MongoDB Atlas v3.16.2, Jun 21 24

MongoDB Atlas v3.16.2 published on Friday, Jun 21, 2024 by Pulumi

mongodbatlas.FederatedSettingsIdentityProvider

Explore with Pulumi AI

MongoDB Atlas v3.16.2 published on Friday, Jun 21, 2024 by Pulumi

Example Usage

IMPORTANT If you want to use a SAML Identity Provider, you MUST import this resource before you can manage it with this provider.

SAML IdP:

import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const identityProvider = new mongodbatlas.FederatedSettingsIdentityProvider("identity_provider", {
    federationSettingsId: "627a9687f7f7f7f774de306f14",
    name: "mongodb_federation_test",
    associatedDomains: ["yourdomain.com"],
    ssoDebugEnabled: true,
    status: "ACTIVE",
    ssoUrl: "https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
    issuerUri: "http://www.okta.com/exk17q7f7f7f7fp50h8",
    requestBinding: "HTTP-POST",
    responseSignatureAlgorithm: "SHA-256",
});

import pulumi
import pulumi_mongodbatlas as mongodbatlas

identity_provider = mongodbatlas.FederatedSettingsIdentityProvider("identity_provider",
    federation_settings_id="627a9687f7f7f7f774de306f14",
    name="mongodb_federation_test",
    associated_domains=["yourdomain.com"],
    sso_debug_enabled=True,
    status="ACTIVE",
    sso_url="https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
    issuer_uri="http://www.okta.com/exk17q7f7f7f7fp50h8",
    request_binding="HTTP-POST",
    response_signature_algorithm="SHA-256")

package main

import (
	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewFederatedSettingsIdentityProvider(ctx, "identity_provider", &mongodbatlas.FederatedSettingsIdentityProviderArgs{
			FederationSettingsId: pulumi.String("627a9687f7f7f7f774de306f14"),
			Name:                 pulumi.String("mongodb_federation_test"),
			AssociatedDomains: pulumi.StringArray{
				pulumi.String("yourdomain.com"),
			},
			SsoDebugEnabled:            pulumi.Bool(true),
			Status:                     pulumi.String("ACTIVE"),
			SsoUrl:                     pulumi.String("https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml"),
			IssuerUri:                  pulumi.String("http://www.okta.com/exk17q7f7f7f7fp50h8"),
			RequestBinding:             pulumi.String("HTTP-POST"),
			ResponseSignatureAlgorithm: pulumi.String("SHA-256"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var identityProvider = new Mongodbatlas.FederatedSettingsIdentityProvider("identity_provider", new()
    {
        FederationSettingsId = "627a9687f7f7f7f774de306f14",
        Name = "mongodb_federation_test",
        AssociatedDomains = new[]
        {
            "yourdomain.com",
        },
        SsoDebugEnabled = true,
        Status = "ACTIVE",
        SsoUrl = "https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml",
        IssuerUri = "http://www.okta.com/exk17q7f7f7f7fp50h8",
        RequestBinding = "HTTP-POST",
        ResponseSignatureAlgorithm = "SHA-256",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.FederatedSettingsIdentityProvider;
import com.pulumi.mongodbatlas.FederatedSettingsIdentityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var identityProvider = new FederatedSettingsIdentityProvider("identityProvider", FederatedSettingsIdentityProviderArgs.builder()
            .federationSettingsId("627a9687f7f7f7f774de306f14")
            .name("mongodb_federation_test")
            .associatedDomains("yourdomain.com")
            .ssoDebugEnabled(true)
            .status("ACTIVE")
            .ssoUrl("https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml")
            .issuerUri("http://www.okta.com/exk17q7f7f7f7fp50h8")
            .requestBinding("HTTP-POST")
            .responseSignatureAlgorithm("SHA-256")
            .build());

