onelogin v0.6.6 published on Friday, Sep 20, 2024 by Pulumi
onelogin.App
Explore with Pulumi AI
Create App Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new App(name: string, args: AppArgs, opts?: CustomResourceOptions);
@overload
def App(resource_name: str,
args: AppArgs,
opts: Optional[ResourceOptions] = None)
@overload
def App(resource_name: str,
opts: Optional[ResourceOptions] = None,
connector_id: Optional[int] = None,
login_config: Optional[int] = None,
tab_id: Optional[int] = None,
brand_id: Optional[int] = None,
configuration: Optional[AppConfigurationArgs] = None,
auth_method: Optional[int] = None,
created_at: Optional[str] = None,
description: Optional[str] = None,
name: Optional[str] = None,
visible: Optional[bool] = None,
auth_method_description: Optional[str] = None,
enforcement_point: Optional[AppEnforcementPointArgs] = None,
notes: Optional[str] = None,
parameters: Optional[AppParametersArgs] = None,
policy_id: Optional[int] = None,
provisioning: Optional[AppProvisioningArgs] = None,
role_ids: Optional[Sequence[int]] = None,
sso: Optional[AppSsoArgs] = None,
allow_assumed_signin: Optional[bool] = None,
updated_at: Optional[str] = None,
icon_url: Optional[str] = None)
func NewApp(ctx *Context, name string, args AppArgs, opts ...ResourceOption) (*App, error)
public App(string name, AppArgs args, CustomResourceOptions? opts = null)
type: onelogin:App
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AppArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AppArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AppArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AppArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AppArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var appResource = new Onelogin.App("appResource", new()
{
ConnectorId = 0,
LoginConfig = 0,
TabId = 0,
BrandId = 0,
Configuration = new Onelogin.Inputs.AppConfigurationArgs
{
AccessTokenExpirationMinutes = 0,
LoginUrl = "string",
OidcApiVersion = "string",
OidcApplicationType = 0,
OidcEncryptionKey = "string",
PostLogoutRedirectUri = "string",
RedirectUri = "string",
RefreshTokenExpirationMinutes = 0,
TokenEndpointAuthMethod = 0,
},
AuthMethod = 0,
CreatedAt = "string",
Description = "string",
Name = "string",
Visible = false,
AuthMethodDescription = "string",
EnforcementPoint = new Onelogin.Inputs.AppEnforcementPointArgs
{
CaseSensitive = false,
Conditions = "string",
ContextRoot = "string",
LandingPage = "string",
Permissions = "string",
RequireSitewideAuthentication = false,
Resources = new[]
{
new Onelogin.Inputs.AppEnforcementPointResourceArgs
{
Conditions = "string",
IsPathRegex = false,
Path = "string",
Permission = "string",
RequireAuth = false,
},
},
SessionExpiryFixed = new Onelogin.Inputs.AppEnforcementPointSessionExpiryFixedArgs
{
Unit = 0,
Value = 0,
},
SessionExpiryInactivity = new Onelogin.Inputs.AppEnforcementPointSessionExpiryInactivityArgs
{
Unit = 0,
Value = 0,
},
Target = "string",
Token = "string",
UseTargetHostHeader = false,
Vhost = "string",
},
Notes = "string",
Parameters = new Onelogin.Inputs.AppParametersArgs
{
Groups = new Onelogin.Inputs.AppParametersGroupsArgs
{
AttributesTransformations = "string",
DefaultValues = "string",
Id = 0,
Label = "string",
ProvisionedEntitlements = false,
SkipIfBlank = false,
UserAttributeMacros = "string",
UserAttributeMappings = "string",
Values = "string",
},
},
PolicyId = 0,
Provisioning = new Onelogin.Inputs.AppProvisioningArgs
{
Enabled = false,
Status = "string",
},
RoleIds = new[]
{
0,
},
Sso = new Onelogin.Inputs.AppSsoArgs
{
AcsUrl = "string",
Certificate = new Onelogin.Inputs.AppSsoCertificateArgs
{
Id = 0,
Name = "string",
Value = "string",
},
ClientId = "string",
ClientSecret = "string",
Issuer = "string",
MetadataUrl = "string",
},
AllowAssumedSignin = false,
UpdatedAt = "string",
IconUrl = "string",
});
example, err := onelogin.NewApp(ctx, "appResource", &onelogin.AppArgs{
ConnectorId: pulumi.Int(0),
LoginConfig: pulumi.Int(0),
TabId: pulumi.Int(0),
BrandId: pulumi.Int(0),
Configuration: &onelogin.AppConfigurationArgs{
AccessTokenExpirationMinutes: pulumi.Int(0),
LoginUrl: pulumi.String("string"),
OidcApiVersion: pulumi.String("string"),
OidcApplicationType: pulumi.Int(0),
OidcEncryptionKey: pulumi.String("string"),
PostLogoutRedirectUri: pulumi.String("string"),
RedirectUri: pulumi.String("string"),
RefreshTokenExpirationMinutes: pulumi.Int(0),
TokenEndpointAuthMethod: pulumi.Int(0),
},
AuthMethod: pulumi.Int(0),
CreatedAt: pulumi.String("string"),
