Skip to content
This repository has been archived by the owner on Jun 14, 2021. It is now read-only.

Commit

Permalink
More docs
Browse files Browse the repository at this point in the history
  • Loading branch information
@quantumew
quantumew committed Sep 29, 2019
1 parent a8cba4b commit f8fb1d5
Show file tree
Hide file tree
Showing 7 changed files with 292 additions and 48 deletions.
10 changes: 5 additions & 5 deletions website/docs/d/app_saml.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,15 +30,15 @@ data "okta_app_saml" "example" {

## Attributes Reference

* `id` - `id` of application.
* `id` - id of application.

* `label` - `label` of application.
* `label` - label of application.

* `description` - `description` of application.
* `description` - description of application.

* `name` - `name` of application.
* `name` - name of application.

* `status` - `status` of application.
* `status` - status of application.

* `key_id` - Certificate key ID.

Expand Down
2 changes: 1 addition & 1 deletion website/docs/r/app_bookmark.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ The following arguments are supported:

## Import

Okta Bookmark App can be imported via the Okta ID.
A Bookmark App can be imported via the Okta ID.

```
$ terraform import okta_app_bookmark.example <app id>
Expand Down
56 changes: 47 additions & 9 deletions website/docs/r/app_oauth.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,24 +3,24 @@ layout: "okta"
page_title: "Okta: okta_app_oauth"
sidebar_current: "docs-okta-resource-app-auto-login"
description: |-
Creates an Auto Login Okta Application.
Creates an OIDC Application.
---

# okta_app_oauth

Creates an Auto Login Okta Application.
Creates an OIDC Application.

This resource allows you to create and configure an Auto Login Okta Application.
This resource allows you to create and configure an OIDC Application.

## Example Usage

```hcl
resource "okta_app_oauth" "example" {
label = "Example App"
sign_on_url = "https://example.com/login.html"
sign_on_redirect_url = "https://example.com"
reveal_password = true
credentials_scheme = "EDIT_USERNAME_AND_PASSWORD"
label = "example"
type = "web"
grant_types = ["authorization_code"]
redirect_uris = ["https://example.com/"]
response_types = ["code"]
}
```

Expand All @@ -40,6 +40,44 @@ The following arguments are supported:

* `custom_client_id` - (Optional) This property allows you to set the application's client id.

* `omit_secret` - (Optional) This tells the provider not to persist the application's secret to state. If this is ever changes from true => false your app will be recreated.

* `client_basic_secret` - (Optional) OAuth client secret key, this can be set when token_endpoint_auth_method is client_secret_basic.

* `token_endpoint_auth_method` - (Optional) Requested authentication method for the token endpoint. It can be set to `"none"`, `"client_secret_post"`, `"client_secret_basic"`, `"client_secret_jwt"`.

* `auto_key_rotation` - (Optional) Requested key rotation mode.

* `client_uri` - (Optional) URI to a web page providing information about the client.

* `logo_uri` - (Optional) URI that references a logo for the client.

* `login_uri` - (Optional) URI that initiates login.

* `redirect_uris` - (Optional) List of URIs for use in the redirect-based flow. This is required for all application types except service.

* `post_logout_redirect_uris` - (Optional) List of URIs for redirection after logout.

* `response_types` - (Optional) List of OAuth 2.0 response type strings.

* `grant_types` - (Optional) List of OAuth 2.0 grant types. Conditional validation params found here https://developer.okta.com/docs/api/resources/apps#credentials-settings-details. Defaults to minimum requirements per app type.

* `tos_uri` - (Optional) URI to web page providing client tos (terms of service).

* `policy_uri` - (Optional) URI to web page providing client policy document.

* `consent_method` - (Optional) Indicates whether user consent is required or implicit. Valid values: REQUIRED, TRUSTED. Default value is TRUSTED.

* `issuer_mode` - (Optional) Indicates whether the Okta Authorization Server uses the original Okta org domain URL or a custom domain URL as the issuer of ID token for this client.

* `auto_submit_toolbar` - (Optional) Display auto submit toolbar.

* `hide_ios` - (Optional) Do not display application icon on mobile app.

* `hide_web` - (Optional) Do not display application icon to users.

* `profile` - (Optional) Custom JSON that represents an OAuth application's profile.

## Attributes Reference

* `name` - Name assigned to the application by Okta.
Expand All @@ -52,7 +90,7 @@ The following arguments are supported:

## Import

Okta Auto Login App can be imported via the Okta ID.
An OIDC Application can be imported via the Okta ID.

