Docs Packages
  1. Packages
  2. Okta
  3. API Docs
  4. policy
  5. Mfa
Okta v4.9.2 published on Tuesday, Jun 25, 2024 by Pulumi
pulumi/pulumi-okta

okta.policy.Mfa

Explore with Pulumi AI

okta logo
Okta v4.9.2 published on Tuesday, Jun 25, 2024 by Pulumi
pulumi/pulumi-okta

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
import * as okta from "@pulumi/okta";

const classicExample = new okta.policy.Mfa("classic_example", {
    name: "MFA Policy Classic",
    status: "ACTIVE",
    description: "Example MFA policy using Okta Classic engine with factors.",
    isOie: false,
    oktaPassword: {
        enroll: "REQUIRED",
    },
    oktaOtp: {
        enroll: "REQUIRED",
    },
    groupsIncludeds: [everyone.id],
});
const oieExample = new okta.policy.Mfa("oie_example", {
    name: "MFA Policy OIE",
    status: "ACTIVE",
    description: "Example MFA policy that uses Okta Identity Engine (OIE) with authenticators",
    isOie: true,
    oktaPassword: {
        enroll: "REQUIRED",
    },
    oktaVerify: {
        enroll: "REQUIRED",
    },
    groupsIncludeds: [everyone.id],
});

    import pulumi
import pulumi_okta as okta

classic_example = okta.policy.Mfa("classic_example",
    name="MFA Policy Classic",
    status="ACTIVE",
    description="Example MFA policy using Okta Classic engine with factors.",
    is_oie=False,
    okta_password={
        "enroll": "REQUIRED",
    },
    okta_otp={
        "enroll": "REQUIRED",
    },
    groups_includeds=[everyone["id"]])
oie_example = okta.policy.Mfa("oie_example",
    name="MFA Policy OIE",
    status="ACTIVE",
    description="Example MFA policy that uses Okta Identity Engine (OIE) with authenticators",
    is_oie=True,
    okta_password={
        "enroll": "REQUIRED",
    },
    okta_verify={
        "enroll": "REQUIRED",
    },
    groups_includeds=[everyone["id"]])

    package main

import (
	"github.com/pulumi/pulumi-okta/sdk/v4/go/okta/policy"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := policy.NewMfa(ctx, "classic_example", &policy.MfaArgs{
			Name:        pulumi.String("MFA Policy Classic"),
			Status:      pulumi.String("ACTIVE"),
			Description: pulumi.String("Example MFA policy using Okta Classic engine with factors."),
			IsOie:       pulumi.Bool(false),
			OktaPassword: pulumi.StringMap{
				"enroll": pulumi.String("REQUIRED"),
			},
			OktaOtp: pulumi.StringMap{
				"enroll": pulumi.String("REQUIRED"),
			},
			GroupsIncludeds: pulumi.StringArray{
				everyone.Id,
			},
		})
		if err != nil {
			return err
		}
		_, err = policy.NewMfa(ctx, "oie_example", &policy.MfaArgs{
			Name:        pulumi.String("MFA Policy OIE"),
			Status:      pulumi.String("ACTIVE"),
			Description: pulumi.String("Example MFA policy that uses Okta Identity Engine (OIE) with authenticators"),
			IsOie:       pulumi.Bool(true),
			OktaPassword: pulumi.StringMap{
				"enroll": pulumi.String("REQUIRED"),
			},
			OktaVerify: pulumi.StringMap{
				"enroll": pulumi.String("REQUIRED"),
			},
			GroupsIncludeds: pulumi.StringArray{
				everyone.Id,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Okta = Pulumi.Okta;

return await Deployment.RunAsync(() => 
{
    var classicExample = new Okta.Policy.Mfa("classic_example", new()
    {
        Name = "MFA Policy Classic",
        Status = "ACTIVE",
        Description = "Example MFA policy using Okta Classic engine with factors.",
        IsOie = false,
        OktaPassword = 
        {
            { "enroll", "REQUIRED" },
        },
        OktaOtp = 
        {
            { "enroll", "REQUIRED" },
        },
        GroupsIncludeds = new[]
        {
            everyone.Id,
        },
    });