Description: pulumi.String("string"),
Name: pulumi.String("string"),
Visible: pulumi.Bool(false),
AuthMethodDescription: pulumi.String("string"),
EnforcementPoint: &onelogin.AppEnforcementPointArgs{
CaseSensitive: pulumi.Bool(false),
Conditions: pulumi.String("string"),
ContextRoot: pulumi.String("string"),
LandingPage: pulumi.String("string"),
Permissions: pulumi.String("string"),
RequireSitewideAuthentication: pulumi.Bool(false),
Resources: onelogin.AppEnforcementPointResourceArray{
&onelogin.AppEnforcementPointResourceArgs{
Conditions: pulumi.String("string"),
IsPathRegex: pulumi.Bool(false),
Path: pulumi.String("string"),
Permission: pulumi.String("string"),
RequireAuth: pulumi.Bool(false),
},
},
SessionExpiryFixed: &onelogin.AppEnforcementPointSessionExpiryFixedArgs{
Unit: pulumi.Int(0),
Value: pulumi.Int(0),
},
SessionExpiryInactivity: &onelogin.AppEnforcementPointSessionExpiryInactivityArgs{
Unit: pulumi.Int(0),
Value: pulumi.Int(0),
},
Target: pulumi.String("string"),
Token: pulumi.String("string"),
UseTargetHostHeader: pulumi.Bool(false),
Vhost: pulumi.String("string"),
},
Notes: pulumi.String("string"),
Parameters: &onelogin.AppParametersArgs{
Groups: &onelogin.AppParametersGroupsArgs{
AttributesTransformations: pulumi.String("string"),
DefaultValues: pulumi.String("string"),
Id: pulumi.Int(0),
Label: pulumi.String("string"),
ProvisionedEntitlements: pulumi.Bool(false),
SkipIfBlank: pulumi.Bool(false),
UserAttributeMacros: pulumi.String("string"),
UserAttributeMappings: pulumi.String("string"),
Values: pulumi.String("string"),
},
},
PolicyId: pulumi.Int(0),
Provisioning: &onelogin.AppProvisioningArgs{
Enabled: pulumi.Bool(false),
Status: pulumi.String("string"),
},
RoleIds: pulumi.IntArray{
pulumi.Int(0),
},
Sso: &onelogin.AppSsoArgs{
AcsUrl: pulumi.String("string"),
Certificate: &onelogin.AppSsoCertificateArgs{
Id: pulumi.Int(0),
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
Issuer: pulumi.String("string"),
MetadataUrl: pulumi.String("string"),
},
AllowAssumedSignin: pulumi.Bool(false),
UpdatedAt: pulumi.String("string"),
IconUrl: pulumi.String("string"),
})
var appResource = new App("appResource", AppArgs.builder()
.connectorId(0)
.loginConfig(0)
.tabId(0)
.brandId(0)
.configuration(AppConfigurationArgs.builder()
.accessTokenExpirationMinutes(0)
.loginUrl("string")
.oidcApiVersion("string")
.oidcApplicationType(0)
.oidcEncryptionKey("string")
.postLogoutRedirectUri("string")
.redirectUri("string")
.refreshTokenExpirationMinutes(0)
.tokenEndpointAuthMethod(0)
.build())
.authMethod(0)
.createdAt("string")
.description("string")
.name("string")
.visible(false)
.authMethodDescription("string")
.enforcementPoint(AppEnforcementPointArgs.builder()
.caseSensitive(false)
.conditions("string")
.contextRoot("string")
.landingPage("string")
.permissions("string")
.requireSitewideAuthentication(false)
.resources(AppEnforcementPointResourceArgs.builder()
.conditions("string")
.isPathRegex(false)
.path("string")
.permission("string")
.requireAuth(false)
.build())
.sessionExpiryFixed(AppEnforcementPointSessionExpiryFixedArgs.builder()
.unit(0)
.value(0)
.build())
.sessionExpiryInactivity(AppEnforcementPointSessionExpiryInactivityArgs.builder()
.unit(0)
.value(0)
.build())
.target("string")
.token("string")
.useTargetHostHeader(false)
.vhost("string")
.build())
.notes("string")
.parameters(AppParametersArgs.builder()
.groups(AppParametersGroupsArgs.builder()
.attributesTransformations("string")
.defaultValues("string")
.id(0)
.label("string")
.provisionedEntitlements(false)
.skipIfBlank(false)
.userAttributeMacros("string")
.userAttributeMappings("string")
.values("string")
.build())
.build())
.policyId(0)
.provisioning(AppProvisioningArgs.builder()
.enabled(false)
.status("string")
.build())
.roleIds(0)
.sso(AppSsoArgs.builder()
.acsUrl("string")
.certificate(AppSsoCertificateArgs.builder()
.id(0)
.name("string")
.value("string")
.build())
.clientId("string")
.clientSecret("string")
.issuer("string")
.metadataUrl("string")
.build())
.allowAssumedSignin(false)
.updatedAt("string")
.iconUrl("string")
.build());
app_resource = onelogin.App("appResource",
connector_id=0,
login_config=0,
tab_id=0,
brand_id=0,
configuration=onelogin.AppConfigurationArgs(
access_token_expiration_minutes=0,
login_url="string",
oidc_api_version="string",
oidc_application_type=0,
oidc_encryption_key="string",
post_logout_redirect_uri="string",
redirect_uri="string",
refresh_token_expiration_minutes=0,
token_endpoint_auth_method=0,
),
auth_method=0,
created_at="string",
