pulumi-keycloak-kotlin/com.pulumi.keycloak.openid.kotlin/HardcodedClaimProtocolMapper

HardcodedClaimProtocolMapper

class HardcodedClaimProtocolMapper : KotlinCustomResource

Allows for creating and managing hardcoded claim protocol mappers within Keycloak. Hardcoded claim protocol mappers allow you to define a claim with a hardcoded value. Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.

Example Usage

Client)

import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const realm = new keycloak.Realm("realm", {
    realm: "my-realm",
    enabled: true,
});
const openidClient = new keycloak.openid.Client("openid_client", {
    realmId: realm.id,
    clientId: "client",
    name: "client",
    enabled: true,
    accessType: "CONFIDENTIAL",
    validRedirectUris: ["http://localhost:8080/openid-callback"],
});
const hardcodedClaimMapper = new keycloak.openid.HardcodedClaimProtocolMapper("hardcoded_claim_mapper", {
    realmId: realm.id,
    clientId: openidClient.id,
    name: "hardcoded-claim-mapper",
    claimName: "foo",
    claimValue: "bar",
});
Content copied to clipboard
import pulumi
import pulumi_keycloak as keycloak
realm = keycloak.Realm("realm",
    realm="my-realm",
    enabled=True)
openid_client = keycloak.openid.Client("openid_client",
    realm_id=realm.id,
    client_id="client",
    name="client",
    enabled=True,
    access_type="CONFIDENTIAL",
    valid_redirect_uris=["http://localhost:8080/openid-callback"])
hardcoded_claim_mapper = keycloak.openid.HardcodedClaimProtocolMapper("hardcoded_claim_mapper",
    realm_id=realm.id,
    client_id=openid_client.id,
    name="hardcoded-claim-mapper",
    claim_name="foo",
    claim_value="bar")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
    var realm = new Keycloak.Realm("realm", new()
    {
        RealmName = "my-realm",
        Enabled = true,
    });
    var openidClient = new Keycloak.OpenId.Client("openid_client", new()
    {
        RealmId = realm.Id,
        ClientId = "client",
        Name = "client",
        Enabled = true,
        AccessType = "CONFIDENTIAL",
        ValidRedirectUris = new[]
        {
            "http://localhost:8080/openid-callback",
        },
    });
    var hardcodedClaimMapper = new Keycloak.OpenId.HardcodedClaimProtocolMapper("hardcoded_claim_mapper", new()
    {
        RealmId = realm.Id,
        ClientId = openidClient.Id,
        Name = "hardcoded-claim-mapper",
        ClaimName = "foo",
        ClaimValue = "bar",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak/openid"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		openidClient, err := openid.NewClient(ctx, "openid_client", &openid.ClientArgs{
			RealmId:    realm.ID(),
			ClientId:   pulumi.String("client"),
			Name:       pulumi.String("client"),
			Enabled:    pulumi.Bool(true),
			AccessType: pulumi.String("CONFIDENTIAL"),
			ValidRedirectUris: pulumi.StringArray{
				pulumi.String("http://localhost:8080/openid-callback"),
			},
		})
		if err != nil {
			return err
		}
		_, err = openid.NewHardcodedClaimProtocolMapper(ctx, "hardcoded_claim_mapper", &openid.HardcodedClaimProtocolMapperArgs{
			RealmId:    realm.ID(),
			ClientId:   openidClient.ID(),
			Name:       pulumi.String("hardcoded-claim-mapper"),
			ClaimName:  pulumi.String("foo"),
			ClaimValue: pulumi.String("bar"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.openid.Client;
import com.pulumi.keycloak.openid.ClientArgs;
import com.pulumi.keycloak.openid.HardcodedClaimProtocolMapper;
import com.pulumi.keycloak.openid.HardcodedClaimProtocolMapperArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var realm = new Realm("realm", RealmArgs.builder()
            .realm("my-realm")
            .enabled(true)
            .build());
        var openidClient = new Client("openidClient", ClientArgs.builder()
            .realmId(realm.id())
            .clientId("client")
            .name("client")
            .enabled(true)
            .accessType("CONFIDENTIAL")
            .validRedirectUris("http://localhost:8080/openid-callback")
            .build());
        var hardcodedClaimMapper = new HardcodedClaimProtocolMapper("hardcodedClaimMapper", HardcodedClaimProtocolMapperArgs.builder()
            .realmId(realm.id())
            .clientId(openidClient.id())
            .name("hardcoded-claim-mapper")
            .claimName("foo")
            .claimValue("bar")
            .build());
    }
}
Content copied to clipboard
resources:
  realm:
    type: keycloak:Realm
    properties:
      realm: my-realm
      enabled: true
  openidClient:
    type: keycloak:openid:Client
    name: openid_client
    properties:
      realmId: ${realm.id}
      clientId: client
      name: client
      enabled: true
      accessType: CONFIDENTIAL
      validRedirectUris:
        - http://localhost:8080/openid-callback
  hardcodedClaimMapper:
    type: keycloak:openid:HardcodedClaimProtocolMapper
    name: hardcoded_claim_mapper
    properties:
      realmId: ${realm.id}
      clientId: ${openidClient.id}
      name: hardcoded-claim-mapper
      claimName: foo
      claimValue: bar
Content copied to clipboard