    }
}

resources:
  identityProvider:
    type: mongodbatlas:FederatedSettingsIdentityProvider
    name: identity_provider
    properties:
      federationSettingsId: 627a9687f7f7f7f774de306f14
      name: mongodb_federation_test
      associatedDomains:
        - yourdomain.com
      ssoDebugEnabled: true
      status: ACTIVE
      ssoUrl: https://mysso.oktapreview.com/app/mysso_terraformtestsso/exk17q7f7f7f7f50h8/sso/saml
      issuerUri: http://www.okta.com/exk17q7f7f7f7fp50h8
      requestBinding: HTTP-POST
      responseSignatureAlgorithm: SHA-256

OIDC IdP:

import * as pulumi from "@pulumi/pulumi";
import * as mongodbatlas from "@pulumi/mongodbatlas";

const oidc = new mongodbatlas.FederatedSettingsIdentityProvider("oidc", {
    federationSettingsId: _this.id,
    audience: tokenAudience,
    authorizationType: "USER",
    description: "oidc",
    issuerUri: `https://sts.windows.net/${thisAzurermUserAssignedIdentity.tenantId}/`,
    idpType: "WORKLOAD",
    name: "OIDC-for-azure",
    protocol: "OIDC",
    userClaim: "sub",
});

import pulumi
import pulumi_mongodbatlas as mongodbatlas

oidc = mongodbatlas.FederatedSettingsIdentityProvider("oidc",
    federation_settings_id=this["id"],
    audience=token_audience,
    authorization_type="USER",
    description="oidc",
    issuer_uri=f"https://sts.windows.net/{this_azurerm_user_assigned_identity['tenantId']}/",
    idp_type="WORKLOAD",
    name="OIDC-for-azure",
    protocol="OIDC",
    user_claim="sub")

package main

import (
	"fmt"

	"github.com/pulumi/pulumi-mongodbatlas/sdk/v3/go/mongodbatlas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := mongodbatlas.NewFederatedSettingsIdentityProvider(ctx, "oidc", &mongodbatlas.FederatedSettingsIdentityProviderArgs{
			FederationSettingsId: pulumi.Any(this.Id),
			Audience:             pulumi.Any(tokenAudience),
			AuthorizationType:    pulumi.String("USER"),
			Description:          pulumi.String("oidc"),
			IssuerUri:            pulumi.String(fmt.Sprintf("https://sts.windows.net/%v/", thisAzurermUserAssignedIdentity.TenantId)),
			IdpType:              pulumi.String("WORKLOAD"),
			Name:                 pulumi.String("OIDC-for-azure"),
			Protocol:             pulumi.String("OIDC"),
			UserClaim:            pulumi.String("sub"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Mongodbatlas = Pulumi.Mongodbatlas;

return await Deployment.RunAsync(() => 
{
    var oidc = new Mongodbatlas.FederatedSettingsIdentityProvider("oidc", new()
    {
        FederationSettingsId = @this.Id,
        Audience = tokenAudience,
        AuthorizationType = "USER",
        Description = "oidc",
        IssuerUri = $"https://sts.windows.net/{thisAzurermUserAssignedIdentity.TenantId}/",
        IdpType = "WORKLOAD",
        Name = "OIDC-for-azure",
        Protocol = "OIDC",
        UserClaim = "sub",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.mongodbatlas.FederatedSettingsIdentityProvider;
import com.pulumi.mongodbatlas.FederatedSettingsIdentityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var oidc = new FederatedSettingsIdentityProvider("oidc", FederatedSettingsIdentityProviderArgs.builder()
            .federationSettingsId(this_.id())
            .audience(tokenAudience)
            .authorizationType("USER")
            .description("oidc")
            .issuerUri(String.format("https://sts.windows.net/%s/", thisAzurermUserAssignedIdentity.tenantId()))
            .idpType("WORKLOAD")
            .name("OIDC-for-azure")
            .protocol("OIDC")
            .userClaim("sub")
            .build());