    var oieExample = new Okta.Policy.Mfa("oie_example", new()
    {
        Name = "MFA Policy OIE",
        Status = "ACTIVE",
        Description = "Example MFA policy that uses Okta Identity Engine (OIE) with authenticators",
        IsOie = true,
        OktaPassword = 
        {
            { "enroll", "REQUIRED" },
        },
        OktaVerify = 
        {
            { "enroll", "REQUIRED" },
        },
        GroupsIncludeds = new[]
        {
            everyone.Id,
        },
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.okta.policy.Mfa;
import com.pulumi.okta.policy.MfaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var classicExample = new Mfa("classicExample", MfaArgs.builder()
            .name("MFA Policy Classic")
            .status("ACTIVE")
            .description("Example MFA policy using Okta Classic engine with factors.")
            .isOie(false)
            .oktaPassword(Map.of("enroll", "REQUIRED"))
            .oktaOtp(Map.of("enroll", "REQUIRED"))
            .groupsIncludeds(everyone.id())
            .build());

        var oieExample = new Mfa("oieExample", MfaArgs.builder()
            .name("MFA Policy OIE")
            .status("ACTIVE")
            .description("Example MFA policy that uses Okta Identity Engine (OIE) with authenticators")
            .isOie(true)
            .oktaPassword(Map.of("enroll", "REQUIRED"))
            .oktaVerify(Map.of("enroll", "REQUIRED"))
            .groupsIncludeds(everyone.id())
            .build());

    }
}

    resources:
  classicExample:
    type: okta:policy:Mfa
    name: classic_example
    properties:
      name: MFA Policy Classic
      status: ACTIVE
      description: Example MFA policy using Okta Classic engine with factors.
      isOie: false
      oktaPassword:
        enroll: REQUIRED
      oktaOtp:
        enroll: REQUIRED
      groupsIncludeds:
        - ${everyone.id}
  oieExample:
    type: okta:policy:Mfa
    name: oie_example
    properties:
      name: MFA Policy OIE
      status: ACTIVE
      description: Example MFA policy that uses Okta Identity Engine (OIE) with authenticators
      isOie: true
      oktaPassword:
        enroll: REQUIRED
      oktaVerify:
        enroll: REQUIRED
      groupsIncludeds:
        - ${everyone.id}

    Create Mfa Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Mfa(name: string, args?: MfaArgs, opts?: CustomResourceOptions);
    @overload
def Mfa(resource_name: str,
        args: Optional[MfaArgs] = None,
        opts: Optional[ResourceOptions] = None)

@overload
def Mfa(resource_name: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        duo: Optional[Mapping[str, str]] = None,
        external_idp: Optional[Mapping[str, str]] = None,
        fido_u2f: Optional[Mapping[str, str]] = None,
        fido_webauthn: Optional[Mapping[str, str]] = None,
        google_otp: Optional[Mapping[str, str]] = None,
        groups_includeds: Optional[Sequence[str]] = None,
        hotp: Optional[Mapping[str, str]] = None,
        is_oie: Optional[bool] = None,
        name: Optional[str] = None,
        okta_call: Optional[Mapping[str, str]] = None,
        okta_email: Optional[Mapping[str, str]] = None,
        okta_otp: Optional[Mapping[str, str]] = None,
        okta_password: Optional[Mapping[str, str]] = None,
        okta_push: Optional[Mapping[str, str]] = None,
        okta_question: Optional[Mapping[str, str]] = None,
        okta_sms: Optional[Mapping[str, str]] = None,
        okta_verify: Optional[Mapping[str, str]] = None,
        onprem_mfa: Optional[Mapping[str, str]] = None,
        phone_number: Optional[Mapping[str, str]] = None,
        priority: Optional[int] = None,
        rsa_token: Optional[Mapping[str, str]] = None,
        security_question: Optional[Mapping[str, str]] = None,
        status: Optional[str] = None,
        symantec_vip: Optional[Mapping[str, str]] = None,
        webauthn: Optional[Mapping[str, str]] = None,
        yubikey_token: Optional[Mapping[str, str]] = None)
    func NewMfa(ctx *Context, name string, args *MfaArgs, opts ...ResourceOption) (*Mfa, error)
    public Mfa(string name, MfaArgs? args = null, CustomResourceOptions? opts = null)
    public Mfa(String name, MfaArgs args)
public Mfa(String name, MfaArgs args, CustomResourceOptions options)

