Primary
Phone string - User primary phone number
- Profile
Url string - User online profile (web page)
- Recovery
Answer string - User Password Recovery Answer
- Recovery
Question string - User Password Recovery Question
- Second
Email string - User secondary email address, used for account recovery
- Skip
Roles bool - Do not populate user roles information (prevents additional API call)
- State string
- User state or region
- Status string
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - Street
Address string - User street address
- Timezone string
- User default timezone
- Title string
- User title
- User
Type string - User employee type
- Zip
Code string - User zipcode or postal code
- email String
- User primary email address
- first
Name String - User first name
- last
Name String - User last name
- login String
- User Okta login
- city String
- User city
- cost
Center String - User cost center
- country
Code String - User country code
- custom
Profile StringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- custom
Profile List<String>Attributes To Ignores - department String
- User department
- display
Name String - User display name, suitable to show end users
- division String
- User division
- employee
Number String - User employee number
- expire
Password BooleanOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - honorific
Prefix String - User honorific prefix
- honorific
Suffix String - User honorific suffix
- locale String
- User default location
- manager String
- Manager of User
- manager
Id String - Manager ID of User
- middle
Name String - User middle name
- mobile
Phone String - User mobile phone number
- nick
Name String - User nickname
- old
Password String - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - organization String
- User organization
- password String
- User Password
- password
Hash UserPassword Hash - Specifies a hashed password to import into Okta.
- password
Inline StringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - postal
Address String - User mailing address
- preferred
Language String - User preferred language
- primary
Phone String - User primary phone number
- profile
Url String - User online profile (web page)
- recovery
Answer String - User Password Recovery Answer
- recovery
Question String - User Password Recovery Question
- second
Email String - User secondary email address, used for account recovery
- skip
Roles Boolean - Do not populate user roles information (prevents additional API call)
- state String
- User state or region
- status String
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - street
Address String - User street address
- timezone String
- User default timezone
- title String
- User title
- user
Type String - User employee type
- zip
Code String - User zipcode or postal code
- email string
- User primary email address
- first
Name string - User first name
- last
Name string - User last name
- login string
- User Okta login
- city string
- User city
- cost
Center string - User cost center
- country
Code string - User country code
- custom
Profile stringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- custom
Profile string[]Attributes To Ignores - department string
- User department
- display
Name string - User display name, suitable to show end users
- division string
- User division
- employee
Number string - User employee number
- expire
Password booleanOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - honorific
Prefix string - User honorific prefix
- honorific
Suffix string - User honorific suffix
- locale string
- User default location
- manager string
- Manager of User
- manager
Id string - Manager ID of User
- middle
Name string - User middle name
- mobile
Phone string - User mobile phone number
- nick
Name string - User nickname
- old
Password string - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - organization string
- User organization
- password string
- User Password
- password
Hash UserPassword Hash - Specifies a hashed password to import into Okta.
- password
Inline stringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - postal
Address string - User mailing address
- preferred
Language string - User preferred language
- primary
Phone string - User primary phone number
- profile
Url string - User online profile (web page)
- recovery
Answer string - User Password Recovery Answer
- recovery
Question string - User Password Recovery Question
- second
Email string - User secondary email address, used for account recovery
- skip
Roles boolean - Do not populate user roles information (prevents additional API call)
- state string
- User state or region
- status string
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - street
Address string - User street address
- timezone string
- User default timezone
- title string
- User title
- user
Type string - User employee type
- zip
Code string - User zipcode or postal code
- email str
- User primary email address
- first_
name str - User first name
- last_
name str - User last name
- login str
- User Okta login
- city str
- User city
- cost_
center str - User cost center
- country_
code str - User country code
- custom_
profile_ strattributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- custom_
profile_ Sequence[str]attributes_ to_ ignores - department str
- User department
- display_
name str - User display name, suitable to show end users
- division str
- User division
- employee_
number str - User employee number
- expire_
password_ boolon_ create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - honorific_
prefix str - User honorific prefix
- honorific_
suffix str - User honorific suffix
- locale str
- User default location
- manager str
- Manager of User
- manager_
id str - Manager ID of User
- middle_
name str - User middle name
- mobile_
phone str - User mobile phone number
- nick_
name str - User nickname
- old_
password str - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - organization str
- User organization
- password str
- User Password
- password_
hash UserPassword Hash Args - Specifies a hashed password to import into Okta.