    }
}

resources:
  oidc:
    type: mongodbatlas:FederatedSettingsIdentityProvider
    properties:
      federationSettingsId: ${this.id}
      audience: ${tokenAudience}
      authorizationType: USER
      description: oidc
      issuerUri: https://sts.windows.net/${thisAzurermUserAssignedIdentity.tenantId}/
      idpType: WORKLOAD
      name: OIDC-for-azure
      protocol: OIDC
      userClaim: sub

Create FederatedSettingsIdentityProvider Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new FederatedSettingsIdentityProvider(name: string, args: FederatedSettingsIdentityProviderArgs, opts?: CustomResourceOptions);

@overload
def FederatedSettingsIdentityProvider(resource_name: str,
                                      args: FederatedSettingsIdentityProviderArgs,
                                      opts: Optional[ResourceOptions] = None)

@overload
def FederatedSettingsIdentityProvider(resource_name: str,
                                      opts: Optional[ResourceOptions] = None,
                                      federation_settings_id: Optional[str] = None,
                                      issuer_uri: Optional[str] = None,
                                      description: Optional[str] = None,
                                      name: Optional[str] = None,
                                      associated_domains: Optional[Sequence[str]] = None,
                                      authorization_type: Optional[str] = None,
                                      groups_claim: Optional[str] = None,
                                      idp_type: Optional[str] = None,
                                      audience: Optional[str] = None,
                                      client_id: Optional[str] = None,
                                      protocol: Optional[str] = None,
                                      request_binding: Optional[str] = None,
                                      requested_scopes: Optional[Sequence[str]] = None,
                                      response_signature_algorithm: Optional[str] = None,
                                      sso_debug_enabled: Optional[bool] = None,
                                      sso_url: Optional[str] = None,
                                      status: Optional[str] = None,
                                      user_claim: Optional[str] = None)

func NewFederatedSettingsIdentityProvider(ctx *Context, name string, args FederatedSettingsIdentityProviderArgs, opts ...ResourceOption) (*FederatedSettingsIdentityProvider, error)

public FederatedSettingsIdentityProvider(string name, FederatedSettingsIdentityProviderArgs args, CustomResourceOptions? opts = null)

public FederatedSettingsIdentityProvider(String name, FederatedSettingsIdentityProviderArgs args)
public FederatedSettingsIdentityProvider(String name, FederatedSettingsIdentityProviderArgs args, CustomResourceOptions options)

type: mongodbatlas:FederatedSettingsIdentityProvider
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args FederatedSettingsIdentityProviderArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args FederatedSettingsIdentityProviderArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args FederatedSettingsIdentityProviderArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FederatedSettingsIdentityProviderArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args FederatedSettingsIdentityProviderArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var federatedSettingsIdentityProviderResource = new Mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", new()
{
    FederationSettingsId = "string",
    IssuerUri = "string",
    Description = "string",
    Name = "string",
    AssociatedDomains = new[]
    {
        "string",
    },
    AuthorizationType = "string",
    GroupsClaim = "string",
    IdpType = "string",
    Audience = "string",
    ClientId = "string",
    Protocol = "string",
    RequestBinding = "string",
    RequestedScopes = new[]
    {
        "string",
    },
    ResponseSignatureAlgorithm = "string",
    SsoDebugEnabled = false,
    SsoUrl = "string",
    Status = "string",
    UserClaim = "string",
});

example, err := mongodbatlas.NewFederatedSettingsIdentityProvider(ctx, "federatedSettingsIdentityProviderResource", &mongodbatlas.FederatedSettingsIdentityProviderArgs{
	FederationSettingsId: pulumi.String("string"),
	IssuerUri:            pulumi.String("string"),
	Description:          pulumi.String("string"),
	Name:                 pulumi.String("string"),
	AssociatedDomains: pulumi.StringArray{
		pulumi.String("string"),
	},
	AuthorizationType: pulumi.String("string"),
	GroupsClaim:       pulumi.String("string"),
	IdpType:           pulumi.String("string"),
	Audience:          pulumi.String("string"),
	ClientId:          pulumi.String("string"),
	Protocol:          pulumi.String("string"),
	RequestBinding:    pulumi.String("string"),
	RequestedScopes: pulumi.StringArray{
		pulumi.String("string"),
	},
	ResponseSignatureAlgorithm: pulumi.String("string"),
	SsoDebugEnabled:            pulumi.Bool(false),
	SsoUrl:                     pulumi.String("string"),
	Status:                     pulumi.String("string"),
	UserClaim:                  pulumi.String("string"),
})