Client Scope)

import * as pulumi from "@pulumi/pulumi";
import * as keycloak from "@pulumi/keycloak";
const realm = new keycloak.Realm("realm", {
    realm: "my-realm",
    enabled: true,
});
const clientScope = new keycloak.openid.ClientScope("client_scope", {
    realmId: realm.id,
    name: "client-scope",
});
const hardcodedClaimMapper = new keycloak.openid.HardcodedClaimProtocolMapper("hardcoded_claim_mapper", {
    realmId: realm.id,
    clientScopeId: clientScope.id,
    name: "hardcoded-claim-mapper",
    claimName: "foo",
    claimValue: "bar",
});
Content copied to clipboard
import pulumi
import pulumi_keycloak as keycloak
realm = keycloak.Realm("realm",
    realm="my-realm",
    enabled=True)
client_scope = keycloak.openid.ClientScope("client_scope",
    realm_id=realm.id,
    name="client-scope")
hardcoded_claim_mapper = keycloak.openid.HardcodedClaimProtocolMapper("hardcoded_claim_mapper",
    realm_id=realm.id,
    client_scope_id=client_scope.id,
    name="hardcoded-claim-mapper",
    claim_name="foo",
    claim_value="bar")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Keycloak = Pulumi.Keycloak;
return await Deployment.RunAsync(() =>
{
    var realm = new Keycloak.Realm("realm", new()
    {
        RealmName = "my-realm",
        Enabled = true,
    });
    var clientScope = new Keycloak.OpenId.ClientScope("client_scope", new()
    {
        RealmId = realm.Id,
        Name = "client-scope",
    });
    var hardcodedClaimMapper = new Keycloak.OpenId.HardcodedClaimProtocolMapper("hardcoded_claim_mapper", new()
    {
        RealmId = realm.Id,
        ClientScopeId = clientScope.Id,
        Name = "hardcoded-claim-mapper",
        ClaimName = "foo",
        ClaimValue = "bar",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak"
	"github.com/pulumi/pulumi-keycloak/sdk/v6/go/keycloak/openid"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		clientScope, err := openid.NewClientScope(ctx, "client_scope", &openid.ClientScopeArgs{
			RealmId: realm.ID(),
			Name:    pulumi.String("client-scope"),
		})
		if err != nil {
			return err
		}
		_, err = openid.NewHardcodedClaimProtocolMapper(ctx, "hardcoded_claim_mapper", &openid.HardcodedClaimProtocolMapperArgs{
			RealmId:       realm.ID(),
			ClientScopeId: clientScope.ID(),
			Name:          pulumi.String("hardcoded-claim-mapper"),
			ClaimName:     pulumi.String("foo"),
			ClaimValue:    pulumi.String("bar"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.keycloak.Realm;
import com.pulumi.keycloak.RealmArgs;
import com.pulumi.keycloak.openid.ClientScope;
import com.pulumi.keycloak.openid.ClientScopeArgs;
import com.pulumi.keycloak.openid.HardcodedClaimProtocolMapper;
import com.pulumi.keycloak.openid.HardcodedClaimProtocolMapperArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var realm = new Realm("realm", RealmArgs.builder()
            .realm("my-realm")
            .enabled(true)
            .build());
        var clientScope = new ClientScope("clientScope", ClientScopeArgs.builder()
            .realmId(realm.id())
            .name("client-scope")
            .build());
        var hardcodedClaimMapper = new HardcodedClaimProtocolMapper("hardcodedClaimMapper", HardcodedClaimProtocolMapperArgs.builder()
            .realmId(realm.id())
            .clientScopeId(clientScope.id())
            .name("hardcoded-claim-mapper")
            .claimName("foo")
            .claimValue("bar")
            .build());
    }
}
Content copied to clipboard
resources:
  realm:
    type: keycloak:Realm
    properties:
      realm: my-realm
      enabled: true
  clientScope:
    type: keycloak:openid:ClientScope
    name: client_scope
    properties:
      realmId: ${realm.id}
      name: client-scope
  hardcodedClaimMapper:
    type: keycloak:openid:HardcodedClaimProtocolMapper
    name: hardcoded_claim_mapper
    properties:
      realmId: ${realm.id}
      clientScopeId: ${clientScope.id}
      name: hardcoded-claim-mapper
      claimName: foo
      claimValue: bar
Content copied to clipboard

