This repository has been archived by the owner on Jun 14, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 49
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
6 changed files
with
157 additions
and
59 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,46 +1,89 @@ | ||
--- | ||
layout: "okta" | ||
page_title: "Okta: okta_app_auto_login" | ||
sidebar_current: "docs-okta-resource-app-auto-login" | ||
page_title: "Okta: okta_policy_mfa" | ||
sidebar_current: "docs-okta-resource-policy-mfa" | ||
description: |- | ||
Creates an Auto Login Okta Application. | ||
Creates an MFA Policy. | ||
--- | ||
|
||
# okta_app_auto_login | ||
# okta_policy_mfa | ||
|
||
Creates an Auto Login Okta Application. | ||
Creates an MFA Policy. | ||
|
||
This resource allows you to create and configure an Auto Login Okta Application. | ||
This resource allows you to create and configure an MFA Policy. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
resource "okta_app_auto_login" "example" { | ||
label = "Example App" | ||
sign_on_url = "https://example.com/login.html" | ||
sign_on_redirect_url = "https://example.com" | ||
reveal_password = true | ||
credentials_scheme = "EDIT_USERNAME_AND_PASSWORD" | ||
resource "okta_policy_mfa" "example" { | ||
name = "example" | ||
status = "ACTIVE" | ||
description = "Example" | ||
okta_otp = { | ||
enroll = "REQUIRED" | ||
} | ||
groups_included = ["${data.okta_group.everyone.id}"] | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
|
||
* `label` - (Required) The Application's display name. | ||
* `status` - (Optional) The status of the application, by default it is `"ACTIVE"`. | ||
* `preconfigured_app` - (Optional) Tells Okta to use an existing application in their application catalog, as opposed to a custom application. | ||
* `name` - (Required) Policy Name. | ||
|
||
* `description` - (Optional) Policy Description. | ||
|
||
* `priority` - (Optional) Priority of the policy. | ||
|
||
* `status` - (Optional) Policy Status: `"ACTIVE"` or `"INACTIVE"`. | ||
|
||
* `groups_included` - (Optional) List of Group IDs to Include. | ||
|
||
* `duo` - (Optional) DUO [MFA policy settings](#mfa-settings). | ||
|
||
* `fido_u2f` - (Optional) Fido U2F [MFA policy settings](#mfa-settings). | ||
|
||
* `fido_webauthn` - (Optional) Fido Web Authn [MFA policy settings](#mfa-settings). | ||
|
||
* `google_otp` - (Optional) Google OTP [MFA policy settings](#mfa-settings). | ||
|
||
* `okta_call` - (Optional) Okta Call [MFA policy settings](#mfa-settings). | ||
|
||
* `okta_otp` - (Optional) Okta OTP [MFA policy settings](#mfa-settings). | ||
|
||
* `okta_password` - (Optional) Okta Password [MFA policy settings](#mfa-settings). | ||
|
||
* `okta_push` - (Optional) Okta Push [MFA policy settings](#mfa-settings). | ||
|
||
* `okta_question` - (Optional) Okta Question [MFA policy settings](#mfa-settings). | ||
|
||
* `okta_sms` - (Optional) Okta SMS [MFA policy settings](#mfa-settings). | ||
|
||
* `rsa_token` - (Optional) RSA Token [MFA policy settings](#mfa-settings). | ||
|
||
* `symantec_vip` - (Optional) Symantec VIP [MFA policy settings](#mfa-settings). | ||
|
||
* `yubikey_token` - (Optional) Yubikey Token [MFA policy settings](#mfa-settings). | ||
|
||
### MFA Settings | ||
|
||
All MFA settings above have the following structure. | ||
|
||
* `enroll` - (Optional) Requirements for user initiated enrollment. Can be `"NOT_ALLOWED"`, `"OPTIONAL"`, or `"REQUIRED"`. By default it is `"OPTIONAL"`. | ||
|
||
* `consent_type` - (Optional) User consent type required before enrolling in the factor: `"NONE"` or `"TERMS_OF_SERVICE"`. By default it is `"NONE"`. | ||
|
||
## Attributes Reference | ||
|
||
* `name` - Name assigned to the application by Okta. | ||
* `sign_on_mode` - Sign on mode of application. | ||