var federatedSettingsIdentityProviderResource = new FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", FederatedSettingsIdentityProviderArgs.builder()
    .federationSettingsId("string")
    .issuerUri("string")
    .description("string")
    .name("string")
    .associatedDomains("string")
    .authorizationType("string")
    .groupsClaim("string")
    .idpType("string")
    .audience("string")
    .clientId("string")
    .protocol("string")
    .requestBinding("string")
    .requestedScopes("string")
    .responseSignatureAlgorithm("string")
    .ssoDebugEnabled(false)
    .ssoUrl("string")
    .status("string")
    .userClaim("string")
    .build());

federated_settings_identity_provider_resource = mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource",
    federation_settings_id="string",
    issuer_uri="string",
    description="string",
    name="string",
    associated_domains=["string"],
    authorization_type="string",
    groups_claim="string",
    idp_type="string",
    audience="string",
    client_id="string",
    protocol="string",
    request_binding="string",
    requested_scopes=["string"],
    response_signature_algorithm="string",
    sso_debug_enabled=False,
    sso_url="string",
    status="string",
    user_claim="string")

const federatedSettingsIdentityProviderResource = new mongodbatlas.FederatedSettingsIdentityProvider("federatedSettingsIdentityProviderResource", {
    federationSettingsId: "string",
    issuerUri: "string",
    description: "string",
    name: "string",
    associatedDomains: ["string"],
    authorizationType: "string",
    groupsClaim: "string",
    idpType: "string",
    audience: "string",
    clientId: "string",
    protocol: "string",
    requestBinding: "string",
    requestedScopes: ["string"],
    responseSignatureAlgorithm: "string",
    ssoDebugEnabled: false,
    ssoUrl: "string",
    status: "string",
    userClaim: "string",
});

type: mongodbatlas:FederatedSettingsIdentityProvider
properties:
    associatedDomains:
        - string
    audience: string
    authorizationType: string
    clientId: string
    description: string
    federationSettingsId: string
    groupsClaim: string
    idpType: string
    issuerUri: string
    name: string
    protocol: string
    requestBinding: string
    requestedScopes:
        - string
    responseSignatureAlgorithm: string
    ssoDebugEnabled: false
    ssoUrl: string
    status: string
    userClaim: string

FederatedSettingsIdentityProvider Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The FederatedSettingsIdentityProvider resource accepts the following input properties:

FederationSettingsId string

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

IssuerUri string

Unique string that identifies the issuer of the IdP.

AssociatedDomains List<string>

List that contains the domains associated with the identity provider.

Audience string

Identifier of the intended recipient of the token used in OIDC IdP.

AuthorizationType string

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

ClientId string

Client identifier that is assigned to an application by the OIDC Identity Provider.

Description string

The description of the identity provider.

GroupsClaim string

Identifier of the claim which contains OIDC IdP Group IDs in the token.

IdpType string

Name string

Human-readable label that identifies the identity provider.

Protocol string

The protocol of the identity provider. Either SAML or OIDC.

RequestBinding string

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

RequestedScopes List<string>

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

ResponseSignatureAlgorithm string

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

SsoDebugEnabled bool

Flag that indicates whether the identity provider has SSO debug enabled.

SsoUrl string

Unique string that identifies the intended audience of the SAML assertion.

Status string

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

UserClaim string

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

FederationSettingsId string

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

IssuerUri string

Unique string that identifies the issuer of the IdP.

