Represents a {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc okta_idp_oidc}.
import "github.com/cdktf/cdktf-provider-okta-go/okta/v13/idpoidc"
idpoidc.NewIdpOidc(scope Construct, id *string, config IdpOidcConfig) IdpOidc
Name | Type | Description |
---|---|---|
scope |
github.com/aws/constructs-go/constructs/v10.Construct |
The scope in which to define this construct. |
id |
*string |
The scoped construct ID. |
config |
IdpOidcConfig |
No description. |
- Type: github.com/aws/constructs-go/constructs/v10.Construct
The scope in which to define this construct.
- Type: *string
The scoped construct ID.
Must be unique amongst siblings in the same scope
- Type: IdpOidcConfig
Name | Description |
---|---|
ToString |
Returns a string representation of this construct. |
AddOverride |
No description. |
OverrideLogicalId |
Overrides the auto-generated logical ID with a specific ID. |
ResetOverrideLogicalId |
Resets a previously passed logical Id to use the auto-generated logical id again. |
ToHclTerraform |
No description. |
ToMetadata |
No description. |
ToTerraform |
Adds this resource to the terraform JSON output. |
AddMoveTarget |
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move. |
GetAnyMapAttribute |
No description. |
GetBooleanAttribute |
No description. |
GetBooleanMapAttribute |
No description. |
GetListAttribute |
No description. |
GetNumberAttribute |
No description. |
GetNumberListAttribute |
No description. |
GetNumberMapAttribute |
No description. |
GetStringAttribute |
No description. |
GetStringMapAttribute |
No description. |
HasResourceMove |
No description. |
ImportFrom |
No description. |
InterpolationForAttribute |
No description. |
MoveFromId |
Move the resource corresponding to "id" to this resource. |
MoveTo |
Moves this resource to the target resource given by moveTarget. |
MoveToId |
Moves this resource to the resource corresponding to "id". |
ResetAccountLinkAction |
No description. |
ResetAccountLinkGroupInclude |
No description. |
ResetDeprovisionedAction |
No description. |
ResetGroupsAction |
No description. |
ResetGroupsAssignment |
No description. |
ResetGroupsAttribute |
No description. |
ResetGroupsFilter |
No description. |
ResetId |
No description. |
ResetIssuerMode |
No description. |
ResetMaxClockSkew |
No description. |
ResetProfileMaster |
No description. |
ResetProtocolType |
No description. |
ResetProvisioningAction |
No description. |
ResetRequestSignatureAlgorithm |
No description. |
ResetRequestSignatureScope |
No description. |
ResetStatus |
No description. |
ResetSubjectMatchAttribute |
No description. |
ResetSubjectMatchType |
No description. |
ResetSuspendedAction |
No description. |
ResetUserInfoBinding |
No description. |
ResetUserInfoUrl |
No description. |
ResetUsernameTemplate |
No description. |
func ToString() *string
Returns a string representation of this construct.
func AddOverride(path *string, value interface{})
- Type: *string
- Type: interface{}
func OverrideLogicalId(newLogicalId *string)
Overrides the auto-generated logical ID with a specific ID.
- Type: *string
The new logical ID to use for this stack element.
func ResetOverrideLogicalId()
Resets a previously passed logical Id to use the auto-generated logical id again.
func ToHclTerraform() interface{}
func ToMetadata() interface{}
func ToTerraform() interface{}
Adds this resource to the terraform JSON output.
func AddMoveTarget(moveTarget *string)
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
- Type: *string
The string move target that will correspond to this resource.
func GetAnyMapAttribute(terraformAttribute *string) *map[string]interface{}
- Type: *string
func GetBooleanAttribute(terraformAttribute *string) IResolvable
- Type: *string
func GetBooleanMapAttribute(terraformAttribute *string) *map[string]*bool
- Type: *string
func GetListAttribute(terraformAttribute *string) *[]*string
- Type: *string
func GetNumberAttribute(terraformAttribute *string) *f64
- Type: *string
func GetNumberListAttribute(terraformAttribute *string) *[]*f64
- Type: *string
func GetNumberMapAttribute(terraformAttribute *string) *map[string]*f64
- Type: *string
func GetStringAttribute(terraformAttribute *string) *string
- Type: *string
func GetStringMapAttribute(terraformAttribute *string) *map[string]*string
- Type: *string
func HasResourceMove() interface{}
func ImportFrom(id *string, provider TerraformProvider)
- Type: *string
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProvider
func InterpolationForAttribute(terraformAttribute *string) IResolvable
- Type: *string
func MoveFromId(id *string)
Move the resource corresponding to "id" to this resource.