    type: okta:policy:Mfa
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args MfaArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args MfaArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args MfaArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args MfaArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args MfaArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var mfaResource = new Okta.Policy.Mfa("mfaResource", new()
{
    Description = "string",
    Duo = 
    {
        { "string", "string" },
    },
    ExternalIdp = 
    {
        { "string", "string" },
    },
    FidoU2f = 
    {
        { "string", "string" },
    },
    FidoWebauthn = 
    {
        { "string", "string" },
    },
    GoogleOtp = 
    {
        { "string", "string" },
    },
    GroupsIncludeds = new[]
    {
        "string",
    },
    Hotp = 
    {
        { "string", "string" },
    },
    IsOie = false,
    Name = "string",
    OktaCall = 
    {
        { "string", "string" },
    },
    OktaEmail = 
    {
        { "string", "string" },
    },
    OktaOtp = 
    {
        { "string", "string" },
    },
    OktaPassword = 
    {
        { "string", "string" },
    },
    OktaPush = 
    {
        { "string", "string" },
    },
    OktaQuestion = 
    {
        { "string", "string" },
    },
    OktaSms = 
    {
        { "string", "string" },
    },
    OktaVerify = 
    {
        { "string", "string" },
    },
    OnpremMfa = 
    {
        { "string", "string" },
    },
    PhoneNumber = 
    {
        { "string", "string" },
    },
    Priority = 0,
    RsaToken = 
    {
        { "string", "string" },
    },
    SecurityQuestion = 
    {
        { "string", "string" },
    },
    Status = "string",
    SymantecVip = 
    {
        { "string", "string" },
    },
    Webauthn = 
    {
        { "string", "string" },
    },
    YubikeyToken = 
    {
        { "string", "string" },
    },
});

    example, err := policy.NewMfa(ctx, "mfaResource", &policy.MfaArgs{
	Description: pulumi.String("string"),
	Duo: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	ExternalIdp: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	FidoU2f: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	FidoWebauthn: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	GoogleOtp: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	GroupsIncludeds: pulumi.StringArray{
		pulumi.String("string"),
	},
	Hotp: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	IsOie: pulumi.Bool(false),
	Name:  pulumi.String("string"),
	OktaCall: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OktaEmail: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OktaOtp: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OktaPassword: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OktaPush: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OktaQuestion: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OktaSms: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OktaVerify: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	OnpremMfa: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	PhoneNumber: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Priority: pulumi.Int(0),
	RsaToken: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	SecurityQuestion: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Status: pulumi.String("string"),
	SymantecVip: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Webauthn: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	YubikeyToken: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
})

    var mfaResource = new Mfa("mfaResource", MfaArgs.builder()
    .description("string")
    .duo(Map.of("string", "string"))
    .externalIdp(Map.of("string", "string"))
    .fidoU2f(Map.of("string", "string"))
    .fidoWebauthn(Map.of("string", "string"))
    .googleOtp(Map.of("string", "string"))
    .groupsIncludeds("string")
    .hotp(Map.of("string", "string"))
    .isOie(false)
    .name("string")
    .oktaCall(Map.of("string", "string"))
    .oktaEmail(Map.of("string", "string"))
    .oktaOtp(Map.of("string", "string"))
    .oktaPassword(Map.of("string", "string"))
    .oktaPush(Map.of("string", "string"))
    .oktaQuestion(Map.of("string", "string"))
    .oktaSms(Map.of("string", "string"))
    .oktaVerify(Map.of("string", "string"))
    .onpremMfa(Map.of("string", "string"))
    .phoneNumber(Map.of("string", "string"))
    .priority(0)
    .rsaToken(Map.of("string", "string"))
    .securityQuestion(Map.of("string", "string"))
    .status("string")
    .symantecVip(Map.of("string", "string"))
    .webauthn(Map.of("string", "string"))
    .yubikeyToken(Map.of("string", "string"))
    .build());