```
$ terraform import okta_app_oauth.example <app id>
Expand Down
115 changes: 106 additions & 9 deletions website/docs/r/app_saml.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,30 +16,127 @@ This resource allows you to create and configure an SAML Application.

```hcl
resource "okta_app_saml" "example" {
label = "Example App"
sign_on_url = "https://example.com/login.html"
sign_on_redirect_url = "https://example.com"
reveal_password = true
credentials_scheme = "EDIT_USERNAME_AND_PASSWORD"
label = "example"
sso_url = "http://example.com"
recipient = "http://example.com"
destination = "http://example.com"
audience = "http://example.com/audience"
subject_name_id_template = "$${user.userName}"
subject_name_id_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
response_signed = true
signature_algorithm = "RSA_SHA256"
digest_algorithm = "SHA256"
honor_force_authn = false
authn_context_class_ref = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
attribute_statements {
type = "GROUP"
name = "groups"
filter_type = "REGEX"
filter_value = ".*"
}
}
```

## Argument Reference

The following arguments are supported:

* `label` - (Required) The Application's display name.
* `status` - (Optional) The status of the application, by default it is `"ACTIVE"`.
* `preconfigured_app` - (Optional) Tells Okta to use an existing application in their application catalog, as opposed to a custom application.
* `label` - (Required) label of application.

* `preconfigured_app` - (Optional) name of application from the Okta Integration Network, if not included a custom app will be created.

* `description` - (Optional) description of application.

* `status` - (Optional) status of application.

* `auto_submit_toolbar` - (Optional) Display auto submit toolbar.

* `hide_ios` - (Optional) Do not display application icon on mobile app.

* `hide_web` - (Optional) Do not display application icon to users

* `default_relay_state` - (Optional) Identifies a specific application resource in an IDP initiated SSO scenario.

* `sso_url` - (Optional) Single Sign on Url.

* `recipient` - (Optional) The location where the app may present the SAML assertion.

* `destination` - (Optional) Identifies the location where the SAML response is intended to be sent inside of the SAML assertion.

* `audience` - (Optional) Audience restriction.

* `idp_issuer` - (Optional) SAML issuer ID.

* `sp_issuer` - (Optional) SAML service provider issuer.

* `subject_name_id_template` - (Optional) Template for app user's username when a user is assigned to the app.

* `subject_name_id_format` - (Optional) Identifies the SAML processing rules.

* `response_signed` - (Optional) Determines whether the SAML auth response message is digitally signed.

* `request_compressed` - (Optional) Denotes whether the request is compressed or not.

* `assertion_signed` - (Optional) Determines whether the SAML assertion is digitally signed.

* `signature_algorithm` - (Optional) Signature algorithm used ot digitally sign the assertion and response.

* `digest_algorithm` - (Optional) Determines the digest algorithm used to digitally sign the SAML assertion and response.

* `honor_force_authn` - (Optional) Prompt user to re-authenticate if SP asks for it.

* `authn_context_class_ref` - (Optional) Identifies the SAML authentication context class for the assertion鈥檚 authentication statement.

* `accessibility_self_service` - (Optional) Enable self service.

* `accessibility_error_redirect_url` - (Optional) Custom error page URL.

* `accessibility_login_redirect_url` - (Optional) Custom login page URL.

* `features` - (Optional) features enabled.

* `user_name_template` - (Optional) Username template.

* `user_name_template_suffix` - (Optional) Username template suffix.

* `user_name_template_type` - (Optional) Username template type.

* `app_settings_json` - (Optional) Application settings in JSON format.

* `attribute_statements` - (Optional) List of SAML Attribute statements.
* `name` - (Required) The name of the attribute statement.
* `filter_type` - (Optional) Type of group attribute filter.
* `filter_value` - (Optional) Filter value to use.
* `namespace` - (Optional) The attribute namespace. It can be set to `"urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"`, `"urn:oasis:names:tc:SAML:2.0:attrname-format:uri"`, or `"urn:oasis:names:tc:SAML:2.0:attrname-format:basic"`.
* `type` - (Optional) The type of attribute statement value. Can be `"EXPRESSION"` or `"GROUP"`.
* `values` - (Optional) Array of values to use.

## Attributes Reference

* `id` - id of application.