Note that the resource being moved from must be marked as moved using it's instance function.
- Type: *string
Full id of resource being moved from, e.g. "aws_s3_bucket.example".
func MoveTo(moveTarget *string, index interface{})
Moves this resource to the target resource given by moveTarget.
- Type: *string
The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.
- Type: interface{}
Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.
func MoveToId(id *string)
Moves this resource to the resource corresponding to "id".
- Type: *string
Full id of resource to move to, e.g. "aws_s3_bucket.example".
func ResetAccountLinkAction()
func ResetAccountLinkGroupInclude()
func ResetDeprovisionedAction()
func ResetGroupsAction()
func ResetGroupsAssignment()
func ResetGroupsAttribute()
func ResetGroupsFilter()
func ResetId()
func ResetIssuerMode()
func ResetMaxClockSkew()
func ResetProfileMaster()
func ResetProtocolType()
func ResetProvisioningAction()
func ResetRequestSignatureAlgorithm()
func ResetRequestSignatureScope()
func ResetStatus()
func ResetSubjectMatchAttribute()
func ResetSubjectMatchType()
func ResetSuspendedAction()
func ResetUserInfoBinding()
func ResetUserInfoUrl()
func ResetUsernameTemplate()
Name | Description |
---|---|
IsConstruct |
Checks if x is a construct. |
IsTerraformElement |
No description. |
IsTerraformResource |
No description. |
GenerateConfigForImport |
Generates CDKTF code for importing a IdpOidc resource upon running "cdktf plan ". |
import "github.com/cdktf/cdktf-provider-okta-go/okta/v13/idpoidc"
idpoidc.IdpOidc_IsConstruct(x interface{}) *bool
Checks if x
is a construct.
Use this method instead of instanceof
to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs
library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct
in each copy of the constructs
library
is seen as a different class, and an instance of one class will not test as
instanceof
the other class. npm install
will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof
will behave
unpredictably. It is safest to avoid using instanceof
, and using
this type-testing method instead.
- Type: interface{}
Any object.
import "github.com/cdktf/cdktf-provider-okta-go/okta/v13/idpoidc"
idpoidc.IdpOidc_IsTerraformElement(x interface{}) *bool
- Type: interface{}
import "github.com/cdktf/cdktf-provider-okta-go/okta/v13/idpoidc"
idpoidc.IdpOidc_IsTerraformResource(x interface{}) *bool
- Type: interface{}
import "github.com/cdktf/cdktf-provider-okta-go/okta/v13/idpoidc"
idpoidc.IdpOidc_GenerateConfigForImport(scope Construct, importToId *string, importFromId *string, provider TerraformProvider) ImportableResource
Generates CDKTF code for importing a IdpOidc resource upon running "cdktf plan ".
- Type: github.com/aws/constructs-go/constructs/v10.Construct
The scope in which to define this construct.
- Type: *string
The construct id used in the generated config for the IdpOidc to import.
- Type: *string
The id of the existing IdpOidc that should be imported.
Refer to the {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#import import section} in the documentation of this resource for the id to use
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProvider
? Optional instance of the provider where the IdpOidc to import is found.