- password_
inline_ strhook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - postal_
address str - User mailing address
- preferred_
language str - User preferred language
- primary_
phone str - User primary phone number
- profile_
url str - User online profile (web page)
- recovery_
answer str - User Password Recovery Answer
- recovery_
question str - User Password Recovery Question
- second_
email str - User secondary email address, used for account recovery
- skip_
roles bool - Do not populate user roles information (prevents additional API call)
- state str
- User state or region
- status str
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - street_
address str - User street address
- timezone str
- User default timezone
- title str
- User title
- user_
type str - User employee type
- zip_
code str - User zipcode or postal code
- email String
- User primary email address
- first
Name String - User first name
- last
Name String - User last name
- login String
- User Okta login
- city String
- User city
- cost
Center String - User cost center
- country
Code String - User country code
- custom
Profile StringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- custom
Profile List<String>Attributes To Ignores - department String
- User department
- display
Name String - User display name, suitable to show end users
- division String
- User division
- employee
Number String - User employee number
- expire
Password BooleanOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - honorific
Prefix String - User honorific prefix
- honorific
Suffix String - User honorific suffix
- locale String
- User default location
- manager String
- Manager of User
- manager
Id String - Manager ID of User
- middle
Name String - User middle name
- mobile
Phone String - User mobile phone number
- nick
Name String - User nickname
- old
Password String - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - organization String
- User organization
- password String
- User Password
- password
Hash Property Map - Specifies a hashed password to import into Okta.
- password
Inline StringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - postal
Address String - User mailing address
- preferred
Language String - User preferred language
- primary
Phone String - User primary phone number
- profile
Url String - User online profile (web page)
- recovery
Answer String - User Password Recovery Answer
- recovery
Question String - User Password Recovery Question
- second
Email String - User secondary email address, used for account recovery
- skip
Roles Boolean - Do not populate user roles information (prevents additional API call)
- state String
- User state or region
- status String
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - street
Address String - User street address
- timezone String
- User default timezone
- title String
- User title
- user
Type String - User employee type
- zip
Code String - User zipcode or postal code
Outputs
All input properties are implicitly available as output properties. Additionally, the User resource produces the following output properties:
- id str
- The provider-assigned unique ID for this managed resource.
- raw_
status str - The raw status of the User in Okta - (status is mapped)
Look up Existing User Resource
Get an existing User resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: UserState, opts?: CustomResourceOptions): User@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
city: Optional[str] = None,
cost_center: Optional[str] = None,
country_code: Optional[str] = None,
custom_profile_attributes: Optional[str] = None,
custom_profile_attributes_to_ignores: Optional[Sequence[str]] = None,
department: Optional[str] = None,
display_name: Optional[str] = None,
division: Optional[str] = None,
email: Optional[str] = None,
employee_number: Optional[str] = None,
expire_password_on_create: Optional[bool] = None,
first_name: Optional[str] = None,
honorific_prefix: Optional[str] = None,
honorific_suffix: Optional[str] = None,
last_name: Optional[str] = None,
locale: Optional[str] = None,
login: Optional[str] = None,
manager: Optional[str] = None,
manager_id: Optional[str] = None,
middle_name: Optional[str] = None,
mobile_phone: Optional[str] = None,
nick_name: Optional[str] = None,
old_password: Optional[str] = None,
organization: Optional[str] = None,
password: Optional[str] = None,