    mfa_resource = okta.policy.Mfa("mfaResource",
    description="string",
    duo={
        "string": "string",
    },
    external_idp={
        "string": "string",
    },
    fido_u2f={
        "string": "string",
    },
    fido_webauthn={
        "string": "string",
    },
    google_otp={
        "string": "string",
    },
    groups_includeds=["string"],
    hotp={
        "string": "string",
    },
    is_oie=False,
    name="string",
    okta_call={
        "string": "string",
    },
    okta_email={
        "string": "string",
    },
    okta_otp={
        "string": "string",
    },
    okta_password={
        "string": "string",
    },
    okta_push={
        "string": "string",
    },
    okta_question={
        "string": "string",
    },
    okta_sms={
        "string": "string",
    },
    okta_verify={
        "string": "string",
    },
    onprem_mfa={
        "string": "string",
    },
    phone_number={
        "string": "string",
    },
    priority=0,
    rsa_token={
        "string": "string",
    },
    security_question={
        "string": "string",
    },
    status="string",
    symantec_vip={
        "string": "string",
    },
    webauthn={
        "string": "string",
    },
    yubikey_token={
        "string": "string",
    })

    const mfaResource = new okta.policy.Mfa("mfaResource", {
    description: "string",
    duo: {
        string: "string",
    },
    externalIdp: {
        string: "string",
    },
    fidoU2f: {
        string: "string",
    },
    fidoWebauthn: {
        string: "string",
    },
    googleOtp: {
        string: "string",
    },
    groupsIncludeds: ["string"],
    hotp: {
        string: "string",
    },
    isOie: false,
    name: "string",
    oktaCall: {
        string: "string",
    },
    oktaEmail: {
        string: "string",
    },
    oktaOtp: {
        string: "string",
    },
    oktaPassword: {
        string: "string",
    },
    oktaPush: {
        string: "string",
    },
    oktaQuestion: {
        string: "string",
    },
    oktaSms: {
        string: "string",
    },
    oktaVerify: {
        string: "string",
    },
    onpremMfa: {
        string: "string",
    },
    phoneNumber: {
        string: "string",
    },
    priority: 0,
    rsaToken: {
        string: "string",
    },
    securityQuestion: {
        string: "string",
    },
    status: "string",
    symantecVip: {
        string: "string",
    },
    webauthn: {
        string: "string",
    },
    yubikeyToken: {
        string: "string",
    },
});

    type: okta:policy:Mfa
properties:
    description: string
    duo:
        string: string
    externalIdp:
        string: string
    fidoU2f:
        string: string
    fidoWebauthn:
        string: string
    googleOtp:
        string: string
    groupsIncludeds:
        - string
    hotp:
        string: string
    isOie: false
    name: string
    oktaCall:
        string: string
    oktaEmail:
        string: string
    oktaOtp:
        string: string
    oktaPassword:
        string: string
    oktaPush:
        string: string
    oktaQuestion:
        string: string
    oktaSms:
        string: string
    oktaVerify:
        string: string
    onpremMfa:
        string: string
    phoneNumber:
        string: string
    priority: 0
    rsaToken:
        string: string
    securityQuestion:
        string: string
    status: string
    symantecVip:
        string: string
    webauthn:
        string: string
    yubikeyToken:
        string: string

    Mfa Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Mfa resource accepts the following input properties:

