Authorization
data class AuthorizationServerArgs(val apiManagementName: Output<String>? = null, val authorizationEndpoint: Output<String>? = null, val authorizationMethods: Output<List<String>>? = null, val bearerTokenSendingMethods: Output<List<String>>? = null, val clientAuthenticationMethods: Output<List<String>>? = null, val clientId: Output<String>? = null, val clientRegistrationEndpoint: Output<String>? = null, val clientSecret: Output<String>? = null, val defaultScope: Output<String>? = null, val description: Output<String>? = null, val displayName: Output<String>? = null, val grantTypes: Output<List<String>>? = null, val name: Output<String>? = null, val resourceGroupName: Output<String>? = null, val resourceOwnerPassword: Output<String>? = null, val resourceOwnerUsername: Output<String>? = null, val supportState: Output<Boolean>? = null, val tokenBodyParameters: Output<List<AuthorizationServerTokenBodyParameterArgs>>? = null, val tokenEndpoint: Output<String>? = null) : ConvertibleToJava<AuthorizationServerArgs>
Manages an Authorization Server within an API Management Service.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = azure.apimanagement.getService({
name: "search-api",
resourceGroupName: "search-service",
});
const exampleAuthorizationServer = new azure.apimanagement.AuthorizationServer("example", {
name: "test-server",
apiManagementName: example.then(example => example.name),
resourceGroupName: example.then(example => example.resourceGroupName),
displayName: "Test Server",
authorizationEndpoint: "https://example.mydomain.com/client/authorize",
clientId: "42424242-4242-4242-4242-424242424242",
clientRegistrationEndpoint: "https://example.mydomain.com/client/register",
grantTypes: ["authorizationCode"],
authorizationMethods: ["GET"],
});Content copied to clipboard
import pulumi
import pulumi_azure as azure
example = azure.apimanagement.get_service(name="search-api",
resource_group_name="search-service")
example_authorization_server = azure.apimanagement.AuthorizationServer("example",
name="test-server",
api_management_name=example.name,
resource_group_name=example.resource_group_name,
display_name="Test Server",
authorization_endpoint="https://example.mydomain.com/client/authorize",
client_id="42424242-4242-4242-4242-424242424242",
client_registration_endpoint="https://example.mydomain.com/client/register",
grant_types=["authorizationCode"],
authorization_methods=["GET"])Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = Azure.ApiManagement.GetService.Invoke(new()
{
Name = "search-api",
ResourceGroupName = "search-service",
});
var exampleAuthorizationServer = new Azure.ApiManagement.AuthorizationServer("example", new()
{
Name = "test-server",
ApiManagementName = example.Apply(getServiceResult => getServiceResult.Name),
ResourceGroupName = example.Apply(getServiceResult => getServiceResult.ResourceGroupName),
DisplayName = "Test Server",
AuthorizationEndpoint = "https://example.mydomain.com/client/authorize",
ClientId = "42424242-4242-4242-4242-424242424242",
ClientRegistrationEndpoint = "https://example.mydomain.com/client/register",
GrantTypes = new[]
{
"authorizationCode",
},
AuthorizationMethods = new[]
{
"GET",
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/apimanagement"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := apimanagement.LookupService(ctx, &apimanagement.LookupServiceArgs{
Name: "search-api",
ResourceGroupName: "search-service",
}, nil)
if err != nil {
return err
}
_, err = apimanagement.NewAuthorizationServer(ctx, "example", &apimanagement.AuthorizationServerArgs{
Name: pulumi.String("test-server"),
ApiManagementName: pulumi.String(example.Name),
ResourceGroupName: pulumi.String(example.ResourceGroupName),
DisplayName: pulumi.String("Test Server"),
AuthorizationEndpoint: pulumi.String("https://example.mydomain.com/client/authorize"),
ClientId: pulumi.String("42424242-4242-4242-4242-424242424242"),
ClientRegistrationEndpoint: pulumi.String("https://example.mydomain.com/client/register"),
GrantTypes: pulumi.StringArray{
pulumi.String("authorizationCode"),
},
AuthorizationMethods: pulumi.StringArray{
pulumi.String("GET"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.apimanagement.ApimanagementFunctions;
import com.pulumi.azure.apimanagement.inputs.GetServiceArgs;
import com.pulumi.azure.apimanagement.AuthorizationServer;
import com.pulumi.azure.apimanagement.AuthorizationServerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = ApimanagementFunctions.getService(GetServiceArgs.builder()
.name("search-api")