* `name` - Name assigned to the application by Okta.

* `sign_on_mode` - Sign on mode of application.

* `key_id` - Certificate key ID.

* `certificate` - The raw signing certificate.

* `metadata` - The raw SAML metadata in XML.

* `http_post_binding` - `urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post` location from the SAML metadata.

* `http_redirect_binding` - `urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect` location from the SAML metadata.

* `entity_key` - Entity ID, the ID portion of the `entity_url`.

* `entity_url` - Entity URL for instance http://www.okta.com/exk1fcia6d6EMsf331d8.

## Import

Okta Auto Login App can be imported via the Okta ID.
A SAML App can be imported via the Okta ID.

```
$ terraform import okta_app_saml.example <app id>
Expand Down
69 changes: 57 additions & 12 deletions website/docs/r/app_secure_password_store.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,43 +3,88 @@ layout: "okta"
page_title: "Okta: okta_app_secure_password_store"
sidebar_current: "docs-okta-resource-app-secure-password-store"
description: |-
Creates an Auto Login Okta Application.
Creates a Secure Password Store Application.
---

# okta_app_secure_password_store

Creates an Auto Login Okta Application.
Creates a Secure Password Store Application.

This resource allows you to create and configure an Auto Login Okta Application.
This resource allows you to create and configure a Secure Password Store Application.

## Example Usage

```hcl
resource "okta_app_secure_password_store" "example" {
label = "Example App"
sign_on_url = "https://example.com/login.html"
sign_on_redirect_url = "https://example.com"
reveal_password = true
credentials_scheme = "EDIT_USERNAME_AND_PASSWORD"
label = "example"
username_field = "user"
password_field = "pass"
url = "http://test.com"
credentials_scheme = "ADMIN_SETS_CREDENTIALS"
}
```

## Argument Reference

The following arguments are supported:

* `label` - (Required) The Application's display name.
* `status` - (Optional) The status of the application, by default it is `"ACTIVE"`.
* `preconfigured_app` - (Optional) Tells Okta to use an existing application in their application catalog, as opposed to a custom application.
* `label` - (Required) The display name of the Application.

* `password_field` - (Required) Login password field.

* `username_field` - (Required) Login username field.

* `url` - (Required) Login URL.

* `optional_field1` - (Optional) Name of optional param in the login form.

* `optional_field1_value` - (Optional) Name of optional value in the login form.

* `optional_field2` - (Optional) Name of optional param in the login form.

* `optional_field2_value` - (Optional) Name of optional value in the login form.

* `optional_field3` - (Optional) Name of optional param in the login form.

* `optional_field3_value` - (Optional) Name of optional value in the login form.

* `credentials_scheme` - (Optional) Application credentials scheme. Can be set to `"EDIT_USERNAME_AND_PASSWORD"`, `"ADMIN_SETS_CREDENTIALS"`, `"EDIT_PASSWORD_ONLY"`, `"EXTERNAL_PASSWORD_SYNC"`, or `"SHARED_USERNAME_AND_PASSWORD"`.

* `reveal_password` - (Optional) Allow user to reveal password.

* `shared_username` - (Optional) Shared username, required for certain schemes.

* `shared_password` - (Optional) Shared password, required for certain schemes.

* `users` - (Optional) The users assigned to the application. See `okta_app_user` for a more flexible approach.

* `groups` - (Optional) Groups associated with the application. See `okta_app_group_assignment` for a more flexible approach.

* `status` - (Optional) Status of application. By default it is `"ACTIVE"`.

* `accessibility_self_service` - (Optional) Enable self service. By default it is `false`.

* `accessibility_error_redirect_url` - (Optional) Custom error page URL.

* `auto_submit_toolbar` - (Optional) Display auto submit toolbar.

* `hide_ios` - (Optional) Do not display application icon on mobile app.

* `hide_web` - (Optional) Do not display application icon to users.

## Attributes Reference

* `name` - Name assigned to the application by Okta.

* `sign_on_mode` - Sign on mode of application.

* `user_name_template` - The default username assigned to each user.

* `user_name_template_type` - The Username template type.

## Import

Okta Auto Login App can be imported via the Okta ID.
Secure Password Store Application can be imported via the Okta ID.

```
$ terraform import okta_app_secure_password_store.example <app id>
Expand Down

0 comments on commit f8fb1d5

Please sign in to comment.