Docs Home
spectrocloud 0.23.5 published on Sunday, Apr 20, 2025 by spectrocloud
spectrocloud.Sso
Explore with Pulumi AI
spectrocloud 0.23.5 published on Sunday, Apr 20, 2025 by spectrocloud
Palette supports Single Sign-On (SSO) with a variety of Identity Providers (IDP). You can enable SSO in Palette by using the following protocols for authentication and authorization.SSO Setting guide.
The spectrocloud.Sso resource enforces Single Sign-On (SSO) settings. By default, it is configured with Palette’s default values. Users can customize settings as needed. Destroying the spectrocloud.Sso resource SSO set to none.
Example Usage
An example of managing an developer setting in Palette.
import * as pulumi from "@pulumi/pulumi";
import * as spectrocloud from "@pulumi/spectrocloud";
const team = spectrocloud.getTeam({
name: "Tenant Admin",
});
const ssoSetting = new spectrocloud.Sso("ssoSetting", {
ssoAuthType: "saml",
domains: [
"test.com",
"test-login.com",
],
authProviders: [
"github",
"google",
],
saml: {
serviceProvider: "Microsoft ADFS",
identityProviderMetadata: "<note>test</note>",
defaultTeamIds: [team.then(team => team.id)],
enableSingleLogout: true,
nameIdFormat: "name_id_format",
firstName: "testfirst",
lastName: "testlast",
email: "test@test.com",
spectroTeam: "SpectroTeam",
},
});
// oidc {
// issuer_url = "https://login.microsoftonline.com/sd8/v2.0"
// identity_provider_ca_certificate = "test certificate content"
// insecure_skip_tls_verify = false
// client_id = ""
// client_secret = ""
// default_team_ids = [data.spectrocloud_team.team.id]
// scopes = ["profile", "email"]
// first_name = "test"
// last_name = "last"
// email = "test@test.com"
// spectro_team = "groups"
// user_info_endpoint {
// first_name = "test"
// last_name = "last"
// email = "test@test.com"
// spectro_team = "groups"
// }
// }
//# import existing sso settings
//# when importing either we can import saml or oidc
//import {
// to = spectrocloud_sso.sso_setting
// id = "5eea74e9teste0dtestd3f316:saml" // tenant-uid:saml or tenant-uid:oidc
//}
import pulumi
import pulumi_spectrocloud as spectrocloud
team = spectrocloud.get_team(name="Tenant Admin")
sso_setting = spectrocloud.Sso("ssoSetting",
sso_auth_type="saml",
domains=[
"test.com",
"test-login.com",
],
auth_providers=[
"github",
"google",
],
saml={
"service_provider": "Microsoft ADFS",
"identity_provider_metadata": "<note>test</note>",
"default_team_ids": [team.id],
"enable_single_logout": True,
"name_id_format": "name_id_format",
"first_name": "testfirst",
"last_name": "testlast",
"email": "test@test.com",
"spectro_team": "SpectroTeam",
})
# oidc {
# issuer_url = "https://login.microsoftonline.com/sd8/v2.0"
# identity_provider_ca_certificate = "test certificate content"
# insecure_skip_tls_verify = false
# client_id = ""
# client_secret = ""
# default_team_ids = [data.spectrocloud_team.team.id]
# scopes = ["profile", "email"]
# first_name = "test"
# last_name = "last"
# email = "test@test.com"
# spectro_team = "groups"
# user_info_endpoint {
# first_name = "test"
# last_name = "last"
# email = "test@test.com"
# spectro_team = "groups"
# }
# }
## import existing sso settings
## when importing either we can import saml or oidc
#import {
# to = spectrocloud_sso.sso_setting
# id = "5eea74e9teste0dtestd3f316:saml" // tenant-uid:saml or tenant-uid:oidc
#}
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/spectrocloud/spectrocloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
team, err := spectrocloud.LookupTeam(ctx, &spectrocloud.LookupTeamArgs{
Name: pulumi.StringRef("Tenant Admin"),
}, nil)
if err != nil {
return err
}
_, err = spectrocloud.NewSso(ctx, "ssoSetting", &spectrocloud.SsoArgs{
SsoAuthType: pulumi.String("saml"),
Domains: pulumi.StringArray{
pulumi.String("test.com"),
pulumi.String("test-login.com"),
},
AuthProviders: pulumi.StringArray{
pulumi.String("github"),
pulumi.String("google"),
},
Saml: &spectrocloud.SsoSamlArgs{
ServiceProvider: pulumi.String("Microsoft ADFS"),
IdentityProviderMetadata: pulumi.String("<note>test</note>"),
DefaultTeamIds: pulumi.StringArray{
pulumi.String(team.Id),
},
EnableSingleLogout: pulumi.Bool(true),
NameIdFormat: pulumi.String("name_id_format"),
FirstName: pulumi.String("testfirst"),
LastName: pulumi.String("testlast"),
Email: pulumi.String("test@test.com"),
SpectroTeam: pulumi.String("SpectroTeam"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Spectrocloud = Pulumi.Spectrocloud;