description="string",
name="string",
visible=False,
auth_method_description="string",
enforcement_point=onelogin.AppEnforcementPointArgs(
case_sensitive=False,
conditions="string",
context_root="string",
landing_page="string",
permissions="string",
require_sitewide_authentication=False,
resources=[onelogin.AppEnforcementPointResourceArgs(
conditions="string",
is_path_regex=False,
path="string",
permission="string",
require_auth=False,
)],
session_expiry_fixed=onelogin.AppEnforcementPointSessionExpiryFixedArgs(
unit=0,
value=0,
),
session_expiry_inactivity=onelogin.AppEnforcementPointSessionExpiryInactivityArgs(
unit=0,
value=0,
),
target="string",
token="string",
use_target_host_header=False,
vhost="string",
),
notes="string",
parameters=onelogin.AppParametersArgs(
groups=onelogin.AppParametersGroupsArgs(
attributes_transformations="string",
default_values="string",
id=0,
label="string",
provisioned_entitlements=False,
skip_if_blank=False,
user_attribute_macros="string",
user_attribute_mappings="string",
values="string",
),
),
policy_id=0,
provisioning=onelogin.AppProvisioningArgs(
enabled=False,
status="string",
),
role_ids=[0],
sso=onelogin.AppSsoArgs(
acs_url="string",
certificate=onelogin.AppSsoCertificateArgs(
id=0,
name="string",
value="string",
),
client_id="string",
client_secret="string",
issuer="string",
metadata_url="string",
),
allow_assumed_signin=False,
updated_at="string",
icon_url="string")
const appResource = new onelogin.App("appResource", {
connectorId: 0,
loginConfig: 0,
tabId: 0,
brandId: 0,
configuration: {
accessTokenExpirationMinutes: 0,
loginUrl: "string",
oidcApiVersion: "string",
oidcApplicationType: 0,
oidcEncryptionKey: "string",
postLogoutRedirectUri: "string",
redirectUri: "string",
refreshTokenExpirationMinutes: 0,
tokenEndpointAuthMethod: 0,
},
authMethod: 0,
createdAt: "string",
description: "string",
name: "string",
visible: false,
authMethodDescription: "string",
enforcementPoint: {
caseSensitive: false,
conditions: "string",
contextRoot: "string",
landingPage: "string",
permissions: "string",
requireSitewideAuthentication: false,
resources: [{
conditions: "string",
isPathRegex: false,
path: "string",
permission: "string",
requireAuth: false,
}],
sessionExpiryFixed: {
unit: 0,
value: 0,
},
sessionExpiryInactivity: {
unit: 0,
value: 0,
},
target: "string",
token: "string",
useTargetHostHeader: false,
vhost: "string",
},
notes: "string",
parameters: {
groups: {
attributesTransformations: "string",
defaultValues: "string",
id: 0,
label: "string",
provisionedEntitlements: false,
skipIfBlank: false,
userAttributeMacros: "string",
userAttributeMappings: "string",
values: "string",
},
},
policyId: 0,
provisioning: {
enabled: false,
status: "string",
},
roleIds: [0],
sso: {
acsUrl: "string",
certificate: {
id: 0,
name: "string",
value: "string",
},
clientId: "string",
clientSecret: "string",
issuer: "string",
metadataUrl: "string",
},
allowAssumedSignin: false,
updatedAt: "string",
iconUrl: "string",
});
type: onelogin:App
properties:
allowAssumedSignin: false
authMethod: 0
authMethodDescription: string
brandId: 0
configuration:
accessTokenExpirationMinutes: 0
loginUrl: string
oidcApiVersion: string
oidcApplicationType: 0
oidcEncryptionKey: string
postLogoutRedirectUri: string
redirectUri: string
refreshTokenExpirationMinutes: 0
tokenEndpointAuthMethod: 0
connectorId: 0
createdAt: string
description: string
enforcementPoint:
caseSensitive: false
conditions: string
contextRoot: string
landingPage: string
permissions: string
requireSitewideAuthentication: false
resources:
- conditions: string
isPathRegex: false
path: string
permission: string
requireAuth: false
sessionExpiryFixed:
unit: 0
value: 0
sessionExpiryInactivity:
unit: 0
value: 0
target: string
token: string
useTargetHostHeader: false
vhost: string
iconUrl: string
loginConfig: 0
name: string
notes: string
parameters:
groups:
attributesTransformations: string
defaultValues: string
id: 0
label: string
provisionedEntitlements: false
skipIfBlank: false
userAttributeMacros: string
userAttributeMappings: string
values: string
policyId: 0
provisioning:
enabled: false
status: string
roleIds:
- 0
sso:
acsUrl: string
certificate:
id: 0
name: string
value: string
clientId: string
clientSecret: string
issuer: string
metadataUrl: string
tabId: 0
updatedAt: string
visible: false
App Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The App resource accepts the following input properties:
- Connector
Id int - ID of the connector to base the app from.