AssociatedDomains []string

List that contains the domains associated with the identity provider.

Audience string

Identifier of the intended recipient of the token used in OIDC IdP.

AuthorizationType string

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

ClientId string

Client identifier that is assigned to an application by the OIDC Identity Provider.

Description string

The description of the identity provider.

GroupsClaim string

Identifier of the claim which contains OIDC IdP Group IDs in the token.

IdpType string

Name string

Human-readable label that identifies the identity provider.

Protocol string

The protocol of the identity provider. Either SAML or OIDC.

RequestBinding string

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

RequestedScopes []string

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

ResponseSignatureAlgorithm string

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

SsoDebugEnabled bool

Flag that indicates whether the identity provider has SSO debug enabled.

SsoUrl string

Unique string that identifies the intended audience of the SAML assertion.

Status string

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

UserClaim string

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

federationSettingsId String

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

issuerUri String

Unique string that identifies the issuer of the IdP.

associatedDomains List<String>

List that contains the domains associated with the identity provider.

audience String

Identifier of the intended recipient of the token used in OIDC IdP.

authorizationType String

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

clientId String

Client identifier that is assigned to an application by the OIDC Identity Provider.

description String

The description of the identity provider.

groupsClaim String

Identifier of the claim which contains OIDC IdP Group IDs in the token.

idpType String

name String

Human-readable label that identifies the identity provider.

protocol String

The protocol of the identity provider. Either SAML or OIDC.

requestBinding String

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

requestedScopes List<String>

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

responseSignatureAlgorithm String

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

ssoDebugEnabled Boolean

Flag that indicates whether the identity provider has SSO debug enabled.

ssoUrl String

Unique string that identifies the intended audience of the SAML assertion.

status String

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

userClaim String

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

federationSettingsId string

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

issuerUri string

Unique string that identifies the issuer of the IdP.

associatedDomains string[]

List that contains the domains associated with the identity provider.

audience string

Identifier of the intended recipient of the token used in OIDC IdP.

authorizationType string

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

clientId string

Client identifier that is assigned to an application by the OIDC Identity Provider.

description string

The description of the identity provider.

groupsClaim string

Identifier of the claim which contains OIDC IdP Group IDs in the token.

idpType string

name string

Human-readable label that identifies the identity provider.

protocol string

The protocol of the identity provider. Either SAML or OIDC.

requestBinding string

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

requestedScopes string[]

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

responseSignatureAlgorithm string

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

ssoDebugEnabled boolean

Flag that indicates whether the identity provider has SSO debug enabled.

ssoUrl string

Unique string that identifies the intended audience of the SAML assertion.

status string

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

userClaim string

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

federation_settings_id str

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

issuer_uri str

Unique string that identifies the issuer of the IdP.

associated_domains Sequence[str]

List that contains the domains associated with the identity provider.

audience str

Identifier of the intended recipient of the token used in OIDC IdP.

authorization_type str

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

client_id str

Client identifier that is assigned to an application by the OIDC Identity Provider.

description str

The description of the identity provider.

groups_claim str

Identifier of the claim which contains OIDC IdP Group IDs in the token.

idp_type str

name str

Human-readable label that identifies the identity provider.

protocol str

The protocol of the identity provider. Either SAML or OIDC.

request_binding str

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

requested_scopes Sequence[str]

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

response_signature_algorithm str

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

sso_debug_enabled bool

Flag that indicates whether the identity provider has SSO debug enabled.

sso_url str

Unique string that identifies the intended audience of the SAML assertion.

status str

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

user_claim str

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

federationSettingsId String

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

issuerUri String

Unique string that identifies the issuer of the IdP.

associatedDomains List<String>

List that contains the domains associated with the identity provider.

audience String

Identifier of the intended recipient of the token used in OIDC IdP.

authorizationType String

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

clientId String

Client identifier that is assigned to an application by the OIDC Identity Provider.

description String

The description of the identity provider.