return await Deployment.RunAsync(() =>
{
var team = Spectrocloud.GetTeam.Invoke(new()
{
Name = "Tenant Admin",
});
var ssoSetting = new Spectrocloud.Sso("ssoSetting", new()
{
SsoAuthType = "saml",
Domains = new[]
{
"test.com",
"test-login.com",
},
AuthProviders = new[]
{
"github",
"google",
},
Saml = new Spectrocloud.Inputs.SsoSamlArgs
{
ServiceProvider = "Microsoft ADFS",
IdentityProviderMetadata = "<note>test</note>",
DefaultTeamIds = new[]
{
team.Apply(getTeamResult => getTeamResult.Id),
},
EnableSingleLogout = true,
NameIdFormat = "name_id_format",
FirstName = "testfirst",
LastName = "testlast",
Email = "test@test.com",
SpectroTeam = "SpectroTeam",
},
});
// oidc {
// issuer_url = "https://login.microsoftonline.com/sd8/v2.0"
// identity_provider_ca_certificate = "test certificate content"
// insecure_skip_tls_verify = false
// client_id = ""
// client_secret = ""
// default_team_ids = [data.spectrocloud_team.team.id]
// scopes = ["profile", "email"]
// first_name = "test"
// last_name = "last"
// email = "test@test.com"
// spectro_team = "groups"
// user_info_endpoint {
// first_name = "test"
// last_name = "last"
// email = "test@test.com"
// spectro_team = "groups"
// }
// }
//# import existing sso settings
//# when importing either we can import saml or oidc
//import {
// to = spectrocloud_sso.sso_setting
// id = "5eea74e9teste0dtestd3f316:saml" // tenant-uid:saml or tenant-uid:oidc
//}
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.spectrocloud.SpectrocloudFunctions;
import com.pulumi.spectrocloud.inputs.GetTeamArgs;
import com.pulumi.spectrocloud.Sso;
import com.pulumi.spectrocloud.SsoArgs;
import com.pulumi.spectrocloud.inputs.SsoSamlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var team = SpectrocloudFunctions.getTeam(GetTeamArgs.builder()
.name("Tenant Admin")
.build());
var ssoSetting = new Sso("ssoSetting", SsoArgs.builder()
.ssoAuthType("saml")
.domains(
"test.com",
"test-login.com")
.authProviders(
"github",
"google")
.saml(SsoSamlArgs.builder()
.serviceProvider("Microsoft ADFS")
.identityProviderMetadata("<note>test</note>")
.defaultTeamIds(team.applyValue(getTeamResult -> getTeamResult.id()))
.enableSingleLogout(true)
.nameIdFormat("name_id_format")
.firstName("testfirst")
.lastName("testlast")
.email("test@test.com")
.spectroTeam("SpectroTeam")
.build())
.build());
// oidc {
// issuer_url = "https://login.microsoftonline.com/sd8/v2.0"
// identity_provider_ca_certificate = "test certificate content"
// insecure_skip_tls_verify = false
// client_id = ""
// client_secret = ""
// default_team_ids = [data.spectrocloud_team.team.id]
// scopes = ["profile", "email"]
// first_name = "test"
// last_name = "last"
// email = "test@test.com"
// spectro_team = "groups"
// user_info_endpoint {
// first_name = "test"
// last_name = "last"
// email = "test@test.com"
// spectro_team = "groups"
// }
// }
//# import existing sso settings
//# when importing either we can import saml or oidc
//import {
// to = spectrocloud_sso.sso_setting
// id = "5eea74e9teste0dtestd3f316:saml" // tenant-uid:saml or tenant-uid:oidc
//}
}
}
resources:
ssoSetting: ## import existing sso settings
## when importing either we can import saml or oidc
#import {
# to = spectrocloud_sso.sso_setting
# id = "5eea74e9teste0dtestd3f316:saml" // tenant-uid:saml or tenant-uid:oidc
#}
type: spectrocloud:Sso
properties:
ssoAuthType: saml
# oidc or none
domains:
- test.com
- test-login.com
authProviders:
- github
- google
saml:
serviceProvider: Microsoft ADFS
identityProviderMetadata: <note>test</note>
defaultTeamIds:
- ${team.id}
enableSingleLogout: true
nameIdFormat: name_id_format
firstName: testfirst
lastName: testlast
email: test@test.com
spectroTeam: SpectroTeam
variables:
team:
fn::invoke:
function: spectrocloud:getTeam
arguments:
name: Tenant Admin
Create Sso Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Sso(name: string, args?: SsoArgs, opts?: CustomResourceOptions);@overload
def Sso(resource_name: str,
args: Optional[SsoArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Sso(resource_name: str,
opts: Optional[ResourceOptions] = None,
auth_providers: Optional[Sequence[str]] = None,
domains: Optional[Sequence[str]] = None,
oidc: Optional[SsoOidcArgs] = None,
saml: Optional[SsoSamlArgs] = None,
sso_auth_type: Optional[str] = None,
sso_id: Optional[str] = None,