- Allow
Assumed boolSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- Auth
Method int - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- Auth
Method stringDescription - Brand
Id int - Configuration
App
Configuration - Only apply configurations that are applicable to the type of app
- Created
At string - the date the app was created
- Description string
- Freeform description of the app.
- Enforcement
Point AppEnforcement Point - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- Icon
Url string - A link to the apps icon url
- Login
Config int - Name string
- The name of the app.
- Notes string
- Freeform notes about the app.
- Parameters
App
Parameters - Policy
Id int - The security policy assigned to the app.
- Provisioning
App
Provisioning - Indicates if provisioning is enabled for this app.
- Role
Ids List<int> - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- Sso
App
Sso - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - Tab
Id int - ID of the OneLogin portal tab that the app is assigned to.
- Updated
At string - the date the app was last updated
- Visible bool
- Indicates if the app is visible in the OneLogin portal.
- Connector
Id int - ID of the connector to base the app from.
- Allow
Assumed boolSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- Auth
Method int - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- Auth
Method stringDescription - Brand
Id int - Configuration
App
Configuration Args - Only apply configurations that are applicable to the type of app
- Created
At string - the date the app was created
- Description string
- Freeform description of the app.
- Enforcement
Point AppEnforcement Point Args - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- Icon
Url string - A link to the apps icon url
- Login
Config int - Name string
- The name of the app.
- Notes string
- Freeform notes about the app.
- Parameters
App
Parameters Args - Policy
Id int - The security policy assigned to the app.
- Provisioning
App
Provisioning Args - Indicates if provisioning is enabled for this app.
- Role
Ids []int - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- Sso
App
Sso Args - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - Tab
Id int - ID of the OneLogin portal tab that the app is assigned to.
- Updated
At string - the date the app was last updated
- Visible bool
- Indicates if the app is visible in the OneLogin portal.
- connector
Id Integer - ID of the connector to base the app from.
- allow
Assumed BooleanSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- auth
Method Integer - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- auth
Method StringDescription - brand
Id Integer - configuration
App
Configuration - Only apply configurations that are applicable to the type of app
- created
At String - the date the app was created
- description String
- Freeform description of the app.
- enforcement
Point AppEnforcement Point - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- icon
Url String - A link to the apps icon url
- login
Config Integer - name String
- The name of the app.
- notes String
- Freeform notes about the app.
- parameters
App
Parameters - policy
Id Integer - The security policy assigned to the app.
- provisioning
App
Provisioning - Indicates if provisioning is enabled for this app.
- role
Ids List<Integer> - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- sso
App
Sso - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - tab
Id Integer - ID of the OneLogin portal tab that the app is assigned to.
- updated
At String - the date the app was last updated
- visible Boolean
- Indicates if the app is visible in the OneLogin portal.
- connector
Id number - ID of the connector to base the app from.
- allow
Assumed booleanSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- auth
Method number - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- auth
Method stringDescription - brand
Id number - configuration
App
Configuration - Only apply configurations that are applicable to the type of app
- created
At string - the date the app was created
- description string
- Freeform description of the app.
- enforcement
Point AppEnforcement Point - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- icon
Url string - A link to the apps icon url
- login
Config number - name string
- The name of the app.
- notes string
- Freeform notes about the app.
- parameters
App
Parameters - policy
Id number - The security policy assigned to the app.
- provisioning
App
Provisioning - Indicates if provisioning is enabled for this app.