.resourceGroupName("search-service")
.build());
var exampleAuthorizationServer = new AuthorizationServer("exampleAuthorizationServer", AuthorizationServerArgs.builder()
.name("test-server")
.apiManagementName(example.name())
.resourceGroupName(example.resourceGroupName())
.displayName("Test Server")
.authorizationEndpoint("https://example.mydomain.com/client/authorize")
.clientId("42424242-4242-4242-4242-424242424242")
.clientRegistrationEndpoint("https://example.mydomain.com/client/register")
.grantTypes("authorizationCode")
.authorizationMethods("GET")
.build());
}
}Content copied to clipboard
resources:
exampleAuthorizationServer:
type: azure:apimanagement:AuthorizationServer
name: example
properties:
name: test-server
apiManagementName: ${example.name}
resourceGroupName: ${example.resourceGroupName}
displayName: Test Server
authorizationEndpoint: https://example.mydomain.com/client/authorize
clientId: 42424242-4242-4242-4242-424242424242
clientRegistrationEndpoint: https://example.mydomain.com/client/register
grantTypes:
- authorizationCode
authorizationMethods:
- GET
variables:
example:
fn::invoke:
function: azure:apimanagement:getService
arguments:
name: search-api
resourceGroupName: search-serviceContent copied to clipboard
API Providers
This resource uses the following Azure API Providers:
Microsoft.ApiManagement: 2022-08-01
Import
API Management Authorization Servers can be imported using the resource id, e.g.
$ pulumi import azure:apimanagement/authorizationServer:AuthorizationServer example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.ApiManagement/service/service1/authorizationServers/server1Content copied to clipboard
Constructors
Link copied to clipboard
constructor(apiManagementName: Output<String>? = null, authorizationEndpoint: Output<String>? = null, authorizationMethods: Output<List<String>>? = null, bearerTokenSendingMethods: Output<List<String>>? = null, clientAuthenticationMethods: Output<List<String>>? = null, clientId: Output<String>? = null, clientRegistrationEndpoint: Output<String>? = null, clientSecret: Output<String>? = null, defaultScope: Output<String>? = null, description: Output<String>? = null, displayName: Output<String>? = null, grantTypes: Output<List<String>>? = null, name: Output<String>? = null, resourceGroupName: Output<String>? = null, resourceOwnerPassword: Output<String>? = null, resourceOwnerUsername: Output<String>? = null, supportState: Output<Boolean>? = null, tokenBodyParameters: Output<List<AuthorizationServerTokenBodyParameterArgs>>? = null, tokenEndpoint: Output<String>? = null)
Properties
Link copied to clipboard
The name of the API Management Service in which this Authorization Server should be created. Changing this forces a new resource to be created.
Link copied to clipboard
The OAUTH Authorization Endpoint.
Link copied to clipboard
The HTTP Verbs supported by the Authorization Endpoint. Possible values are DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT and TRACE.
Link copied to clipboard
The mechanism by which Access Tokens are passed to the API. Possible values are authorizationHeader and query.
Link copied to clipboard
The Authentication Methods supported by the Token endpoint of this Authorization Server.. Possible values are Basic and Body.
Link copied to clipboard
The URI of page where Client/App Registration is performed for this Authorization Server.
Link copied to clipboard
The Client/App Secret registered with this Authorization Server.
Link copied to clipboard
The Default Scope used when requesting an Access Token, specified as a string containing space-delimited values.
Link copied to clipboard
A description of the Authorization Server, which may contain HTML formatting tags.
Link copied to clipboard
The user-friendly name of this Authorization Server.
Link copied to clipboard
Form of Authorization Grants required when requesting an Access Token. Possible values are authorizationCode, clientCredentials, implicit and resourceOwnerPassword.
Link copied to clipboard
The name of the Resource Group in which the API Management Service exists. Changing this forces a new resource to be created.
Link copied to clipboard
The password associated with the Resource Owner.
Link copied to clipboard
The username associated with the Resource Owner.
Link copied to clipboard
Does this Authorization Server support State? If this is set to true the client may use the state parameter to raise protocol security.
Link copied to clipboard
A token_body_parameter block as defined below.
Link copied to clipboard
The OAUTH Token Endpoint.