timeouts: Optional[SsoTimeoutsArgs] = None)func NewSso(ctx *Context, name string, args *SsoArgs, opts ...ResourceOption) (*Sso, error)public Sso(string name, SsoArgs? args = null, CustomResourceOptions? opts = null)type: spectrocloud:Sso
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SsoArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SsoArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SsoArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SsoArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SsoArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var ssoResource = new Spectrocloud.Sso("ssoResource", new()
{
AuthProviders = new[]
{
"string",
},
Domains = new[]
{
"string",
},
Oidc = new Spectrocloud.Inputs.SsoOidcArgs
{
IssuerUrl = "string",
ClientId = "string",
ClientSecret = "string",
SpectroTeam = "string",
Email = "string",
FirstName = "string",
Scopes = new[]
{
"string",
},
LastName = "string",
DefaultTeamIds = new[]
{
"string",
},
InsecureSkipTlsVerify = false,
LogoutUrl = "string",
IdentityProviderCaCertificate = "string",
CallbackUrl = "string",
UserInfoEndpoint = new Spectrocloud.Inputs.SsoOidcUserInfoEndpointArgs
{
Email = "string",
FirstName = "string",
LastName = "string",
SpectroTeam = "string",
},
},
Saml = new Spectrocloud.Inputs.SsoSamlArgs
{
IdentityProviderMetadata = "string",
ServiceProvider = "string",
NameIdFormat = "string",
EnableSingleLogout = false,
EntityId = "string",
FirstName = "string",
Certificate = "string",
Issuer = "string",
LastName = "string",
LoginUrl = "string",
Email = "string",
DefaultTeamIds = new[]
{
"string",
},
ServiceProviderMetadata = "string",
SingleLogoutUrl = "string",
SpectroTeam = "string",
},
SsoAuthType = "string",
SsoId = "string",
Timeouts = new Spectrocloud.Inputs.SsoTimeoutsArgs
{
Create = "string",
Delete = "string",
Update = "string",
},
});
example, err := spectrocloud.NewSso(ctx, "ssoResource", &spectrocloud.SsoArgs{
AuthProviders: pulumi.StringArray{
pulumi.String("string"),
},
Domains: pulumi.StringArray{
pulumi.String("string"),
},
Oidc: &spectrocloud.SsoOidcArgs{
IssuerUrl: pulumi.String("string"),
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
SpectroTeam: pulumi.String("string"),
Email: pulumi.String("string"),
FirstName: pulumi.String("string"),
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
LastName: pulumi.String("string"),
DefaultTeamIds: pulumi.StringArray{
pulumi.String("string"),
},
InsecureSkipTlsVerify: pulumi.Bool(false),
LogoutUrl: pulumi.String("string"),
IdentityProviderCaCertificate: pulumi.String("string"),
CallbackUrl: pulumi.String("string"),
UserInfoEndpoint: &spectrocloud.SsoOidcUserInfoEndpointArgs{
Email: pulumi.String("string"),
FirstName: pulumi.String("string"),
LastName: pulumi.String("string"),
SpectroTeam: pulumi.String("string"),
},
},
Saml: &spectrocloud.SsoSamlArgs{
IdentityProviderMetadata: pulumi.String("string"),
ServiceProvider: pulumi.String("string"),
NameIdFormat: pulumi.String("string"),
EnableSingleLogout: pulumi.Bool(false),
EntityId: pulumi.String("string"),
FirstName: pulumi.String("string"),
Certificate: pulumi.String("string"),
Issuer: pulumi.String("string"),
LastName: pulumi.String("string"),
LoginUrl: pulumi.String("string"),
Email: pulumi.String("string"),
DefaultTeamIds: pulumi.StringArray{
pulumi.String("string"),
},
ServiceProviderMetadata: pulumi.String("string"),
SingleLogoutUrl: pulumi.String("string"),
SpectroTeam: pulumi.String("string"),
},
SsoAuthType: pulumi.String("string"),
SsoId: pulumi.String("string"),
Timeouts: &spectrocloud.SsoTimeoutsArgs{
Create: pulumi.String("string"),
Delete: pulumi.String("string"),
Update: pulumi.String("string"),
},
})
var ssoResource = new Sso("ssoResource", SsoArgs.builder()
.authProviders("string")
.domains("string")
.oidc(SsoOidcArgs.builder()
.issuerUrl("string")
.clientId("string")
.clientSecret("string")
.spectroTeam("string")
.email("string")
.firstName("string")
.scopes("string")
.lastName("string")
.defaultTeamIds("string")
.insecureSkipTlsVerify(false)
.logoutUrl("string")
.identityProviderCaCertificate("string")
.callbackUrl("string")
.userInfoEndpoint(SsoOidcUserInfoEndpointArgs.builder()
.email("string")
.firstName("string")
.lastName("string")
.spectroTeam("string")
.build())
.build())
.saml(SsoSamlArgs.builder()
.identityProviderMetadata("string")
.serviceProvider("string")
.nameIdFormat("string")
.enableSingleLogout(false)
.entityId("string")
.firstName("string")
.certificate("string")