Name | Type | Description |
---|---|---|
Node |
github.com/aws/constructs-go/constructs/v10.Node |
The tree node. |
CdktfStack |
github.com/hashicorp/terraform-cdk-go/cdktf.TerraformStack |
No description. |
Fqn |
*string |
No description. |
FriendlyUniqueId |
*string |
No description. |
TerraformMetaArguments |
*map[string]interface{} |
No description. |
TerraformResourceType |
*string |
No description. |
TerraformGeneratorMetadata |
github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProviderGeneratorMetadata |
No description. |
Connection |
interface{} |
No description. |
Count |
interface{} |
No description. |
DependsOn |
*[]*string |
No description. |
ForEach |
github.com/hashicorp/terraform-cdk-go/cdktf.ITerraformIterator |
No description. |
Lifecycle |
github.com/hashicorp/terraform-cdk-go/cdktf.TerraformResourceLifecycle |
No description. |
Provider |
github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProvider |
No description. |
Provisioners |
*[]interface{} |
No description. |
Type |
*string |
No description. |
UserTypeId |
*string |
No description. |
AccountLinkActionInput |
*string |
No description. |
AccountLinkGroupIncludeInput |
*[]*string |
No description. |
AuthorizationBindingInput |
*string |
No description. |
AuthorizationUrlInput |
*string |
No description. |
ClientIdInput |
*string |
No description. |
ClientSecretInput |
*string |
No description. |
DeprovisionedActionInput |
*string |
No description. |
GroupsActionInput |
*string |
No description. |
GroupsAssignmentInput |
*[]*string |
No description. |
GroupsAttributeInput |
*string |
No description. |
GroupsFilterInput |
*[]*string |
No description. |
IdInput |
*string |
No description. |
IssuerModeInput |
*string |
No description. |
IssuerUrlInput |
*string |
No description. |
JwksBindingInput |
*string |
No description. |
JwksUrlInput |
*string |
No description. |
MaxClockSkewInput |
*f64 |
No description. |
NameInput |
*string |
No description. |
ProfileMasterInput |
interface{} |
No description. |
ProtocolTypeInput |
*string |
No description. |
ProvisioningActionInput |
*string |
No description. |
RequestSignatureAlgorithmInput |
*string |
No description. |
RequestSignatureScopeInput |
*string |
No description. |
ScopesInput |
*[]*string |
No description. |
StatusInput |
*string |
No description. |
SubjectMatchAttributeInput |
*string |
No description. |
SubjectMatchTypeInput |
*string |
No description. |
SuspendedActionInput |
*string |
No description. |
TokenBindingInput |
*string |
No description. |
TokenUrlInput |
*string |
No description. |
UserInfoBindingInput |
*string |
No description. |
UserInfoUrlInput |
*string |
No description. |
UsernameTemplateInput |
*string |
No description. |
AccountLinkAction |
*string |
No description. |
AccountLinkGroupInclude |
*[]*string |
No description. |
AuthorizationBinding |
*string |
No description. |
AuthorizationUrl |
*string |
No description. |
ClientId |
*string |
No description. |
ClientSecret |
*string |
No description. |
DeprovisionedAction |
*string |
No description. |
GroupsAction |
*string |
No description. |
GroupsAssignment |
*[]*string |
No description. |
GroupsAttribute |
*string |
No description. |
GroupsFilter |
*[]*string |
No description. |
Id |
*string |
No description. |
IssuerMode |
*string |
No description. |
IssuerUrl |
*string |
No description. |
JwksBinding |
*string |
No description. |
JwksUrl |
*string |
No description. |
MaxClockSkew |
*f64 |
No description. |
Name |
*string |
No description. |
ProfileMaster |
interface{} |
No description. |
ProtocolType |
*string |
No description. |
ProvisioningAction |
*string |
No description. |
RequestSignatureAlgorithm |
*string |
No description. |
RequestSignatureScope |
*string |
No description. |
Scopes |
*[]*string |
No description. |
Status |
*string |
No description. |
SubjectMatchAttribute |
*string |
No description. |
SubjectMatchType |
*string |
No description. |
SuspendedAction |
*string |
No description. |
TokenBinding |
*string |
No description. |
TokenUrl |
*string |
No description. |
UserInfoBinding |
*string |
No description. |
UserInfoUrl |
*string |
No description. |
UsernameTemplate |
*string |
No description. |
func Node() Node
- Type: github.com/aws/constructs-go/constructs/v10.Node
The tree node.