password_hash: Optional[UserPasswordHashArgs] = None,
password_inline_hook: Optional[str] = None,
postal_address: Optional[str] = None,
preferred_language: Optional[str] = None,
primary_phone: Optional[str] = None,
profile_url: Optional[str] = None,
raw_status: Optional[str] = None,
recovery_answer: Optional[str] = None,
recovery_question: Optional[str] = None,
second_email: Optional[str] = None,
skip_roles: Optional[bool] = None,
state: Optional[str] = None,
status: Optional[str] = None,
street_address: Optional[str] = None,
timezone: Optional[str] = None,
title: Optional[str] = None,
user_type: Optional[str] = None,
zip_code: Optional[str] = None) -> Userfunc GetUser(ctx *Context, name string, id IDInput, state *UserState, opts ...ResourceOption) (*User, error)public static User Get(string name, Input<string> id, UserState? state, CustomResourceOptions? opts = null)public static User get(String name, Output<String> id, UserState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- City string
- User city
- Cost
Center string - User cost center
- Country
Code string - User country code
- Custom
Profile stringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- Custom
Profile List<string>Attributes To Ignores - Department string
- User department
- Display
Name string - User display name, suitable to show end users
- Division string
- User division
- Email string
- User primary email address
- Employee
Number string - User employee number
- Expire
Password boolOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - First
Name string - User first name
- Honorific
Prefix string - User honorific prefix
- Honorific
Suffix string - User honorific suffix
- Last
Name string - User last name
- Locale string
- User default location
- Login string
- User Okta login
- Manager string
- Manager of User
- Manager
Id string - Manager ID of User
- Middle
Name string - User middle name
- Mobile
Phone string - User mobile phone number
- Nick
Name string - User nickname
- Old
Password string - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - Organization string
- User organization
- Password string
- User Password
- Password
Hash UserPassword Hash - Specifies a hashed password to import into Okta.
- Password
Inline stringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - Postal
Address string - User mailing address
- Preferred
Language string - User preferred language
- Primary
Phone string - User primary phone number
- Profile
Url string - User online profile (web page)
- Raw
Status string - The raw status of the User in Okta - (status is mapped)
- Recovery
Answer string - User Password Recovery Answer
- Recovery
Question string - User Password Recovery Question
- Second
Email string - User secondary email address, used for account recovery
- Skip
Roles bool - Do not populate user roles information (prevents additional API call)
- State string
- User state or region
- Status string
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - Street
Address string - User street address
- Timezone string
- User default timezone
- Title string
- User title
- User
Type string - User employee type
- Zip
Code string - User zipcode or postal code
- City string
- User city
- Cost
Center string - User cost center
- Country
Code string - User country code
- Custom
Profile stringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- Custom
Profile []stringAttributes To Ignores - Department string
- User department
- Display
Name string - User display name, suitable to show end users
- Division string
- User division
- Email string
- User primary email address
- Employee
Number string - User employee number
- Expire
Password boolOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - First
Name string - User first name
- Honorific
Prefix string - User honorific prefix
- Honorific
Suffix string - User honorific suffix
- Last
Name string - User last name
- Locale string
- User default location
- Login string
- User Okta login
- Manager string
- Manager of User
- Manager
Id string - Manager ID of User
- Middle
Name string - User middle name
- Mobile
Phone string - User mobile phone number
- Nick
Name string - User nickname
- Old
Password string - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - Organization string
- User organization
- Password string
- User Password
- Password
Hash UserPassword Hash Args - Specifies a hashed password to import into Okta.