.issuer("string")
.lastName("string")
.loginUrl("string")
.email("string")
.defaultTeamIds("string")
.serviceProviderMetadata("string")
.singleLogoutUrl("string")
.spectroTeam("string")
.build())
.ssoAuthType("string")
.ssoId("string")
.timeouts(SsoTimeoutsArgs.builder()
.create("string")
.delete("string")
.update("string")
.build())
.build());
sso_resource = spectrocloud.Sso("ssoResource",
auth_providers=["string"],
domains=["string"],
oidc={
"issuer_url": "string",
"client_id": "string",
"client_secret": "string",
"spectro_team": "string",
"email": "string",
"first_name": "string",
"scopes": ["string"],
"last_name": "string",
"default_team_ids": ["string"],
"insecure_skip_tls_verify": False,
"logout_url": "string",
"identity_provider_ca_certificate": "string",
"callback_url": "string",
"user_info_endpoint": {
"email": "string",
"first_name": "string",
"last_name": "string",
"spectro_team": "string",
},
},
saml={
"identity_provider_metadata": "string",
"service_provider": "string",
"name_id_format": "string",
"enable_single_logout": False,
"entity_id": "string",
"first_name": "string",
"certificate": "string",
"issuer": "string",
"last_name": "string",
"login_url": "string",
"email": "string",
"default_team_ids": ["string"],
"service_provider_metadata": "string",
"single_logout_url": "string",
"spectro_team": "string",
},
sso_auth_type="string",
sso_id="string",
timeouts={
"create": "string",
"delete": "string",
"update": "string",
})
const ssoResource = new spectrocloud.Sso("ssoResource", {
authProviders: ["string"],
domains: ["string"],
oidc: {
issuerUrl: "string",
clientId: "string",
clientSecret: "string",
spectroTeam: "string",
email: "string",
firstName: "string",
scopes: ["string"],
lastName: "string",
defaultTeamIds: ["string"],
insecureSkipTlsVerify: false,
logoutUrl: "string",
identityProviderCaCertificate: "string",
callbackUrl: "string",
userInfoEndpoint: {
email: "string",
firstName: "string",
lastName: "string",
spectroTeam: "string",
},
},
saml: {
identityProviderMetadata: "string",
serviceProvider: "string",
nameIdFormat: "string",
enableSingleLogout: false,
entityId: "string",
firstName: "string",
certificate: "string",
issuer: "string",
lastName: "string",
loginUrl: "string",
email: "string",
defaultTeamIds: ["string"],
serviceProviderMetadata: "string",
singleLogoutUrl: "string",
spectroTeam: "string",
},
ssoAuthType: "string",
ssoId: "string",
timeouts: {
create: "string",
"delete": "string",
update: "string",
},
});
type: spectrocloud:Sso
properties:
authProviders:
- string
domains:
- string
oidc:
callbackUrl: string
clientId: string
clientSecret: string
defaultTeamIds:
- string
email: string
firstName: string
identityProviderCaCertificate: string
insecureSkipTlsVerify: false
issuerUrl: string
lastName: string
logoutUrl: string
scopes:
- string
spectroTeam: string
userInfoEndpoint:
email: string
firstName: string
lastName: string
spectroTeam: string
saml:
certificate: string
defaultTeamIds:
- string
email: string
enableSingleLogout: false
entityId: string
firstName: string
identityProviderMetadata: string
issuer: string
lastName: string
loginUrl: string
nameIdFormat: string
serviceProvider: string
serviceProviderMetadata: string
singleLogoutUrl: string
spectroTeam: string
ssoAuthType: string
ssoId: string
timeouts:
create: string
delete: string
update: string
Sso Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Sso resource accepts the following input properties:
- Auth
Providers List<string> - A set of external authentication providers such as GitHub and Google.
- Domains List<string>
- A set of domains associated with the SSO configuration.
- Oidc
Sso
Oidc - Saml
Sso
Saml - Configuration for Security Assertion Markup Language (SAML) authentication.
- Sso
Auth stringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- Sso
Id string - The ID of this resource.
- Timeouts
Sso
Timeouts
- Auth
Providers []string - A set of external authentication providers such as GitHub and Google.
- Domains []string
- A set of domains associated with the SSO configuration.
- Oidc
Sso
Oidc Args - Saml
Sso
Saml Args - Configuration for Security Assertion Markup Language (SAML) authentication.
- Sso
Auth stringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- Sso
Id string - The ID of this resource.
- Timeouts
Sso
Timeouts Args
- auth
Providers List<String> - A set of external authentication providers such as GitHub and Google.