func CdktfStack() TerraformStack
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformStack
func Fqn() *string
- Type: *string
func FriendlyUniqueId() *string
- Type: *string
func TerraformMetaArguments() *map[string]interface{}
- Type: *map[string]interface{}
func TerraformResourceType() *string
- Type: *string
func TerraformGeneratorMetadata() TerraformProviderGeneratorMetadata
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProviderGeneratorMetadata
func Connection() interface{}
- Type: interface{}
func Count() interface{}
- Type: interface{}
func DependsOn() *[]*string
- Type: *[]*string
func ForEach() ITerraformIterator
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.ITerraformIterator
func Lifecycle() TerraformResourceLifecycle
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformResourceLifecycle
func Provider() TerraformProvider
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProvider
func Provisioners() *[]interface{}
- Type: *[]interface{}
func Type() *string
- Type: *string
func UserTypeId() *string
- Type: *string
func AccountLinkActionInput() *string
- Type: *string
func AccountLinkGroupIncludeInput() *[]*string
- Type: *[]*string
func AuthorizationBindingInput() *string
- Type: *string
func AuthorizationUrlInput() *string
- Type: *string
func ClientIdInput() *string
- Type: *string
func ClientSecretInput() *string
- Type: *string
func DeprovisionedActionInput() *string
- Type: *string
func GroupsActionInput() *string
- Type: *string
func GroupsAssignmentInput() *[]*string
- Type: *[]*string
func GroupsAttributeInput() *string
- Type: *string
func GroupsFilterInput() *[]*string
- Type: *[]*string
func IdInput() *string
- Type: *string
func IssuerModeInput() *string
- Type: *string
func IssuerUrlInput() *string
- Type: *string
func JwksBindingInput() *string
- Type: *string
func JwksUrlInput() *string
- Type: *string
func MaxClockSkewInput() *f64
- Type: *f64
func NameInput() *string
- Type: *string
func ProfileMasterInput() interface{}
- Type: interface{}
func ProtocolTypeInput() *string
- Type: *string
func ProvisioningActionInput() *string
- Type: *string
func RequestSignatureAlgorithmInput() *string
- Type: *string
func RequestSignatureScopeInput() *string
- Type: *string
func ScopesInput() *[]*string
- Type: *[]*string
func StatusInput() *string
- Type: *string
func SubjectMatchAttributeInput() *string
- Type: *string
func SubjectMatchTypeInput() *string
- Type: *string
func SuspendedActionInput() *string
- Type: *string
func TokenBindingInput() *string
- Type: *string
func TokenUrlInput() *string
- Type: *string
func UserInfoBindingInput() *string
- Type: *string
func UserInfoUrlInput() *string
- Type: *string
func UsernameTemplateInput() *string
- Type: *string
func AccountLinkAction() *string
- Type: *string
func AccountLinkGroupInclude() *[]*string
- Type: *[]*string
func AuthorizationBinding() *string
- Type: *string
func AuthorizationUrl() *string
- Type: *string
func ClientId() *string
- Type: *string
func ClientSecret() *string
- Type: *string
func DeprovisionedAction() *string
- Type: *string
func GroupsAction() *string
- Type: *string
func GroupsAssignment() *[]*string
- Type: *[]*string
func GroupsAttribute() *string
- Type: *string
func GroupsFilter() *[]*string
- Type: *[]*string
func Id() *string
- Type: *string
func IssuerMode() *string
- Type: *string
func IssuerUrl() *string
- Type: *string
func JwksBinding() *string
- Type: *string
func JwksUrl() *string
- Type: *string
func MaxClockSkew() *f64
- Type: *f64
func Name() *string
- Type: *string
func ProfileMaster() interface{}
- Type: interface{}
func ProtocolType() *string
- Type: *string
func ProvisioningAction() *string
- Type: *string
func RequestSignatureAlgorithm() *string
- Type: *string
func RequestSignatureScope() *string
- Type: *string
func Scopes() *[]*string
- Type: *[]*string
func Status() *string
- Type: *string
func SubjectMatchAttribute() *string
- Type: *string
func SubjectMatchType() *string
- Type: *string
func SuspendedAction() *string
- Type: *string
func TokenBinding() *string
- Type: *string
func TokenUrl() *string
- Type: *string
func UserInfoBinding() *string
- Type: *string
func UserInfoUrl() *string
- Type: *string
func UsernameTemplate() *string
- Type: *string
Name | Type | Description |
---|---|---|
TfResourceType |
*string |
No description. |
func TfResourceType() *string
- Type: *string
import "github.com/cdktf/cdktf-provider-okta-go/okta/v13/idpoidc"
&idpoidc.IdpOidcConfig {
Connection: interface{},
Count: interface{},
DependsOn: *[]github.com/hashicorp/terraform-cdk-go/cdktf.ITerraformDependable,
ForEach: github.com/hashicorp/terraform-cdk-go/cdktf.ITerraformIterator,