    Description string
    Policy Description
    Duo Dictionary<string, string>
    ExternalIdp Dictionary<string, string>
    FidoU2f Dictionary<string, string>
    FidoWebauthn Dictionary<string, string>
    GoogleOtp Dictionary<string, string>
    GroupsIncludeds List<string>
    List of Group IDs to Include
    Hotp Dictionary<string, string>
    IsOie bool
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    Name string
    Policy Name
    OktaCall Dictionary<string, string>
    OktaEmail Dictionary<string, string>
    OktaOtp Dictionary<string, string>
    OktaPassword Dictionary<string, string>
    OktaPush Dictionary<string, string>
    OktaQuestion Dictionary<string, string>
    OktaSms Dictionary<string, string>
    OktaVerify Dictionary<string, string>
    OnpremMfa Dictionary<string, string>
    PhoneNumber Dictionary<string, string>
    Priority int
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    RsaToken Dictionary<string, string>
    SecurityQuestion Dictionary<string, string>
    Status string
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    SymantecVip Dictionary<string, string>
    Webauthn Dictionary<string, string>
    YubikeyToken Dictionary<string, string>
    Description string
    Policy Description
    Duo map[string]string
    ExternalIdp map[string]string
    FidoU2f map[string]string
    FidoWebauthn map[string]string
    GoogleOtp map[string]string
    GroupsIncludeds []string
    List of Group IDs to Include
    Hotp map[string]string
    IsOie bool
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    Name string
    Policy Name
    OktaCall map[string]string
    OktaEmail map[string]string
    OktaOtp map[string]string
    OktaPassword map[string]string
    OktaPush map[string]string
    OktaQuestion map[string]string
    OktaSms map[string]string
    OktaVerify map[string]string
    OnpremMfa map[string]string
    PhoneNumber map[string]string
    Priority int
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    RsaToken map[string]string
    SecurityQuestion map[string]string
    Status string
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    SymantecVip map[string]string
    Webauthn map[string]string
    YubikeyToken map[string]string
    description String
    Policy Description
    duo Map<String,String>
    externalIdp Map<String,String>
    fidoU2f Map<String,String>
    fidoWebauthn Map<String,String>
    googleOtp Map<String,String>
    groupsIncludeds List<String>
    List of Group IDs to Include
    hotp Map<String,String>
    isOie Boolean
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    name String
    Policy Name
    oktaCall Map<String,String>
    oktaEmail Map<String,String>
    oktaOtp Map<String,String>
    oktaPassword Map<String,String>
    oktaPush Map<String,String>
    oktaQuestion Map<String,String>
    oktaSms Map<String,String>
    oktaVerify Map<String,String>
    onpremMfa Map<String,String>
    phoneNumber Map<String,String>
    priority Integer
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    rsaToken Map<String,String>
    securityQuestion Map<String,String>
    status String
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    symantecVip Map<String,String>
    webauthn Map<String,String>
    yubikeyToken Map<String,String>
    description string
    Policy Description
    duo {[key: string]: string}
    externalIdp {[key: string]: string}
    fidoU2f {[key: string]: string}
    fidoWebauthn {[key: string]: string}
    googleOtp {[key: string]: string}
    groupsIncludeds string[]
    List of Group IDs to Include
    hotp {[key: string]: string}
    isOie boolean
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    name string
    Policy Name
    oktaCall {[key: string]: string}
    oktaEmail {[key: string]: string}
    oktaOtp {[key: string]: string}
    oktaPassword {[key: string]: string}
    oktaPush {[key: string]: string}
    oktaQuestion {[key: string]: string}
    oktaSms {[key: string]: string}
    oktaVerify {[key: string]: string}
    onpremMfa {[key: string]: string}
    phoneNumber {[key: string]: string}
    priority number
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    rsaToken {[key: string]: string}
    securityQuestion {[key: string]: string}
    status string
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    symantecVip {[key: string]: string}
    webauthn {[key: string]: string}
    yubikeyToken {[key: string]: string}
    description str
    Policy Description
    duo Mapping[str, str]
    external_idp Mapping[str, str]
    fido_u2f Mapping[str, str]
    fido_webauthn Mapping[str, str]
    google_otp Mapping[str, str]
    groups_includeds Sequence[str]
    List of Group IDs to Include
    hotp Mapping[str, str]
    is_oie bool
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    name str
    Policy Name
    okta_call Mapping[str, str]
    okta_email Mapping[str, str]
    okta_otp Mapping[str, str]
    okta_password Mapping[str, str]
    okta_push Mapping[str, str]
    okta_question Mapping[str, str]
    okta_sms Mapping[str, str]
    okta_verify Mapping[str, str]
    onprem_mfa Mapping[str, str]
    phone_number Mapping[str, str]
    priority int
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    rsa_token Mapping[str, str]
    security_question Mapping[str, str]
    status str
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    symantec_vip Mapping[str, str]
    webauthn Mapping[str, str]
    yubikey_token Mapping[str, str]
    description String
    Policy Description
    duo Map<String>
    externalIdp Map<String>
    fidoU2f Map<String>
    fidoWebauthn Map<String>
    googleOtp Map<String>
    groupsIncludeds List<String>
    List of Group IDs to Include
    hotp Map<String>
    isOie Boolean
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    name String
    Policy Name
    oktaCall Map<String>
    oktaEmail Map<String>
    oktaOtp Map<String>
    oktaPassword Map<String>
    oktaPush Map<String>
    oktaQuestion Map<String>
    oktaSms Map<String>
    oktaVerify Map<String>
    onpremMfa Map<String>
    phoneNumber Map<String>
    priority Number
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    rsaToken Map<String>
    securityQuestion Map<String>
    status String
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    symantecVip Map<String>
    webauthn Map<String>
    yubikeyToken Map<String>