- domains List<String>
- A set of domains associated with the SSO configuration.
- oidc
Sso
Oidc - saml
Sso
Saml - Configuration for Security Assertion Markup Language (SAML) authentication.
- sso
Auth StringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- sso
Id String - The ID of this resource.
- timeouts
Sso
Timeouts
- auth
Providers string[] - A set of external authentication providers such as GitHub and Google.
- domains string[]
- A set of domains associated with the SSO configuration.
- oidc
Sso
Oidc - saml
Sso
Saml - Configuration for Security Assertion Markup Language (SAML) authentication.
- sso
Auth stringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- sso
Id string - The ID of this resource.
- timeouts
Sso
Timeouts
- auth_
providers Sequence[str] - A set of external authentication providers such as GitHub and Google.
- domains Sequence[str]
- A set of domains associated with the SSO configuration.
- oidc
Sso
Oidc Args - saml
Sso
Saml Args - Configuration for Security Assertion Markup Language (SAML) authentication.
- sso_
auth_ strtype - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- sso_
id str - The ID of this resource.
- timeouts
Sso
Timeouts Args
- auth
Providers List<String> - A set of external authentication providers such as GitHub and Google.
- domains List<String>
- A set of domains associated with the SSO configuration.
- oidc Property Map
- saml Property Map
- Configuration for Security Assertion Markup Language (SAML) authentication.
- sso
Auth StringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- sso
Id String - The ID of this resource.
- timeouts Property Map
Outputs
All input properties are implicitly available as output properties. Additionally, the Sso resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Sso Resource
Get an existing Sso resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SsoState, opts?: CustomResourceOptions): Sso@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auth_providers: Optional[Sequence[str]] = None,
domains: Optional[Sequence[str]] = None,
oidc: Optional[SsoOidcArgs] = None,
saml: Optional[SsoSamlArgs] = None,
sso_auth_type: Optional[str] = None,
sso_id: Optional[str] = None,
timeouts: Optional[SsoTimeoutsArgs] = None) -> Ssofunc GetSso(ctx *Context, name string, id IDInput, state *SsoState, opts ...ResourceOption) (*Sso, error)public static Sso Get(string name, Input<string> id, SsoState? state, CustomResourceOptions? opts = null)public static Sso get(String name, Output<String> id, SsoState state, CustomResourceOptions options)resources: _: type: spectrocloud:Sso get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Auth
Providers List<string> - A set of external authentication providers such as GitHub and Google.
- Domains List<string>
- A set of domains associated with the SSO configuration.
- Oidc
Sso
Oidc - Saml
Sso
Saml - Configuration for Security Assertion Markup Language (SAML) authentication.
- Sso
Auth stringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- Sso
Id string - The ID of this resource.
- Timeouts
Sso
Timeouts
- Auth
Providers []string - A set of external authentication providers such as GitHub and Google.
- Domains []string
- A set of domains associated with the SSO configuration.
- Oidc
Sso
Oidc Args - Saml
Sso
Saml Args - Configuration for Security Assertion Markup Language (SAML) authentication.
- Sso
Auth stringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- Sso
Id string - The ID of this resource.
- Timeouts
Sso
Timeouts Args
- auth
Providers List<String> - A set of external authentication providers such as GitHub and Google.
- domains List<String>
- A set of domains associated with the SSO configuration.
- oidc
Sso
Oidc - saml
Sso
Saml - Configuration for Security Assertion Markup Language (SAML) authentication.
- sso
Auth StringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- sso
Id String - The ID of this resource.
- timeouts
Sso
Timeouts
- auth
Providers string[] - A set of external authentication providers such as GitHub and Google.
- domains string[]
- A set of domains associated with the SSO configuration.
- oidc
Sso
Oidc - saml
Sso
Saml - Configuration for Security Assertion Markup Language (SAML) authentication.
- sso
Auth stringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- sso
Id string - The ID of this resource.
- timeouts
Sso
Timeouts
- auth_
providers Sequence[str] - A set of external authentication providers such as GitHub and Google.
- domains Sequence[str]
- A set of domains associated with the SSO configuration.
- oidc
Sso
Oidc Args - saml
Sso
Saml Args - Configuration for Security Assertion Markup Language (SAML) authentication.
- sso_
auth_ strtype - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- sso_
id str - The ID of this resource.
- timeouts
Sso
Timeouts Args
- auth
Providers List<String> - A set of external authentication providers such as GitHub and Google.
- domains List<String>
- A set of domains associated with the SSO configuration.
- oidc Property Map
- saml Property Map
- Configuration for Security Assertion Markup Language (SAML) authentication.
- sso
Auth StringType - Defines the type of SSO authentication. Supported values: none, saml, oidc.
- sso
Id String - The ID of this resource.
- timeouts Property Map
Supporting Types
SsoOidc, SsoOidcArgs
- Client
Id string - Client ID for OIDC authentication.
- Client
Secret string - Client secret for OIDC authentication (sensitive).