groupsClaim String

Identifier of the claim which contains OIDC IdP Group IDs in the token.

idpType String

name String

Human-readable label that identifies the identity provider.

protocol String

The protocol of the identity provider. Either SAML or OIDC.

requestBinding String

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

requestedScopes List<String>

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

responseSignatureAlgorithm String

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

ssoDebugEnabled Boolean

Flag that indicates whether the identity provider has SSO debug enabled.

ssoUrl String

Unique string that identifies the intended audience of the SAML assertion.

status String

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

userClaim String

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

Outputs

All input properties are implicitly available as output properties. Additionally, the FederatedSettingsIdentityProvider resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
IdpId string: Unique 24-hexadecimal digit string that identifies the IdP.
OktaIdpId string: Unique 20-hexadecimal digit string that identifies the IdP.

Id string: The provider-assigned unique ID for this managed resource.
IdpId string: Unique 24-hexadecimal digit string that identifies the IdP.
OktaIdpId string: Unique 20-hexadecimal digit string that identifies the IdP.

id String: The provider-assigned unique ID for this managed resource.
idpId String: Unique 24-hexadecimal digit string that identifies the IdP.
oktaIdpId String: Unique 20-hexadecimal digit string that identifies the IdP.

id string: The provider-assigned unique ID for this managed resource.
idpId string: Unique 24-hexadecimal digit string that identifies the IdP.
oktaIdpId string: Unique 20-hexadecimal digit string that identifies the IdP.

id str: The provider-assigned unique ID for this managed resource.
idp_id str: Unique 24-hexadecimal digit string that identifies the IdP.
okta_idp_id str: Unique 20-hexadecimal digit string that identifies the IdP.

id String: The provider-assigned unique ID for this managed resource.
idpId String: Unique 24-hexadecimal digit string that identifies the IdP.
oktaIdpId String: Unique 20-hexadecimal digit string that identifies the IdP.

Look up Existing FederatedSettingsIdentityProvider Resource

Get an existing FederatedSettingsIdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FederatedSettingsIdentityProviderState, opts?: CustomResourceOptions): FederatedSettingsIdentityProvider

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        associated_domains: Optional[Sequence[str]] = None,
        audience: Optional[str] = None,
        authorization_type: Optional[str] = None,
        client_id: Optional[str] = None,
        description: Optional[str] = None,
        federation_settings_id: Optional[str] = None,
        groups_claim: Optional[str] = None,
        idp_id: Optional[str] = None,
        idp_type: Optional[str] = None,
        issuer_uri: Optional[str] = None,
        name: Optional[str] = None,
        okta_idp_id: Optional[str] = None,
        protocol: Optional[str] = None,
        request_binding: Optional[str] = None,
        requested_scopes: Optional[Sequence[str]] = None,
        response_signature_algorithm: Optional[str] = None,
        sso_debug_enabled: Optional[bool] = None,
        sso_url: Optional[str] = None,
        status: Optional[str] = None,
        user_claim: Optional[str] = None) -> FederatedSettingsIdentityProvider

func GetFederatedSettingsIdentityProvider(ctx *Context, name string, id IDInput, state *FederatedSettingsIdentityProviderState, opts ...ResourceOption) (*FederatedSettingsIdentityProvider, error)

public static FederatedSettingsIdentityProvider Get(string name, Input<string> id, FederatedSettingsIdentityProviderState? state, CustomResourceOptions? opts = null)

public static FederatedSettingsIdentityProvider get(String name, Output<String> id, FederatedSettingsIdentityProviderState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AssociatedDomains List<string>

List that contains the domains associated with the identity provider.

Audience string

Identifier of the intended recipient of the token used in OIDC IdP.

AuthorizationType string

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

ClientId string

Client identifier that is assigned to an application by the OIDC Identity Provider.

Description string

The description of the identity provider.

FederationSettingsId string

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

GroupsClaim string

Identifier of the claim which contains OIDC IdP Group IDs in the token.