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Mfa resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Mfa Resource

    Get an existing Mfa resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: MfaState, opts?: CustomResourceOptions): Mfa
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        duo: Optional[Mapping[str, str]] = None,
        external_idp: Optional[Mapping[str, str]] = None,
        fido_u2f: Optional[Mapping[str, str]] = None,
        fido_webauthn: Optional[Mapping[str, str]] = None,
        google_otp: Optional[Mapping[str, str]] = None,
        groups_includeds: Optional[Sequence[str]] = None,
        hotp: Optional[Mapping[str, str]] = None,
        is_oie: Optional[bool] = None,
        name: Optional[str] = None,
        okta_call: Optional[Mapping[str, str]] = None,
        okta_email: Optional[Mapping[str, str]] = None,
        okta_otp: Optional[Mapping[str, str]] = None,
        okta_password: Optional[Mapping[str, str]] = None,
        okta_push: Optional[Mapping[str, str]] = None,
        okta_question: Optional[Mapping[str, str]] = None,
        okta_sms: Optional[Mapping[str, str]] = None,
        okta_verify: Optional[Mapping[str, str]] = None,
        onprem_mfa: Optional[Mapping[str, str]] = None,
        phone_number: Optional[Mapping[str, str]] = None,
        priority: Optional[int] = None,
        rsa_token: Optional[Mapping[str, str]] = None,
        security_question: Optional[Mapping[str, str]] = None,
        status: Optional[str] = None,
        symantec_vip: Optional[Mapping[str, str]] = None,
        webauthn: Optional[Mapping[str, str]] = None,
        yubikey_token: Optional[Mapping[str, str]] = None) -> Mfa
    func GetMfa(ctx *Context, name string, id IDInput, state *MfaState, opts ...ResourceOption) (*Mfa, error)
    public static Mfa Get(string name, Input<string> id, MfaState? state, CustomResourceOptions? opts = null)
    public static Mfa get(String name, Output<String> id, MfaState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Description string
    Policy Description
    Duo Dictionary<string, string>
    ExternalIdp Dictionary<string, string>
    FidoU2f Dictionary<string, string>
    FidoWebauthn Dictionary<string, string>
    GoogleOtp Dictionary<string, string>
    GroupsIncludeds List<string>
    List of Group IDs to Include
    Hotp Dictionary<string, string>
    IsOie bool
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    Name string
    Policy Name
    OktaCall Dictionary<string, string>
    OktaEmail Dictionary<string, string>
    OktaOtp Dictionary<string, string>
    OktaPassword Dictionary<string, string>
    OktaPush Dictionary<string, string>
    OktaQuestion Dictionary<string, string>
    OktaSms Dictionary<string, string>
    OktaVerify Dictionary<string, string>
    OnpremMfa Dictionary<string, string>
    PhoneNumber Dictionary<string, string>
    Priority int
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    RsaToken Dictionary<string, string>
    SecurityQuestion Dictionary<string, string>
    Status string
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    SymantecVip Dictionary<string, string>
    Webauthn Dictionary<string, string>
    YubikeyToken Dictionary<string, string>
    Description string
    Policy Description
    Duo map[string]string
    ExternalIdp map[string]string
    FidoU2f map[string]string
    FidoWebauthn map[string]string
    GoogleOtp map[string]string
    GroupsIncludeds []string
    List of Group IDs to Include
    Hotp map[string]string
    IsOie bool
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    Name string
    Policy Name
    OktaCall map[string]string
    OktaEmail map[string]string
    OktaOtp map[string]string