Lifecycle: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformResourceLifecycle,
Provider: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProvider,
Provisioners: *[]interface{},
AuthorizationBinding: *string,
AuthorizationUrl: *string,
ClientId: *string,
ClientSecret: *string,
IssuerUrl: *string,
JwksBinding: *string,
JwksUrl: *string,
Name: *string,
Scopes: *[]*string,
TokenBinding: *string,
TokenUrl: *string,
AccountLinkAction: *string,
AccountLinkGroupInclude: *[]*string,
DeprovisionedAction: *string,
GroupsAction: *string,
GroupsAssignment: *[]*string,
GroupsAttribute: *string,
GroupsFilter: *[]*string,
Id: *string,
IssuerMode: *string,
MaxClockSkew: *f64,
ProfileMaster: interface{},
ProtocolType: *string,
ProvisioningAction: *string,
RequestSignatureAlgorithm: *string,
RequestSignatureScope: *string,
Status: *string,
SubjectMatchAttribute: *string,
SubjectMatchType: *string,
SuspendedAction: *string,
UserInfoBinding: *string,
UserInfoUrl: *string,
UsernameTemplate: *string,
}
Name | Type | Description |
---|---|---|
Connection |
interface{} |
No description. |
Count |
interface{} |
No description. |
DependsOn |
*[]github.com/hashicorp/terraform-cdk-go/cdktf.ITerraformDependable |
No description. |
ForEach |
github.com/hashicorp/terraform-cdk-go/cdktf.ITerraformIterator |
No description. |
Lifecycle |
github.com/hashicorp/terraform-cdk-go/cdktf.TerraformResourceLifecycle |
No description. |
Provider |
github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProvider |
No description. |
Provisioners |
*[]interface{} |
No description. |
AuthorizationBinding |
*string |
The method of making an authorization request. It can be set to HTTP-POST or HTTP-REDIRECT . |
AuthorizationUrl |
*string |
IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant. |
ClientId |
*string |
Unique identifier issued by AS for the Okta IdP instance. |
ClientSecret |
*string |
Client secret issued by AS for the Okta IdP instance. |
IssuerUrl |
*string |
URI that identifies the issuer. |
JwksBinding |
*string |
The method of making a request for the OIDC JWKS. It can be set to HTTP-POST or HTTP-REDIRECT . |
JwksUrl |
*string |
Endpoint where the keys signer publishes its keys in a JWK Set. |
Name |
*string |
Name of the IdP. |
Scopes |
*[]*string |
The scopes of the IdP. |
TokenBinding |
*string |
The method of making a token request. It can be set to HTTP-POST or HTTP-REDIRECT . |
TokenUrl |
*string |
IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token. |
AccountLinkAction |
*string |
Specifies the account linking action for an IdP user. Default: AUTO . |
AccountLinkGroupInclude |
*[]*string |
Group memberships to determine link candidates. |
DeprovisionedAction |
*string |
Action for a previously deprovisioned IdP user during authentication. Can be NONE or REACTIVATE . Default: NONE . |
GroupsAction |
*string |
Provisioning action for IdP user's group memberships. It can be NONE , SYNC , APPEND , or ASSIGN . Default: NONE . |
GroupsAssignment |
*[]*string |
List of Okta Group IDs to add an IdP user as a member with the ASSIGN groups_action . |
GroupsAttribute |
*string |
IdP user profile attribute name (case-insensitive) for an array value that contains group memberships. |
GroupsFilter |
*[]*string |
Whitelist of Okta Group identifiers that are allowed for the APPEND or SYNC groups_action . |
Id |
*string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#id IdpOidc#id}. |
IssuerMode |
*string |
Indicates whether Okta uses the original Okta org domain URL, a custom domain URL, or dynamic. |
MaxClockSkew |
*f64 |
Maximum allowable clock-skew when processing messages from the IdP. |
ProfileMaster |
interface{} |
Determines if the IdP should act as a source of truth for user profile attributes. |
ProtocolType |
*string |
The type of protocol to use. It can be OIDC or OAUTH2 . Default: OIDC . |
ProvisioningAction |
*string |
Provisioning action for an IdP user during authentication. Default: AUTO . |
RequestSignatureAlgorithm |
*string |
The HMAC Signature Algorithm used when signing an authorization request. |
RequestSignatureScope |
*string |
Specifies whether to digitally sign an AuthnRequest messages to the IdP. |
Status |
*string |
Default to ACTIVE . |
SubjectMatchAttribute |
*string |
Okta user profile attribute for matching transformed IdP username. Only for matchType CUSTOM_ATTRIBUTE . |
SubjectMatchType |
*string |
Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username. |
SuspendedAction |
*string |
Action for a previously suspended IdP user during authentication. Can be NONE or REACTIVATE . Default: NONE . |
UserInfoBinding |