- Password
Inline stringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - Postal
Address string - User mailing address
- Preferred
Language string - User preferred language
- Primary
Phone string - User primary phone number
- Profile
Url string - User online profile (web page)
- Raw
Status string - The raw status of the User in Okta - (status is mapped)
- Recovery
Answer string - User Password Recovery Answer
- Recovery
Question string - User Password Recovery Question
- Second
Email string - User secondary email address, used for account recovery
- Skip
Roles bool - Do not populate user roles information (prevents additional API call)
- State string
- User state or region
- Status string
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - Street
Address string - User street address
- Timezone string
- User default timezone
- Title string
- User title
- User
Type string - User employee type
- Zip
Code string - User zipcode or postal code
- city String
- User city
- cost
Center String - User cost center
- country
Code String - User country code
- custom
Profile StringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- custom
Profile List<String>Attributes To Ignores - department String
- User department
- display
Name String - User display name, suitable to show end users
- division String
- User division
- email String
- User primary email address
- employee
Number String - User employee number
- expire
Password BooleanOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - first
Name String - User first name
- honorific
Prefix String - User honorific prefix
- honorific
Suffix String - User honorific suffix
- last
Name String - User last name
- locale String
- User default location
- login String
- User Okta login
- manager String
- Manager of User
- manager
Id String - Manager ID of User
- middle
Name String - User middle name
- mobile
Phone String - User mobile phone number
- nick
Name String - User nickname
- old
Password String - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - organization String
- User organization
- password String
- User Password
- password
Hash UserPassword Hash - Specifies a hashed password to import into Okta.
- password
Inline StringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - postal
Address String - User mailing address
- preferred
Language String - User preferred language
- primary
Phone String - User primary phone number
- profile
Url String - User online profile (web page)
- raw
Status String - The raw status of the User in Okta - (status is mapped)
- recovery
Answer String - User Password Recovery Answer
- recovery
Question String - User Password Recovery Question
- second
Email String - User secondary email address, used for account recovery
- skip
Roles Boolean - Do not populate user roles information (prevents additional API call)
- state String
- User state or region
- status String
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - street
Address String - User street address
- timezone String
- User default timezone
- title String
- User title
- user
Type String - User employee type
- zip
Code String - User zipcode or postal code
- city string
- User city
- cost
Center string - User cost center
- country
Code string - User country code
- custom
Profile stringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- custom
Profile string[]Attributes To Ignores - department string
- User department
- display
Name string - User display name, suitable to show end users
- division string
- User division
- email string
- User primary email address
- employee
Number string - User employee number
- expire
Password booleanOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - first
Name string - User first name
- honorific
Prefix string - User honorific prefix
- honorific
Suffix string - User honorific suffix
- last
Name string - User last name
- locale string
- User default location
- login string
- User Okta login
- manager string
- Manager of User
- manager
Id string - Manager ID of User
- middle
Name string - User middle name
- mobile
Phone string - User mobile phone number
- nick
Name string - User nickname
- old
Password string - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - organization string
- User organization
- password string
- User Password
- password
Hash UserPassword Hash - Specifies a hashed password to import into Okta.
- password
Inline stringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - postal
Address string - User mailing address
- preferred
Language string - User preferred language
- primary
Phone string - User primary phone number
- profile
Url string - User online profile (web page)
- raw
Status string - The raw status of the User in Okta - (status is mapped)
- recovery
Answer string - User Password Recovery Answer
- recovery
Question string - User Password Recovery Question
- second
Email string - User secondary email address, used for account recovery
- skip
Roles boolean - Do not populate user roles information (prevents additional API call)
- state string
- User state or region
- status string
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - street
Address string - User street address
- timezone string
- User default timezone
- title string
- User title
- user
Type string - User employee type
- zip
Code string - User zipcode or postal code
- city str
- User city
- cost_
center str - User cost center
- country_
code str - User country code
- custom_
profile_ strattributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- custom_
profile_ Sequence[str]attributes_ to_ ignores - department str
- User department
- display_
name str - User display name, suitable to show end users
- division str
- User division
- email str
- User primary email address
- employee_
number str - User employee number
- expire_
password_ boolon_ create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - first_
name str - User first name
- honorific_
prefix str - User honorific prefix
- honorific_
suffix str - User honorific suffix
- last_
name str - User last name
- locale str
- User default location
- login str
- User Okta login
- manager str
- Manager of User
- manager_
id str - Manager ID of User
- middle_
name str - User middle name
- mobile_
phone str - User mobile phone number
- nick_
name str - User nickname
- old_
password str - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - organization str
- User organization
- password str
- User Password
- password_
hash UserPassword Hash Args - Specifies a hashed password to import into Okta.