IdpId string

Unique 24-hexadecimal digit string that identifies the IdP.

IdpType string

IssuerUri string

Unique string that identifies the issuer of the IdP.

Name string

Human-readable label that identifies the identity provider.

OktaIdpId string

Unique 20-hexadecimal digit string that identifies the IdP.

Protocol string

The protocol of the identity provider. Either SAML or OIDC.

RequestBinding string

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

RequestedScopes List<string>

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

ResponseSignatureAlgorithm string

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

SsoDebugEnabled bool

Flag that indicates whether the identity provider has SSO debug enabled.

SsoUrl string

Unique string that identifies the intended audience of the SAML assertion.

Status string

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

UserClaim string

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

AssociatedDomains []string

List that contains the domains associated with the identity provider.

Audience string

Identifier of the intended recipient of the token used in OIDC IdP.

AuthorizationType string

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

ClientId string

Client identifier that is assigned to an application by the OIDC Identity Provider.

Description string

The description of the identity provider.

FederationSettingsId string

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

GroupsClaim string

Identifier of the claim which contains OIDC IdP Group IDs in the token.

IdpId string

Unique 24-hexadecimal digit string that identifies the IdP.

IdpType string

IssuerUri string

Unique string that identifies the issuer of the IdP.

Name string

Human-readable label that identifies the identity provider.

OktaIdpId string

Unique 20-hexadecimal digit string that identifies the IdP.

Protocol string

The protocol of the identity provider. Either SAML or OIDC.

RequestBinding string

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

RequestedScopes []string

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

ResponseSignatureAlgorithm string

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

SsoDebugEnabled bool

Flag that indicates whether the identity provider has SSO debug enabled.

SsoUrl string

Unique string that identifies the intended audience of the SAML assertion.

Status string

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

UserClaim string

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

associatedDomains List<String>

List that contains the domains associated with the identity provider.

audience String

Identifier of the intended recipient of the token used in OIDC IdP.

authorizationType String

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

clientId String

Client identifier that is assigned to an application by the OIDC Identity Provider.

description String

The description of the identity provider.

federationSettingsId String

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

groupsClaim String

Identifier of the claim which contains OIDC IdP Group IDs in the token.

idpId String

Unique 24-hexadecimal digit string that identifies the IdP.

idpType String

issuerUri String

Unique string that identifies the issuer of the IdP.

name String

Human-readable label that identifies the identity provider.

oktaIdpId String

Unique 20-hexadecimal digit string that identifies the IdP.

protocol String

The protocol of the identity provider. Either SAML or OIDC.

requestBinding String

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

requestedScopes List<String>

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

responseSignatureAlgorithm String

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

ssoDebugEnabled Boolean

Flag that indicates whether the identity provider has SSO debug enabled.

ssoUrl String

Unique string that identifies the intended audience of the SAML assertion.

status String

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

userClaim String

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

associatedDomains string[]

List that contains the domains associated with the identity provider.

audience string

Identifier of the intended recipient of the token used in OIDC IdP.

authorizationType string

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

clientId string

Client identifier that is assigned to an application by the OIDC Identity Provider.

description string

The description of the identity provider.

federationSettingsId string

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

groupsClaim string

Identifier of the claim which contains OIDC IdP Group IDs in the token.

idpId string

Unique 24-hexadecimal digit string that identifies the IdP.

idpType string

issuerUri string

Unique string that identifies the issuer of the IdP.

name string

Human-readable label that identifies the identity provider.

oktaIdpId string

Unique 20-hexadecimal digit string that identifies the IdP.

protocol string

The protocol of the identity provider. Either SAML or OIDC.

requestBinding string

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

requestedScopes string[]

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

responseSignatureAlgorithm string

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

ssoDebugEnabled boolean

Flag that indicates whether the identity provider has SSO debug enabled.

ssoUrl string

Unique string that identifies the intended audience of the SAML assertion.

status string

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

userClaim string

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

associated_domains Sequence[str]