- Email string
- User's email address retrieved from identity provider.
- First
Name string - User's first name retrieved from identity provider.
- Issuer
Url string - URL of the OIDC issuer.
- Last
Name string - User's last name retrieved from identity provider.
- Scopes List<string>
- Scopes requested during OIDC authentication.
- Spectro
Team string - The SpectroCloud team the user belongs to.
- Callback
Url string - URL to which the identity provider redirects after authentication.
- Default
Team List<string>Ids - A set of default team IDs assigned to users.
- Identity
Provider stringCa Certificate - Certificate authority (CA) certificate for the identity provider.
- Insecure
Skip boolTls Verify - Boolean to skip TLS verification for identity provider communication.
- Logout
Url string - URL used for logging out of the OIDC session.
- User
Info SsoEndpoint Oidc User Info Endpoint - To allow Palette to query the OIDC userinfo endpoint using the provided Issuer URL. Palette will first attempt to retrieve role and group information from userInfo endpoint. If unavailable, Palette will fall back to using Required Claims as specified above. Use the following fields to specify what Required Claims Palette will include when querying the userinfo endpoint.
- Client
Id string - Client ID for OIDC authentication.
- Client
Secret string - Client secret for OIDC authentication (sensitive).
- Email string
- User's email address retrieved from identity provider.
- First
Name string - User's first name retrieved from identity provider.
- Issuer
Url string - URL of the OIDC issuer.
- Last
Name string - User's last name retrieved from identity provider.
- Scopes []string
- Scopes requested during OIDC authentication.
- Spectro
Team string - The SpectroCloud team the user belongs to.
- Callback
Url string - URL to which the identity provider redirects after authentication.
- Default
Team []stringIds - A set of default team IDs assigned to users.
- Identity
Provider stringCa Certificate - Certificate authority (CA) certificate for the identity provider.
- Insecure
Skip boolTls Verify - Boolean to skip TLS verification for identity provider communication.
- Logout
Url string - URL used for logging out of the OIDC session.
- User
Info SsoEndpoint Oidc User Info Endpoint - To allow Palette to query the OIDC userinfo endpoint using the provided Issuer URL. Palette will first attempt to retrieve role and group information from userInfo endpoint. If unavailable, Palette will fall back to using Required Claims as specified above. Use the following fields to specify what Required Claims Palette will include when querying the userinfo endpoint.
- client
Id String - Client ID for OIDC authentication.
- client
Secret String - Client secret for OIDC authentication (sensitive).
- email String
- User's email address retrieved from identity provider.
- first
Name String - User's first name retrieved from identity provider.
- issuer
Url String - URL of the OIDC issuer.
- last
Name String - User's last name retrieved from identity provider.
- scopes List<String>
- Scopes requested during OIDC authentication.
- spectro
Team String - The SpectroCloud team the user belongs to.
- callback
Url String - URL to which the identity provider redirects after authentication.
- default
Team List<String>Ids - A set of default team IDs assigned to users.
- identity
Provider StringCa Certificate - Certificate authority (CA) certificate for the identity provider.
- insecure
Skip BooleanTls Verify - Boolean to skip TLS verification for identity provider communication.
- logout
Url String - URL used for logging out of the OIDC session.
- user
Info SsoEndpoint Oidc User Info Endpoint - To allow Palette to query the OIDC userinfo endpoint using the provided Issuer URL. Palette will first attempt to retrieve role and group information from userInfo endpoint. If unavailable, Palette will fall back to using Required Claims as specified above. Use the following fields to specify what Required Claims Palette will include when querying the userinfo endpoint.
- client
Id string - Client ID for OIDC authentication.
- client
Secret string - Client secret for OIDC authentication (sensitive).
- email string
- User's email address retrieved from identity provider.
- first
Name string - User's first name retrieved from identity provider.
- issuer
Url string - URL of the OIDC issuer.
- last
Name string - User's last name retrieved from identity provider.
- scopes string[]
- Scopes requested during OIDC authentication.
- spectro
Team string - The SpectroCloud team the user belongs to.
- callback
Url string - URL to which the identity provider redirects after authentication.
- default
Team string[]Ids - A set of default team IDs assigned to users.
- identity
Provider stringCa Certificate - Certificate authority (CA) certificate for the identity provider.
- insecure
Skip booleanTls Verify - Boolean to skip TLS verification for identity provider communication.
- logout
Url string - URL used for logging out of the OIDC session.
- user
Info SsoEndpoint Oidc User Info Endpoint - To allow Palette to query the OIDC userinfo endpoint using the provided Issuer URL. Palette will first attempt to retrieve role and group information from userInfo endpoint. If unavailable, Palette will fall back to using Required Claims as specified above. Use the following fields to specify what Required Claims Palette will include when querying the userinfo endpoint.
- client_
id str - Client ID for OIDC authentication.
- client_
secret str - Client secret for OIDC authentication (sensitive).