- password_
inline_ strhook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - postal_
address str - User mailing address
- preferred_
language str - User preferred language
- primary_
phone str - User primary phone number
- profile_
url str - User online profile (web page)
- raw_
status str - The raw status of the User in Okta - (status is mapped)
- recovery_
answer str - User Password Recovery Answer
- recovery_
question str - User Password Recovery Question
- second_
email str - User secondary email address, used for account recovery
- skip_
roles bool - Do not populate user roles information (prevents additional API call)
- state str
- User state or region
- status str
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - street_
address str - User street address
- timezone str
- User default timezone
- title str
- User title
- user_
type str - User employee type
- zip_
code str - User zipcode or postal code
- city String
- User city
- cost
Center String - User cost center
- country
Code String - User country code
- custom
Profile StringAttributes - JSON formatted custom attributes for a user. It must be JSON due to various types Okta allows.
- custom
Profile List<String>Attributes To Ignores - department String
- User department
- display
Name String - User display name, suitable to show end users
- division String
- User division
- email String
- User primary email address
- employee
Number String - User employee number
- expire
Password BooleanOn Create - If set to
true, the user will have to change the password at the next login. This property will be used when user is being created and works only whenpasswordfield is set. Default:false - first
Name String - User first name
- honorific
Prefix String - User honorific prefix
- honorific
Suffix String - User honorific suffix
- last
Name String - User last name
- locale String
- User default location
- login String
- User Okta login
- manager String
- Manager of User
- manager
Id String - Manager ID of User
- middle
Name String - User middle name
- mobile
Phone String - User mobile phone number
- nick
Name String - User nickname
- old
Password String - Old User Password. Should be only set in case the password was not changed using the provider. fter successful password change this field should be removed and
passwordfield should be used for further changes. - organization String
- User organization
- password String
- User Password
- password
Hash Property Map - Specifies a hashed password to import into Okta.
- password
Inline StringHook - Specifies that a Password Import Inline Hook should be triggered to handle verification of the user's password the first time the user logs in. This allows an existing password to be imported into Okta directly from some other store. When updating a user with a password hook the user must be in the
STAGEDstatus. Thepasswordfield should not be specified when using Password Import Inline Hook. - postal
Address String - User mailing address
- preferred
Language String - User preferred language
- primary
Phone String - User primary phone number
- profile
Url String - User online profile (web page)
- raw
Status String - The raw status of the User in Okta - (status is mapped)
- recovery
Answer String - User Password Recovery Answer
- recovery
Question String - User Password Recovery Question
- second
Email String - User secondary email address, used for account recovery
- skip
Roles Boolean - Do not populate user roles information (prevents additional API call)
- state String
- User state or region
- status String
- User profile property. Valid values are
ACTIVE,DEPROVISIONED,STAGED,SUSPENDED. Default:ACTIVE - street
Address String - User street address
- timezone String
- User default timezone
- title String
- User title
- user
Type String - User employee type
- zip
Code String - User zipcode or postal code
Supporting Types
UserPasswordHash, UserPasswordHashArgs
- Algorithm string
- The algorithm used to generate the hash using the password
- Value string
- For SHA-512, SHA-256, SHA-1, MD5, This is the actual base64-encoded hash of the password (and salt, if used). This is the Base64 encoded value of the SHA-512/SHA-256/SHA-1/MD5 digest that was computed by either pre-fixing or post-fixing the salt to the password, depending on the saltOrder. If a salt was not used in the source system, then this should just be the the Base64 encoded value of the password's SHA-512/SHA-256/SHA-1/MD5 digest. For BCRYPT, This is the actual radix64-encoded hashed password.