- role
Ids number[] - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- sso
App
Sso - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - tab
Id number - ID of the OneLogin portal tab that the app is assigned to.
- updated
At string - the date the app was last updated
- visible boolean
- Indicates if the app is visible in the OneLogin portal.
- connector_
id int - ID of the connector to base the app from.
- allow_
assumed_ boolsignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- auth_
method int - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- auth_
method_ strdescription - brand_
id int - configuration
App
Configuration Args - Only apply configurations that are applicable to the type of app
- created_
at str - the date the app was created
- description str
- Freeform description of the app.
- enforcement_
point AppEnforcement Point Args - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- icon_
url str - A link to the apps icon url
- login_
config int - name str
- The name of the app.
- notes str
- Freeform notes about the app.
- parameters
App
Parameters Args - policy_
id int - The security policy assigned to the app.
- provisioning
App
Provisioning Args - Indicates if provisioning is enabled for this app.
- role_
ids Sequence[int] - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- sso
App
Sso Args - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - tab_
id int - ID of the OneLogin portal tab that the app is assigned to.
- updated_
at str - the date the app was last updated
- visible bool
- Indicates if the app is visible in the OneLogin portal.
- connector
Id Number - ID of the connector to base the app from.
- allow
Assumed BooleanSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- auth
Method Number - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- auth
Method StringDescription - brand
Id Number - configuration Property Map
- Only apply configurations that are applicable to the type of app
- created
At String - the date the app was created
- description String
- Freeform description of the app.
- enforcement
Point Property Map - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- icon
Url String - A link to the apps icon url
- login
Config Number - name String
- The name of the app.
- notes String
- Freeform notes about the app.
- parameters Property Map
- policy
Id Number - The security policy assigned to the app.
- provisioning Property Map
- Indicates if provisioning is enabled for this app.
- role
Ids List<Number> - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- sso Property Map
- The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - tab
Id Number - ID of the OneLogin portal tab that the app is assigned to.
- updated
At String - the date the app was last updated
- visible Boolean
- Indicates if the app is visible in the OneLogin portal.
Outputs
All input properties are implicitly available as output properties. Additionally, the App resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing App Resource
Get an existing App resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AppState, opts?: CustomResourceOptions): App
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allow_assumed_signin: Optional[bool] = None,
auth_method: Optional[int] = None,
auth_method_description: Optional[str] = None,
brand_id: Optional[int] = None,
configuration: Optional[AppConfigurationArgs] = None,
connector_id: Optional[int] = None,
created_at: Optional[str] = None,
description: Optional[str] = None,
enforcement_point: Optional[AppEnforcementPointArgs] = None,
icon_url: Optional[str] = None,
login_config: Optional[int] = None,
name: Optional[str] = None,
notes: Optional[str] = None,
parameters: Optional[AppParametersArgs] = None,
policy_id: Optional[int] = None,
provisioning: Optional[AppProvisioningArgs] = None,
role_ids: Optional[Sequence[int]] = None,
sso: Optional[AppSsoArgs] = None,
tab_id: Optional[int] = None,
updated_at: Optional[str] = None,
visible: Optional[bool] = None) -> App
func GetApp(ctx *Context, name string, id IDInput, state *AppState, opts ...ResourceOption) (*App, error)
public static App Get(string name, Input<string> id, AppState? state, CustomResourceOptions? opts = null)
public static App get(String name, Output<String> id, AppState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allow
Assumed boolSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- Auth
Method int - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- Auth
Method stringDescription - Brand
Id int - Configuration
App
Configuration - Only apply configurations that are applicable to the type of app
- Connector
Id int - ID of the connector to base the app from.
- Created
At string - the date the app was created
- Description string
- Freeform description of the app.
- Enforcement
Point AppEnforcement Point - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- Icon
Url string - A link to the apps icon url
- Login
Config int - Name string
- The name of the app.
- Notes string
- Freeform notes about the app.
- Parameters
App
Parameters - Policy
Id int - The security policy assigned to the app.
- Provisioning
App
Provisioning - Indicates if provisioning is enabled for this app.
- Role
Ids List<int> - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- Sso
App
Sso - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - Tab
Id int - ID of the OneLogin portal tab that the app is assigned to.
- Updated
At string - the date the app was last updated
- Visible bool
- Indicates if the app is visible in the OneLogin portal.
- Allow
Assumed boolSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- Auth
Method int - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- Auth
Method stringDescription - Brand
Id int - Configuration
App
Configuration Args - Only apply configurations that are applicable to the type of app
- Connector
Id int - ID of the connector to base the app from.
- Created
At string - the date the app was created
- Description string
- Freeform description of the app.