- email str
- User's email address retrieved from identity provider.
- first_
name str - User's first name retrieved from identity provider.
- issuer_
url str - URL of the OIDC issuer.
- last_
name str - User's last name retrieved from identity provider.
- scopes Sequence[str]
- Scopes requested during OIDC authentication.
- spectro_
team str - The SpectroCloud team the user belongs to.
- callback_
url str - URL to which the identity provider redirects after authentication.
- default_
team_ Sequence[str]ids - A set of default team IDs assigned to users.
- identity_
provider_ strca_ certificate - Certificate authority (CA) certificate for the identity provider.
- insecure_
skip_ booltls_ verify - Boolean to skip TLS verification for identity provider communication.
- logout_
url str - URL used for logging out of the OIDC session.
- user_
info_ Ssoendpoint Oidc User Info Endpoint - To allow Palette to query the OIDC userinfo endpoint using the provided Issuer URL. Palette will first attempt to retrieve role and group information from userInfo endpoint. If unavailable, Palette will fall back to using Required Claims as specified above. Use the following fields to specify what Required Claims Palette will include when querying the userinfo endpoint.
- client
Id String - Client ID for OIDC authentication.
- client
Secret String - Client secret for OIDC authentication (sensitive).
- email String
- User's email address retrieved from identity provider.
- first
Name String - User's first name retrieved from identity provider.
- issuer
Url String - URL of the OIDC issuer.
- last
Name String - User's last name retrieved from identity provider.
- scopes List<String>
- Scopes requested during OIDC authentication.
- spectro
Team String - The SpectroCloud team the user belongs to.
- callback
Url String - URL to which the identity provider redirects after authentication.
- default
Team List<String>Ids - A set of default team IDs assigned to users.
- identity
Provider StringCa Certificate - Certificate authority (CA) certificate for the identity provider.
- insecure
Skip BooleanTls Verify - Boolean to skip TLS verification for identity provider communication.
- logout
Url String - URL used for logging out of the OIDC session.
- user
Info Property MapEndpoint - To allow Palette to query the OIDC userinfo endpoint using the provided Issuer URL. Palette will first attempt to retrieve role and group information from userInfo endpoint. If unavailable, Palette will fall back to using Required Claims as specified above. Use the following fields to specify what Required Claims Palette will include when querying the userinfo endpoint.
SsoOidcUserInfoEndpoint, SsoOidcUserInfoEndpointArgs
- Email string
- User's email address retrieved from identity provider.
- First
Name string - User's first name retrieved from identity provider.
- Last
Name string - User's last name retrieved from identity provider.
- Spectro
Team string - The SpectroCloud team the user belongs to.
- Email string
- User's email address retrieved from identity provider.
- First
Name string - User's first name retrieved from identity provider.
- Last
Name string - User's last name retrieved from identity provider.
- Spectro
Team string - The SpectroCloud team the user belongs to.
- email String
- User's email address retrieved from identity provider.
- first
Name String - User's first name retrieved from identity provider.
- last
Name String - User's last name retrieved from identity provider.
- spectro
Team String - The SpectroCloud team the user belongs to.
- email string
- User's email address retrieved from identity provider.
- first
Name string - User's first name retrieved from identity provider.
- last
Name string - User's last name retrieved from identity provider.
- spectro
Team string - The SpectroCloud team the user belongs to.
- email str
- User's email address retrieved from identity provider.
- first_
name str - User's first name retrieved from identity provider.
- last_
name str - User's last name retrieved from identity provider.
- spectro_
team str - The SpectroCloud team the user belongs to.
- email String
- User's email address retrieved from identity provider.
- first
Name String - User's first name retrieved from identity provider.
- last
Name String - User's last name retrieved from identity provider.
- spectro
Team String - The SpectroCloud team the user belongs to.
SsoSaml, SsoSamlArgs
- Identity
Provider stringMetadata - Metadata XML of the SAML identity provider.
- Name
Id stringFormat - Format of the NameID attribute in SAML responses.
- Service
Provider string - The identity provider service used for SAML authentication.
- Certificate string
- Certificate for SAML authentication.
- Default
Team List<string>Ids - A set of default team IDs assigned to users.
- Email string
- User's email address retrieved from identity provider.
- Enable
Single boolLogout - Boolean to enable SAML single logout feature.
- Entity
Id string - Entity ID used to identify the service provider.
- First
Name string - User's first name retrieved from identity provider.
- Issuer string
- SAML identity provider issuer URL.
- Last
Name string - User's last name retrieved from identity provider.
- Login
Url string - Login URL for the SAML identity provider.
- Service
Provider stringMetadata - Metadata XML of the SAML service provider.
- Single
Logout stringUrl - URL used for initiating SAML single logout.
- Spectro
Team string - The SpectroCloud team the user belongs to.
- Identity
Provider stringMetadata - Metadata XML of the SAML identity provider.
- Name
Id stringFormat - Format of the NameID attribute in SAML responses.