- Salt string
- Only required for salted hashes
- Salt
Order string - Specifies whether salt was pre- or postfixed to the password before hashing
- Work
Factor int - Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm
- Algorithm string
- The algorithm used to generate the hash using the password
- Value string
- For SHA-512, SHA-256, SHA-1, MD5, This is the actual base64-encoded hash of the password (and salt, if used). This is the Base64 encoded value of the SHA-512/SHA-256/SHA-1/MD5 digest that was computed by either pre-fixing or post-fixing the salt to the password, depending on the saltOrder. If a salt was not used in the source system, then this should just be the the Base64 encoded value of the password's SHA-512/SHA-256/SHA-1/MD5 digest. For BCRYPT, This is the actual radix64-encoded hashed password.
- Salt string
- Only required for salted hashes
- Salt
Order string - Specifies whether salt was pre- or postfixed to the password before hashing
- Work
Factor int - Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm
- algorithm String
- The algorithm used to generate the hash using the password
- value String
- For SHA-512, SHA-256, SHA-1, MD5, This is the actual base64-encoded hash of the password (and salt, if used). This is the Base64 encoded value of the SHA-512/SHA-256/SHA-1/MD5 digest that was computed by either pre-fixing or post-fixing the salt to the password, depending on the saltOrder. If a salt was not used in the source system, then this should just be the the Base64 encoded value of the password's SHA-512/SHA-256/SHA-1/MD5 digest. For BCRYPT, This is the actual radix64-encoded hashed password.
- salt String
- Only required for salted hashes
- salt
Order String - Specifies whether salt was pre- or postfixed to the password before hashing
- work
Factor Integer - Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm
- algorithm string
- The algorithm used to generate the hash using the password
- value string
- For SHA-512, SHA-256, SHA-1, MD5, This is the actual base64-encoded hash of the password (and salt, if used). This is the Base64 encoded value of the SHA-512/SHA-256/SHA-1/MD5 digest that was computed by either pre-fixing or post-fixing the salt to the password, depending on the saltOrder. If a salt was not used in the source system, then this should just be the the Base64 encoded value of the password's SHA-512/SHA-256/SHA-1/MD5 digest. For BCRYPT, This is the actual radix64-encoded hashed password.
- salt string
- Only required for salted hashes
- salt
Order string - Specifies whether salt was pre- or postfixed to the password before hashing
- work
Factor number - Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm
- algorithm str
- The algorithm used to generate the hash using the password
- value str
- For SHA-512, SHA-256, SHA-1, MD5, This is the actual base64-encoded hash of the password (and salt, if used). This is the Base64 encoded value of the SHA-512/SHA-256/SHA-1/MD5 digest that was computed by either pre-fixing or post-fixing the salt to the password, depending on the saltOrder. If a salt was not used in the source system, then this should just be the the Base64 encoded value of the password's SHA-512/SHA-256/SHA-1/MD5 digest. For BCRYPT, This is the actual radix64-encoded hashed password.
- salt str
- Only required for salted hashes
- salt_
order str - Specifies whether salt was pre- or postfixed to the password before hashing
- work_
factor int - Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm
- algorithm String
- The algorithm used to generate the hash using the password
- value String
- For SHA-512, SHA-256, SHA-1, MD5, This is the actual base64-encoded hash of the password (and salt, if used). This is the Base64 encoded value of the SHA-512/SHA-256/SHA-1/MD5 digest that was computed by either pre-fixing or post-fixing the salt to the password, depending on the saltOrder. If a salt was not used in the source system, then this should just be the the Base64 encoded value of the password's SHA-512/SHA-256/SHA-1/MD5 digest. For BCRYPT, This is the actual radix64-encoded hashed password.
- salt String
- Only required for salted hashes
- salt
Order String - Specifies whether salt was pre- or postfixed to the password before hashing
- work
Factor Number - Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm
Import
$ pulumi import okta:user/user:User example <user id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Okta pulumi/pulumi-okta
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oktaTerraform Provider.