- Enforcement
Point AppEnforcement Point Args - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- Icon
Url string - A link to the apps icon url
- Login
Config int - Name string
- The name of the app.
- Notes string
- Freeform notes about the app.
- Parameters
App
Parameters Args - Policy
Id int - The security policy assigned to the app.
- Provisioning
App
Provisioning Args - Indicates if provisioning is enabled for this app.
- Role
Ids []int - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- Sso
App
Sso Args - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - Tab
Id int - ID of the OneLogin portal tab that the app is assigned to.
- Updated
At string - the date the app was last updated
- Visible bool
- Indicates if the app is visible in the OneLogin portal.
- allow
Assumed BooleanSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- auth
Method Integer - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- auth
Method StringDescription - brand
Id Integer - configuration
App
Configuration - Only apply configurations that are applicable to the type of app
- connector
Id Integer - ID of the connector to base the app from.
- created
At String - the date the app was created
- description String
- Freeform description of the app.
- enforcement
Point AppEnforcement Point - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- icon
Url String - A link to the apps icon url
- login
Config Integer - name String
- The name of the app.
- notes String
- Freeform notes about the app.
- parameters
App
Parameters - policy
Id Integer - The security policy assigned to the app.
- provisioning
App
Provisioning - Indicates if provisioning is enabled for this app.
- role
Ids List<Integer> - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- sso
App
Sso - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - tab
Id Integer - ID of the OneLogin portal tab that the app is assigned to.
- updated
At String - the date the app was last updated
- visible Boolean
- Indicates if the app is visible in the OneLogin portal.
- allow
Assumed booleanSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- auth
Method number - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- auth
Method stringDescription - brand
Id number - configuration
App
Configuration - Only apply configurations that are applicable to the type of app
- connector
Id number - ID of the connector to base the app from.
- created
At string - the date the app was created
- description string
- Freeform description of the app.
- enforcement
Point AppEnforcement Point - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- icon
Url string - A link to the apps icon url
- login
Config number - name string
- The name of the app.
- notes string
- Freeform notes about the app.
- parameters
App
Parameters - policy
Id number - The security policy assigned to the app.
- provisioning
App
Provisioning - Indicates if provisioning is enabled for this app.
- role
Ids number[] - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- sso
App
Sso - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - tab
Id number - ID of the OneLogin portal tab that the app is assigned to.
- updated
At string - the date the app was last updated
- visible boolean
- Indicates if the app is visible in the OneLogin portal.
- allow_
assumed_ boolsignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- auth_
method int - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- auth_
method_ strdescription - brand_
id int - configuration
App
Configuration Args - Only apply configurations that are applicable to the type of app
- connector_
id int - ID of the connector to base the app from.
- created_
at str - the date the app was created
- description str
- Freeform description of the app.
- enforcement_
point AppEnforcement Point Args - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- icon_
url str - A link to the apps icon url
- login_
config int - name str
- The name of the app.
- notes str
- Freeform notes about the app.
- parameters
App
Parameters Args - policy_
id int - The security policy assigned to the app.
- provisioning
App
Provisioning Args - Indicates if provisioning is enabled for this app.
- role_
ids Sequence[int] - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- sso
App
Sso Args - The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - tab_
id int - ID of the OneLogin portal tab that the app is assigned to.
- updated_
at str - the date the app was last updated
- visible bool
- Indicates if the app is visible in the OneLogin portal.
- allow
Assumed BooleanSignin - Indicates whether or not administrators can access the app as a user that they have assumed control over.
- auth
Method Number - An ID indicating the type of app: - 0: Password - 1: OpenId - 2: SAML - 3: API - 4: Google - 6: Forms Based App - 7: WSFED - 8: OpenId Connect
- auth
Method StringDescription - brand
Id Number - configuration Property Map
- Only apply configurations that are applicable to the type of app
- connector
Id Number - ID of the connector to base the app from.
- created
At String - the date the app was created
- description String
- Freeform description of the app.
- enforcement
Point Property Map - For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload.
- icon
Url String - A link to the apps icon url
- login
Config Number - name String
- The name of the app.
- notes String
- Freeform notes about the app.
- parameters Property Map
- policy
Id Number - The security policy assigned to the app.
- provisioning Property Map
- Indicates if provisioning is enabled for this app.
- role
Ids List<Number> - List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
- sso Property Map
- The attributes included in the sso section are determined by the type of app. All of the attributes of the
sso
object are read only. - tab
Id Number - ID of the OneLogin portal tab that the app is assigned to.
- updated
At String - the date the app was last updated
- visible Boolean
- Indicates if the app is visible in the OneLogin portal.