List that contains the domains associated with the identity provider.

audience str

Identifier of the intended recipient of the token used in OIDC IdP.

authorization_type str

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

client_id str

Client identifier that is assigned to an application by the OIDC Identity Provider.

description str

The description of the identity provider.

federation_settings_id str

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

groups_claim str

Identifier of the claim which contains OIDC IdP Group IDs in the token.

idp_id str

Unique 24-hexadecimal digit string that identifies the IdP.

idp_type str

issuer_uri str

Unique string that identifies the issuer of the IdP.

name str

Human-readable label that identifies the identity provider.

okta_idp_id str

Unique 20-hexadecimal digit string that identifies the IdP.

protocol str

The protocol of the identity provider. Either SAML or OIDC.

request_binding str

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

requested_scopes Sequence[str]

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

response_signature_algorithm str

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

sso_debug_enabled bool

Flag that indicates whether the identity provider has SSO debug enabled.

sso_url str

Unique string that identifies the intended audience of the SAML assertion.

status str

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

user_claim str

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

associatedDomains List<String>

List that contains the domains associated with the identity provider.

audience String

Identifier of the intended recipient of the token used in OIDC IdP.

authorizationType String

Indicates whether authorization is granted based on group membership or user ID. Valid values are GROUP or USER.

clientId String

Client identifier that is assigned to an application by the OIDC Identity Provider.

description String

The description of the identity provider.

federationSettingsId String

Unique 24-hexadecimal digit string that identifies the federated authentication configuration.

groupsClaim String

Identifier of the claim which contains OIDC IdP Group IDs in the token.

idpId String

Unique 24-hexadecimal digit string that identifies the IdP.

idpType String

issuerUri String

Unique string that identifies the issuer of the IdP.

name String

Human-readable label that identifies the identity provider.

oktaIdpId String

Unique 20-hexadecimal digit string that identifies the IdP.

protocol String

The protocol of the identity provider. Either SAML or OIDC.

requestBinding String

SAML Authentication Request Protocol HTTP method binding (POST or REDIRECT) that Federated Authentication uses to send the authentication request. Atlas supports the following binding values:

HTTP POST
HTTP REDIRECT

requestedScopes List<String>

Scopes that MongoDB applications will request from the authorization endpoint used for OIDC IdPs.

responseSignatureAlgorithm String

Signature algorithm that Federated Authentication uses to encrypt the identity provider signature. Valid values include SHA-1 and SHA-256.

ssoDebugEnabled Boolean

Flag that indicates whether the identity provider has SSO debug enabled.

ssoUrl String

Unique string that identifies the intended audience of the SAML assertion.

status String

String enum that indicates whether the identity provider is active or not. Accepted values are ACTIVE or INACTIVE.

userClaim String

Identifier of the claim which contains the user ID in the token used for OIDC IdPs. userClaim is required for OIDC IdP with authorizationType GROUP and USER.

Import

Identity Provider must be imported before using federation_settings_id-idp_id, e.g.

$ pulumi import mongodbatlas:index/federatedSettingsIdentityProvider:FederatedSettingsIdentityProvider identity_provider 6287a663c660f52b1c441c6c-0oad4fas87jL5Xnk12971234

For more information see: MongoDB Atlas API Reference.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: MongoDB Atlas pulumi/pulumi-mongodbatlas
License: Apache-2.0
Notes: This Pulumi package is based on the mongodbatlas Terraform Provider.

MongoDB Atlas v3.16.2 published on Friday, Jun 21, 2024 by Pulumi

pulumi/pulumi-mongodbatlas

mongodbatlas.FederatedSettingsIdentityProvider

On this page

On this page

Example Usage

Create FederatedSettingsIdentityProvider Resource

Constructor syntax

Parameters

Constructor example

FederatedSettingsIdentityProvider Resource Properties

Inputs

Outputs

Look up Existing FederatedSettingsIdentityProvider Resource

Import

Package Details

On this page

On this page