* `id` - ID of the Policy. | ||
|
||
## Import | ||
|
||
Okta Auto Login App can be imported via the Okta ID. | ||
An MFA Policy can be imported via the Okta ID. | ||
|
||
``` | ||
$ terraform import okta_app_auto_login.example <app id> | ||
$ terraform import okta_policy_mfa.example <app id> | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,46 +1,97 @@ | ||
--- | ||
layout: "okta" | ||
page_title: "Okta: okta_app_auto_login" | ||
page_title: "Okta: okta_policy_password" | ||
sidebar_current: "docs-okta-resource-app-auto-login" | ||
description: |- | ||
Creates an Auto Login Okta Application. | ||
Creates a Password Policy. | ||
--- | ||
|
||
# okta_app_auto_login | ||
# okta_policy_password | ||
|
||
Creates an Auto Login Okta Application. | ||
Creates a Password Policy. | ||
|
||
This resource allows you to create and configure an Auto Login Okta Application. | ||
This resource allows you to create and configure a Password Policy. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
resource "okta_app_auto_login" "example" { | ||
label = "Example App" | ||
sign_on_url = "https://example.com/login.html" | ||
sign_on_redirect_url = "https://example.com" | ||
reveal_password = true | ||
credentials_scheme = "EDIT_USERNAME_AND_PASSWORD" | ||
resource "okta_policy_password" "example" { | ||
name = "example" | ||
status = "ACTIVE" | ||
description = "Example" | ||
password_history_count = 4 | ||
groups_included = ["${data.okta_group.everyone.id}"] | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
|
||
* `label` - (Required) The Application's display name. | ||
* `status` - (Optional) The status of the application, by default it is `"ACTIVE"`. | ||
* `preconfigured_app` - (Optional) Tells Okta to use an existing application in their application catalog, as opposed to a custom application. | ||
* `name` - (Required) Policy Name. | ||
|
||
* `description` - (Optional) Policy Description. | ||
|
||
* `priority` - (Optional) Priority of the policy. | ||
|
||
* `status` - (Optional) Policy Status: `"ACTIVE"` or `"INACTIVE"`. | ||
|
||
* `groups_included` - (Optional) List of Group IDs to Include. | ||
|
||
* `auth_provider` - (Optional) Authentication Provider: `"OKTA"` or `"ACTIVE_DIRECTORY"`. Default is `"OKTA"`. | ||
|
||
* `password_min_length` - (Optional) Minimum password length. Default is 8. | ||
|
||
* `password_min_lowercase` - (Optional) Minimum number of lower case characters in password. | ||
|
||
* `password_min_uppercase` - (Optional) Minimum number of upper case characters in password. | ||
|
||
* `password_min_number` - (Optional) Minimum number of numbers in password. | ||
|
||
* `password_min_symbol` - (Optional) Minimum number of symbols in password. | ||
|
||
* `password_exclude_username` - (Optional) If the user name must be excluded from the password. | ||
|
||
* `password_exclude_first_name` - (Optional) User firstName attribute must be excluded from the password. | ||
|
||
* `password_exclude_last_name` - (Optional) User lastName attribute must be excluded from the password. | ||
|
||
* `password_dictionary_lookup` - (Optional) Check Passwords Against Common Password Dictionary. | ||
|
||
* `password_max_age_days` - (Optional) Length in days a password is valid before expiry: 0 = no limit.", | ||
|
||
* `password_expire_warn_days` - (Optional) Length in days a user will be warned before password expiry: 0 = no warning. | ||
|
||
* `password_min_age_minutes` - (Optional) Minimum time interval in minutes between password changes: 0 = no limit. | ||
|
||
* `password_history_count` - (Optional) Number of distinct passwords that must be created before they can be reused: 0 = none. | ||
|
||
* `password_max_lockout_attempts` - (Optional) Number of unsuccessful login attempts allowed before lockout: 0 = no limit. | ||