Import

Protocol mappers can be imported using one of the following formats:

  • Client: {{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}

  • Client Scope: {{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}} Example: bash

$ pulumi import keycloak:openid/hardcodedClaimProtocolMapper:HardcodedClaimProtocolMapper hardcoded_claim_mapper my-realm/client/a7202154-8793-4656-b655-1dd18c181e14/71602afa-f7d1-4788-8c49-ef8fd00af0f4
Content copied to clipboard
$ pulumi import keycloak:openid/hardcodedClaimProtocolMapper:HardcodedClaimProtocolMapper hardcoded_claim_mapper my-realm/client-scope/b799ea7e-73ee-4a73-990a-1eafebe8e20a/71602afa-f7d1-4788-8c49-ef8fd00af0f4
Content copied to clipboard

Properties

Link copied to clipboard
val addToAccessToken: Output<Boolean>?

Indicates if the property should be added as a claim to the access token. Defaults to true.

Link copied to clipboard
val addToIdToken: Output<Boolean>?

Indicates if the property should be added as a claim to the id token. Defaults to true.

Link copied to clipboard
val addToUserinfo: Output<Boolean>?

Indicates if the property should be added as a claim to the UserInfo response body. Defaults to true.

Link copied to clipboard
val claimName: Output<String>

The name of the claim to insert into a token.

Link copied to clipboard
val claimValue: Output<String>

The hardcoded value of the claim.

Link copied to clipboard
val claimValueType: Output<String>?

The claim type used when serializing JSON tokens. Can be one of String, JSON, long, int, or boolean. Defaults to String.

Link copied to clipboard
val clientId: Output<String>?

The client this protocol mapper should be attached to. Conflicts with client_scope_id. One of client_id or client_scope_id must be specified.

Link copied to clipboard
val clientScopeId: Output<String>?

The client scope this protocol mapper should be attached to. Conflicts with client_id. One of client_id or client_scope_id must be specified.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val name: Output<String>

The display name of this protocol mapper in the GUI.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val realmId: Output<String>

The realm this protocol mapper exists within.

Link copied to clipboard
val urn: Output<String>