*string |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#user_info_binding IdpOidc#user_info_binding}. |
UserInfoUrl |
*string |
Protected resource endpoint that returns claims about the authenticated user. |
UsernameTemplate |
*string |
Okta EL Expression to generate or transform a unique username for the IdP user. Default: idpuser.email . |
Connection interface{}
- Type: interface{}
Count interface{}
- Type: interface{}
DependsOn *[]ITerraformDependable
- Type: *[]github.com/hashicorp/terraform-cdk-go/cdktf.ITerraformDependable
ForEach ITerraformIterator
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.ITerraformIterator
Lifecycle TerraformResourceLifecycle
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformResourceLifecycle
Provider TerraformProvider
- Type: github.com/hashicorp/terraform-cdk-go/cdktf.TerraformProvider
Provisioners *[]interface{}
- Type: *[]interface{}
AuthorizationBinding *string
- Type: *string
The method of making an authorization request. It can be set to HTTP-POST
or HTTP-REDIRECT
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#authorization_binding IdpOidc#authorization_binding}
AuthorizationUrl *string
- Type: *string
IdP Authorization Server (AS) endpoint to request consent from the user and obtain an authorization code grant.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#authorization_url IdpOidc#authorization_url}
ClientId *string
- Type: *string
Unique identifier issued by AS for the Okta IdP instance.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#client_id IdpOidc#client_id}
ClientSecret *string
- Type: *string
Client secret issued by AS for the Okta IdP instance.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#client_secret IdpOidc#client_secret}
IssuerUrl *string
- Type: *string
URI that identifies the issuer.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#issuer_url IdpOidc#issuer_url}
JwksBinding *string
- Type: *string
The method of making a request for the OIDC JWKS. It can be set to HTTP-POST
or HTTP-REDIRECT
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#jwks_binding IdpOidc#jwks_binding}
JwksUrl *string
- Type: *string
Endpoint where the keys signer publishes its keys in a JWK Set.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#jwks_url IdpOidc#jwks_url}
Name *string
- Type: *string
Name of the IdP.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#name IdpOidc#name}
Scopes *[]*string
- Type: *[]*string
The scopes of the IdP.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#scopes IdpOidc#scopes}
TokenBinding *string
- Type: *string
The method of making a token request. It can be set to HTTP-POST
or HTTP-REDIRECT
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#token_binding IdpOidc#token_binding}
TokenUrl *string
- Type: *string
IdP Authorization Server (AS) endpoint to exchange the authorization code grant for an access token.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#token_url IdpOidc#token_url}
AccountLinkAction *string
- Type: *string
Specifies the account linking action for an IdP user. Default: AUTO
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#account_link_action IdpOidc#account_link_action}
AccountLinkGroupInclude *[]*string
- Type: *[]*string
Group memberships to determine link candidates.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#account_link_group_include IdpOidc#account_link_group_include}
DeprovisionedAction *string
- Type: *string
Action for a previously deprovisioned IdP user during authentication. Can be NONE
or REACTIVATE
. Default: NONE
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#deprovisioned_action IdpOidc#deprovisioned_action}
GroupsAction *string
- Type: *string
Provisioning action for IdP user's group memberships. It can be NONE
, SYNC
, APPEND
, or ASSIGN
. Default: NONE
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#groups_action IdpOidc#groups_action}
GroupsAssignment *[]*string
- Type: *[]*string
List of Okta Group IDs to add an IdP user as a member with the ASSIGN
groups_action
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#groups_assignment IdpOidc#groups_assignment}
GroupsAttribute *string
- Type: *string
IdP user profile attribute name (case-insensitive) for an array value that contains group memberships.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#groups_attribute IdpOidc#groups_attribute}
GroupsFilter *[]*string
- Type: *[]*string
Whitelist of Okta Group identifiers that are allowed for the APPEND
or SYNC
groups_action
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#groups_filter IdpOidc#groups_filter}
Id *string
- Type: *string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#id IdpOidc#id}.
Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
IssuerMode *string
- Type: *string
Indicates whether Okta uses the original Okta org domain URL, a custom domain URL, or dynamic.
It can be ORG_URL
, CUSTOM_URL
, or DYNAMIC
. Default: ORG_URL
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#issuer_mode IdpOidc#issuer_mode}
MaxClockSkew *f64
- Type: *f64
Maximum allowable clock-skew when processing messages from the IdP.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#max_clock_skew IdpOidc#max_clock_skew}
ProfileMaster interface{}
- Type: interface{}
Determines if the IdP should act as a source of truth for user profile attributes.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#profile_master IdpOidc#profile_master}
ProtocolType *string
- Type: *string
The type of protocol to use. It can be OIDC
or OAUTH2
. Default: OIDC
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#protocol_type IdpOidc#protocol_type}
ProvisioningAction *string
- Type: *string
Provisioning action for an IdP user during authentication. Default: AUTO
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#provisioning_action IdpOidc#provisioning_action}
RequestSignatureAlgorithm *string
- Type: *string
The HMAC Signature Algorithm used when signing an authorization request.
Defaults to HS256
. It can be HS256
, HS384
, HS512
, SHA-256
. RS256
, RS384
, or RS512
. NOTE: SHA-256
an undocumented legacy value and not continue to be valid. See API docs https://developer.okta.com/docs/reference/api/idps/#oidc-request-signature-algorithm-object
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#request_signature_algorithm IdpOidc#request_signature_algorithm}
RequestSignatureScope *string
- Type: *string
Specifies whether to digitally sign an AuthnRequest messages to the IdP.
Defaults to REQUEST
. It can be REQUEST
or NONE
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#request_signature_scope IdpOidc#request_signature_scope}
Status *string
- Type: *string
Default to ACTIVE
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#status IdpOidc#status}
SubjectMatchAttribute *string
- Type: *string
Okta user profile attribute for matching transformed IdP username. Only for matchType CUSTOM_ATTRIBUTE
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#subject_match_attribute IdpOidc#subject_match_attribute}
SubjectMatchType *string
- Type: *string
Determines the Okta user profile attribute match conditions for account linking and authentication of the transformed IdP username.
By default, it is set to USERNAME
. It can be set to USERNAME
, EMAIL
, USERNAME_OR_EMAIL
or CUSTOM_ATTRIBUTE
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#subject_match_type IdpOidc#subject_match_type}
SuspendedAction *string
- Type: *string
Action for a previously suspended IdP user during authentication. Can be NONE
or REACTIVATE
. Default: NONE
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#suspended_action IdpOidc#suspended_action}
UserInfoBinding *string
- Type: *string
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#user_info_binding IdpOidc#user_info_binding}.
UserInfoUrl *string
- Type: *string
Protected resource endpoint that returns claims about the authenticated user.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#user_info_url IdpOidc#user_info_url}
UsernameTemplate *string
- Type: *string
Okta EL Expression to generate or transform a unique username for the IdP user. Default: idpuser.email
.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/okta/okta/4.8.1/docs/resources/idp_oidc#username_template IdpOidc#username_template}