pulumi-cloudflare-kotlin/com.pulumi.cloudflare.kotlin.outputs/AccessIdentityProviderConfig

AccessIdentityProviderConfig

data class AccessIdentityProviderConfig(val appsDomain: String? = null, val attributes: List<String>? = null, val authUrl: String? = null, val authorizationServerId: String? = null, val centrifyAccount: String? = null, val centrifyAppId: String? = null, val certsUrl: String? = null, val claims: List<String>? = null, val clientId: String? = null, val clientSecret: String? = null, val conditionalAccessEnabled: Boolean? = null, val directoryId: String? = null, val emailAttributeName: String? = null, val emailClaimName: String? = null, val headerAttributes: List<AccessIdentityProviderConfigHeaderAttribute>? = null, val idpPublicCerts: List<String>? = null, val issuerUrl: String? = null, val oktaAccount: String? = null, val oneloginAccount: String? = null, val pingEnvId: String? = null, val pkceEnabled: Boolean? = null, val prompt: String? = null, val redirectUrl: String? = null, val scopes: List<String>? = null, val signRequest: Boolean? = null, val ssoTargetUrl: String? = null, val supportGroups: Boolean? = null, val tokenUrl: String? = null)

Constructors

Link copied to clipboard
constructor(appsDomain: String? = null, attributes: List<String>? = null, authUrl: String? = null, authorizationServerId: String? = null, centrifyAccount: String? = null, centrifyAppId: String? = null, certsUrl: String? = null, claims: List<String>? = null, clientId: String? = null, clientSecret: String? = null, conditionalAccessEnabled: Boolean? = null, directoryId: String? = null, emailAttributeName: String? = null, emailClaimName: String? = null, headerAttributes: List<AccessIdentityProviderConfigHeaderAttribute>? = null, idpPublicCerts: List<String>? = null, issuerUrl: String? = null, oktaAccount: String? = null, oneloginAccount: String? = null, pingEnvId: String? = null, pkceEnabled: Boolean? = null, prompt: String? = null, redirectUrl: String? = null, scopes: List<String>? = null, signRequest: Boolean? = null, ssoTargetUrl: String? = null, supportGroups: Boolean? = null, tokenUrl: String? = null)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val appsDomain: String? = null

Your companies TLD

Link copied to clipboard
val attributes: List<String>? = null

A list of SAML attribute names that will be added to your signed JWT token and can be used in SAML policy rules.

Link copied to clipboard
val authorizationServerId: String? = null

Your okta authorization server id

Link copied to clipboard
val authUrl: String? = null

The authorization_endpoint URL of your IdP

Link copied to clipboard
val centrifyAccount: String? = null

Your centrify account url

Link copied to clipboard
val centrifyAppId: String? = null

Your centrify app id

Link copied to clipboard
val certsUrl: String? = null

The jwks_uri endpoint of your IdP to allow the IdP keys to sign the tokens

Link copied to clipboard
val claims: List<String>? = null

Custom claims

Link copied to clipboard
val clientId: String? = null

Your OAuth Client ID

Link copied to clipboard
val clientSecret: String? = null

Your OAuth Client Secret

Link copied to clipboard
val conditionalAccessEnabled: Boolean? = null

Should Cloudflare try to load authentication contexts from your account

Link copied to clipboard
val directoryId: String? = null

Your Azure directory uuid

Link copied to clipboard
val emailAttributeName: String? = null

The attribute name for email in the SAML response.

Link copied to clipboard
val emailClaimName: String? = null

The claim name for email in the id_token response.

Link copied to clipboard
val headerAttributes: List<AccessIdentityProviderConfigHeaderAttribute>? = null

Add a list of attribute names that will be returned in the response header from the Access callback.

Link copied to clipboard
val idpPublicCerts: List<String>? = null

X509 certificate to verify the signature in the SAML authentication response

Link copied to clipboard
val issuerUrl: String? = null

IdP Entity ID or Issuer URL

Link copied to clipboard
val oktaAccount: String? = null

Your okta account url

Link copied to clipboard
val oneloginAccount: String? = null

Your OneLogin account url

Link copied to clipboard
val pingEnvId: String? = null

Your PingOne environment identifier

Link copied to clipboard
val pkceEnabled: Boolean? = null

Enable Proof Key for Code Exchange (PKCE)

Link copied to clipboard
val prompt: String? = null

Indicates the type of user interaction that is required. prompt=login forces the user to enter their credentials on that request, negating single-sign on. prompt=none is the opposite. It ensures that the user isn't presented with any interactive prompt. If the request can't be completed silently by using single-sign on, the Microsoft identity platform returns an interactionrequired error. prompt=selectaccount interrupts single sign-on providing account selection experience listing all the accounts either in session or any remembered account or an option to choose to use a different account altogether. Available values: "login", "select_account", "none".

Link copied to clipboard
val redirectUrl: String? = null
Link copied to clipboard
val scopes: List<String>? = null

OAuth scopes

Link copied to clipboard
val signRequest: Boolean? = null

Sign the SAML authentication request with Access credentials. To verify the signature, use the public key from the Access certs endpoints.

Link copied to clipboard
val ssoTargetUrl: String? = null

URL to send the SAML authentication requests to

Link copied to clipboard
val supportGroups: Boolean? = null

Should Cloudflare try to load groups from your account

Link copied to clipboard
val tokenUrl: String? = null

The token_endpoint URL of your IdP