Supporting Types
AppConfiguration, AppConfigurationArgs
- Access
Token intExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- Login
Url string - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- Oidc
Api stringVersion - Oidc
Application intType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- Oidc
Encryption stringKey - OIDC Apps only
- Post
Logout stringRedirect Uri - OIDC Apps only
- Redirect
Uri string - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- Refresh
Token intExpiration Minutes - Number of minutes the refresh token will be valid for.
- Token
Endpoint intAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- Access
Token intExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- Login
Url string - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- Oidc
Api stringVersion - Oidc
Application intType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- Oidc
Encryption stringKey - OIDC Apps only
- Post
Logout stringRedirect Uri - OIDC Apps only
- Redirect
Uri string - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- Refresh
Token intExpiration Minutes - Number of minutes the refresh token will be valid for.
- Token
Endpoint intAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- access
Token IntegerExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- login
Url String - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- oidc
Api StringVersion - oidc
Application IntegerType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- oidc
Encryption StringKey - OIDC Apps only
- post
Logout StringRedirect Uri - OIDC Apps only
- redirect
Uri String - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- refresh
Token IntegerExpiration Minutes - Number of minutes the refresh token will be valid for.
- token
Endpoint IntegerAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- access
Token numberExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- login
Url string - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- oidc
Api stringVersion - oidc
Application numberType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- oidc
Encryption stringKey - OIDC Apps only
- post
Logout stringRedirect Uri - OIDC Apps only
- redirect
Uri string - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- refresh
Token numberExpiration Minutes - Number of minutes the refresh token will be valid for.
- token
Endpoint numberAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- access_
token_ intexpiration_ minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- login_
url str - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- oidc_
api_ strversion - oidc_
application_ inttype - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- oidc_
encryption_ strkey - OIDC Apps only
- post_
logout_ strredirect_ uri - OIDC Apps only
- redirect_
uri str - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- refresh_
token_ intexpiration_ minutes - Number of minutes the refresh token will be valid for.
- token_
endpoint_ intauth_ method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- access
Token NumberExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- login
Url String - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- oidc
Api StringVersion - oidc
Application NumberType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- oidc
Encryption StringKey - OIDC Apps only
- post
Logout StringRedirect Uri - OIDC Apps only
- redirect
Uri String - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- refresh
Token NumberExpiration Minutes - Number of minutes the refresh token will be valid for.
- token
Endpoint NumberAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
AppEnforcementPoint, AppEnforcementPointArgs
- Case
Sensitive bool - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- Conditions string
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- Context
Root string - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- Landing
Page string - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- Permissions string
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - Require
Sitewide boolAuthentication - Require user authentication to access any resource protected by this enforcement point.
- Resources
List<App
Enforcement Point Resource> - Array of resource objects
- Session
Expiry AppFixed Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- Session
Expiry AppInactivity Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- Target string
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- Token string
- Can only be set on create. Access Gateway Token.
- Use
Target boolHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- Vhost string
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- Case
Sensitive bool - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- Conditions string
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- Context
Root string - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- Landing
Page string - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- Permissions string
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - Require
Sitewide boolAuthentication - Require user authentication to access any resource protected by this enforcement point.
- Resources
[]App
Enforcement Point Resource - Array of resource objects
- Session
Expiry AppFixed Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- Session
Expiry AppInactivity Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- Target string
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- Token string
- Can only be set on create. Access Gateway Token.
- Use
Target boolHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- Vhost string
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- case
Sensitive Boolean - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- conditions String
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- context
Root String - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- landing
Page String - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- permissions String
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - require
Sitewide BooleanAuthentication - Require user authentication to access any resource protected by this enforcement point.
- resources
List<App
Enforcement Point Resource> - Array of resource objects
- session
Expiry AppFixed Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- session
Expiry AppInactivity Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- target String
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- token String
- Can only be set on create. Access Gateway Token.
- use
Target BooleanHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- vhost String
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- case
Sensitive boolean - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- conditions string
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- context
Root string - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- landing
Page string - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- permissions string
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - require
Sitewide booleanAuthentication - Require user authentication to access any resource protected by this enforcement point.
- resources
App
Enforcement Point Resource[] - Array of resource objects
- session
Expiry AppFixed Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- session
Expiry AppInactivity Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- target string
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- token string
- Can only be set on create. Access Gateway Token.
- use
Target booleanHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- vhost string
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- case_
sensitive bool - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- conditions str
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- context_
root str - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- landing_
page str - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- permissions str
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - require_
sitewide_ boolauthentication - Require user authentication to access any resource protected by this enforcement point.
- resources
Sequence[App
Enforcement Point Resource] - Array of resource objects
- session_
expiry_ Appfixed Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- session_
expiry_ Appinactivity Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- target str
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- token str
- Can only be set on create. Access Gateway Token.
- use_
target_ boolhost_ header - Use the target host header as opposed to the original gateway or upstream host header.