|
||
* `password_auto_unlock_minutes` - (Optional) Number of minutes before a locked account is unlocked: 0 = no limit. | ||
|
||
* `password_show_lockout_failures` - (Optional) If a user should be informed when their account is locked. | ||
|
||
* `question_min_length` - (Optional) Min length of the password recovery question answer. | ||
|
||
* `email_recovery` - (Optional) Enable or disable email password recovery: ACTIVE or INACTIVE. | ||
|
||
* `recovery_email_token` - (Optional) Lifetime in minutes of the recovery email token. | ||
|
||
* `sms_recovery` - (Optional) Enable or disable SMS password recovery: ACTIVE or INACTIVE. | ||
|
||
* `question_recovery` - (Optional) Enable or disable security question password recovery: ACTIVE or INACTIVE. | ||
|
||
* `skip_unlock` - (Optional) When an Active Directory user is locked out of Okta, the Okta unlock operation should also attempt to unlock the user's Windows account. | ||
|
||
## Attributes Reference | ||
|
||
* `name` - Name assigned to the application by Okta. | ||
* `sign_on_mode` - Sign on mode of application. | ||
* `id` - ID of the Policy. | ||
|
||
## Import | ||
|
||
Okta Auto Login App can be imported via the Okta ID. | ||
A Password Policy can be imported via the Okta ID. | ||
|
||
``` | ||
$ terraform import okta_app_auto_login.example <app id> | ||
$ terraform import okta_policy_password.example <policy id> | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,46 +1,50 @@ | ||
--- | ||
layout: "okta" | ||
page_title: "Okta: okta_app_auto_login" | ||
sidebar_current: "docs-okta-resource-app-auto-login" | ||
page_title: "Okta: okta_policy_signon" | ||
sidebar_current: "docs-okta-resource-policy-signon" | ||
description: |- | ||
Creates an Auto Login Okta Application. | ||
Creates a Sign On Policy. | ||
--- | ||
|
||
# okta_app_auto_login | ||
# okta_policy_signon | ||
|
||
Creates an Auto Login Okta Application. | ||
Creates a Sign On Policy. | ||
|
||
This resource allows you to create and configure an Auto Login Okta Application. | ||
This resource allows you to create and configure a Sign On Policy. | ||
|
||
## Example Usage | ||
|
||
```hcl | ||
resource "okta_app_auto_login" "example" { | ||
label = "Example App" | ||
sign_on_url = "https://example.com/login.html" | ||
sign_on_redirect_url = "https://example.com" | ||
reveal_password = true | ||
credentials_scheme = "EDIT_USERNAME_AND_PASSWORD" | ||
resource "okta_policy_signon" "example" { | ||
name = "example" | ||
status = "ACTIVE" | ||
description = "Example" | ||
groups_included = ["${data.okta_group.everyone.id}"] | ||
} | ||
``` | ||
|
||
## Argument Reference | ||
|
||
The following arguments are supported: | ||
|
||
* `label` - (Required) The Application's display name. | ||
* `status` - (Optional) The status of the application, by default it is `"ACTIVE"`. | ||
* `preconfigured_app` - (Optional) Tells Okta to use an existing application in their application catalog, as opposed to a custom application. | ||
* `name` - (Required) Policy Name. | ||
|
||
* `description` - (Optional) Policy Description. | ||
|
||
* `priority` - (Optional) Priority of the policy. | ||
|
||
* `status` - (Optional) Policy Status: `"ACTIVE"` or `"INACTIVE"`. | ||
|
||
* `groups_included` - List of Group IDs to Include. | ||
|
||
## Attributes Reference | ||
|
||
* `name` - Name assigned to the application by Okta. | ||
* `sign_on_mode` - Sign on mode of application. | ||
* `id` - ID of the Policy. | ||
|
||
## Import | ||
|
||
Okta Auto Login App can be imported via the Okta ID. | ||
A Sign On Policy can be imported via the Okta ID. | ||
|
||
``` | ||
$ terraform import okta_app_auto_login.example <app id> | ||
$ terraform import okta_policy_signon.example <policy id> | ||
``` |