- Service
Provider string - The identity provider service used for SAML authentication.
- Certificate string
- Certificate for SAML authentication.
- Default
Team []stringIds - A set of default team IDs assigned to users.
- Email string
- User's email address retrieved from identity provider.
- Enable
Single boolLogout - Boolean to enable SAML single logout feature.
- Entity
Id string - Entity ID used to identify the service provider.
- First
Name string - User's first name retrieved from identity provider.
- Issuer string
- SAML identity provider issuer URL.
- Last
Name string - User's last name retrieved from identity provider.
- Login
Url string - Login URL for the SAML identity provider.
- Service
Provider stringMetadata - Metadata XML of the SAML service provider.
- Single
Logout stringUrl - URL used for initiating SAML single logout.
- Spectro
Team string - The SpectroCloud team the user belongs to.
- identity
Provider StringMetadata - Metadata XML of the SAML identity provider.
- name
Id StringFormat - Format of the NameID attribute in SAML responses.
- service
Provider String - The identity provider service used for SAML authentication.
- certificate String
- Certificate for SAML authentication.
- default
Team List<String>Ids - A set of default team IDs assigned to users.
- email String
- User's email address retrieved from identity provider.
- enable
Single BooleanLogout - Boolean to enable SAML single logout feature.
- entity
Id String - Entity ID used to identify the service provider.
- first
Name String - User's first name retrieved from identity provider.
- issuer String
- SAML identity provider issuer URL.
- last
Name String - User's last name retrieved from identity provider.
- login
Url String - Login URL for the SAML identity provider.
- service
Provider StringMetadata - Metadata XML of the SAML service provider.
- single
Logout StringUrl - URL used for initiating SAML single logout.
- spectro
Team String - The SpectroCloud team the user belongs to.
- identity
Provider stringMetadata - Metadata XML of the SAML identity provider.
- name
Id stringFormat - Format of the NameID attribute in SAML responses.
- service
Provider string - The identity provider service used for SAML authentication.
- certificate string
- Certificate for SAML authentication.
- default
Team string[]Ids - A set of default team IDs assigned to users.
- email string
- User's email address retrieved from identity provider.
- enable
Single booleanLogout - Boolean to enable SAML single logout feature.
- entity
Id string - Entity ID used to identify the service provider.
- first
Name string - User's first name retrieved from identity provider.
- issuer string
- SAML identity provider issuer URL.
- last
Name string - User's last name retrieved from identity provider.
- login
Url string - Login URL for the SAML identity provider.
- service
Provider stringMetadata - Metadata XML of the SAML service provider.
- single
Logout stringUrl - URL used for initiating SAML single logout.
- spectro
Team string - The SpectroCloud team the user belongs to.
- identity_
provider_ strmetadata - Metadata XML of the SAML identity provider.
- name_
id_ strformat - Format of the NameID attribute in SAML responses.
- service_
provider str - The identity provider service used for SAML authentication.
- certificate str
- Certificate for SAML authentication.
- default_
team_ Sequence[str]ids - A set of default team IDs assigned to users.
- email str
- User's email address retrieved from identity provider.
- enable_
single_ boollogout - Boolean to enable SAML single logout feature.
- entity_
id str - Entity ID used to identify the service provider.
- first_
name str - User's first name retrieved from identity provider.
- issuer str
- SAML identity provider issuer URL.
- last_
name str - User's last name retrieved from identity provider.
- login_
url str - Login URL for the SAML identity provider.
- service_
provider_ strmetadata - Metadata XML of the SAML service provider.
- single_
logout_ strurl - URL used for initiating SAML single logout.
- spectro_
team str - The SpectroCloud team the user belongs to.
- identity
Provider StringMetadata - Metadata XML of the SAML identity provider.
- name
Id StringFormat - Format of the NameID attribute in SAML responses.
- service
Provider String - The identity provider service used for SAML authentication.
- certificate String
- Certificate for SAML authentication.
- default
Team List<String>Ids - A set of default team IDs assigned to users.
- email String
- User's email address retrieved from identity provider.
- enable
Single BooleanLogout - Boolean to enable SAML single logout feature.
- entity
Id String - Entity ID used to identify the service provider.
- first
Name String - User's first name retrieved from identity provider.
- issuer String
- SAML identity provider issuer URL.
- last
Name String - User's last name retrieved from identity provider.
- login
Url String - Login URL for the SAML identity provider.
- service
Provider StringMetadata - Metadata XML of the SAML service provider.
- single
Logout StringUrl - URL used for initiating SAML single logout.
- spectro
Team String - The SpectroCloud team the user belongs to.
SsoTimeouts, SsoTimeoutsArgs
Package Details
- Repository
- spectrocloud spectrocloud/terraform-provider-spectrocloud
- License
- Notes
- This Pulumi package is based on the
spectrocloudTerraform Provider.
spectrocloud 0.23.5 published on Sunday, Apr 20, 2025 by spectrocloud