- vhost str
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- case
Sensitive Boolean - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- conditions String
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- context
Root String - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- landing
Page String - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- permissions String
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - require
Sitewide BooleanAuthentication - Require user authentication to access any resource protected by this enforcement point.
- resources List<Property Map>
- Array of resource objects
- session
Expiry Property MapFixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- session
Expiry Property MapInactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- target String
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- token String
- Can only be set on create. Access Gateway Token.
- use
Target BooleanHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- vhost String
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
AppEnforcementPointResource, AppEnforcementPointResourceArgs
- Conditions string
- required if permission == "conditions"
- Is
Path boolRegex - Path string
- Permission string
- Require
Auth bool
- Conditions string
- required if permission == "conditions"
- Is
Path boolRegex - Path string
- Permission string
- Require
Auth bool
- conditions String
- required if permission == "conditions"
- is
Path BooleanRegex - path String
- permission String
- require
Auth Boolean
- conditions string
- required if permission == "conditions"
- is
Path booleanRegex - path string
- permission string
- require
Auth boolean
- conditions str
- required if permission == "conditions"
- is_
path_ boolregex - path str
- permission str
- require_
auth bool
- conditions String
- required if permission == "conditions"
- is
Path BooleanRegex - path String
- permission String
- require
Auth Boolean
AppEnforcementPointSessionExpiryFixed, AppEnforcementPointSessionExpiryFixedArgs
AppEnforcementPointSessionExpiryInactivity, AppEnforcementPointSessionExpiryInactivityArgs
AppParameters, AppParametersArgs
AppParametersGroups, AppParametersGroupsArgs
- Attributes
Transformations string - Default
Values string - Id int
- Label string
- Provisioned
Entitlements bool - Skip
If boolBlank - User
Attribute stringMacros - User
Attribute stringMappings - Values string
- Attributes
Transformations string - Default
Values string - Id int
- Label string
- Provisioned
Entitlements bool - Skip
If boolBlank - User
Attribute stringMacros - User
Attribute stringMappings - Values string
- attributes
Transformations String - default
Values String - id Integer
- label String
- provisioned
Entitlements Boolean - skip
If BooleanBlank - user
Attribute StringMacros - user
Attribute StringMappings - values String
- attributes
Transformations string - default
Values string - id number
- label string
- provisioned
Entitlements boolean - skip
If booleanBlank - user
Attribute stringMacros - user
Attribute stringMappings - values string
- attributes_
transformations str - default_
values str - id int
- label str
- provisioned_
entitlements bool - skip_
if_ boolblank - user_
attribute_ strmacros - user_
attribute_ strmappings - values str
- attributes
Transformations String - default
Values String - id Number
- label String
- provisioned
Entitlements Boolean - skip
If BooleanBlank - user
Attribute StringMacros - user
Attribute StringMappings - values String
AppProvisioning, AppProvisioningArgs
AppSso, AppSsoArgs
- Acs
Url string - App Name. This is only returned after Creating a SAML App.
- Certificate
App
Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- Client
Id string - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- Client
Secret string - OpenId Connet Client Secret
- Issuer string
- Issuer of app. This is only returned after Creating a SAML App.
- Metadata
Url string - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- Acs
Url string - App Name. This is only returned after Creating a SAML App.
- Certificate
App
Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- Client
Id string - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- Client
Secret string - OpenId Connet Client Secret
- Issuer string
- Issuer of app. This is only returned after Creating a SAML App.
- Metadata
Url string - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- acs
Url String - App Name. This is only returned after Creating a SAML App.
- certificate
App
Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- client
Id String - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- client
Secret String - OpenId Connet Client Secret
- issuer String
- Issuer of app. This is only returned after Creating a SAML App.
- metadata
Url String - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- acs
Url string - App Name. This is only returned after Creating a SAML App.
- certificate
App
Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- client
Id string - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- client
Secret string - OpenId Connet Client Secret
- issuer string
- Issuer of app. This is only returned after Creating a SAML App.
- metadata
Url string - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- acs_
url str - App Name. This is only returned after Creating a SAML App.
- certificate
App
Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- client_
id str - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- client_
secret str - OpenId Connet Client Secret
- issuer str
- Issuer of app. This is only returned after Creating a SAML App.
- metadata_
url str - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- acs
Url String - App Name. This is only returned after Creating a SAML App.
- certificate Property Map
- The certificate used for signing. This is only returned after Creating a SAML App.
- client
Id String - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- client
Secret String - OpenId Connet Client Secret
- issuer String
- Issuer of app. This is only returned after Creating a SAML App.
- metadata
Url String - ID of the apps underlying connector. This is only returned after Creating a SAML App.
AppSsoCertificate, AppSsoCertificateArgs
Package Details
- Repository
- onelogin pulumi/pulumi-onelogin
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
onelogin
Terraform Provider.