    OktaPassword map[string]string
    OktaPush map[string]string
    OktaQuestion map[string]string
    OktaSms map[string]string
    OktaVerify map[string]string
    OnpremMfa map[string]string
    PhoneNumber map[string]string
    Priority int
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    RsaToken map[string]string
    SecurityQuestion map[string]string
    Status string
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    SymantecVip map[string]string
    Webauthn map[string]string
    YubikeyToken map[string]string
    description String
    Policy Description
    duo Map<String,String>
    externalIdp Map<String,String>
    fidoU2f Map<String,String>
    fidoWebauthn Map<String,String>
    googleOtp Map<String,String>
    groupsIncludeds List<String>
    List of Group IDs to Include
    hotp Map<String,String>
    isOie Boolean
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    name String
    Policy Name
    oktaCall Map<String,String>
    oktaEmail Map<String,String>
    oktaOtp Map<String,String>
    oktaPassword Map<String,String>
    oktaPush Map<String,String>
    oktaQuestion Map<String,String>
    oktaSms Map<String,String>
    oktaVerify Map<String,String>
    onpremMfa Map<String,String>
    phoneNumber Map<String,String>
    priority Integer
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    rsaToken Map<String,String>
    securityQuestion Map<String,String>
    status String
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    symantecVip Map<String,String>
    webauthn Map<String,String>
    yubikeyToken Map<String,String>
    description string
    Policy Description
    duo {[key: string]: string}
    externalIdp {[key: string]: string}
    fidoU2f {[key: string]: string}
    fidoWebauthn {[key: string]: string}
    googleOtp {[key: string]: string}
    groupsIncludeds string[]
    List of Group IDs to Include
    hotp {[key: string]: string}
    isOie boolean
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    name string
    Policy Name
    oktaCall {[key: string]: string}
    oktaEmail {[key: string]: string}
    oktaOtp {[key: string]: string}
    oktaPassword {[key: string]: string}
    oktaPush {[key: string]: string}
    oktaQuestion {[key: string]: string}
    oktaSms {[key: string]: string}
    oktaVerify {[key: string]: string}
    onpremMfa {[key: string]: string}
    phoneNumber {[key: string]: string}
    priority number
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    rsaToken {[key: string]: string}
    securityQuestion {[key: string]: string}
    status string
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    symantecVip {[key: string]: string}
    webauthn {[key: string]: string}
    yubikeyToken {[key: string]: string}
    description str
    Policy Description
    duo Mapping[str, str]
    external_idp Mapping[str, str]
    fido_u2f Mapping[str, str]
    fido_webauthn Mapping[str, str]
    google_otp Mapping[str, str]
    groups_includeds Sequence[str]
    List of Group IDs to Include
    hotp Mapping[str, str]
    is_oie bool
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    name str
    Policy Name
    okta_call Mapping[str, str]
    okta_email Mapping[str, str]
    okta_otp Mapping[str, str]
    okta_password Mapping[str, str]
    okta_push Mapping[str, str]
    okta_question Mapping[str, str]
    okta_sms Mapping[str, str]
    okta_verify Mapping[str, str]
    onprem_mfa Mapping[str, str]
    phone_number Mapping[str, str]
    priority int
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    rsa_token Mapping[str, str]
    security_question Mapping[str, str]
    status str
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    symantec_vip Mapping[str, str]
    webauthn Mapping[str, str]
    yubikey_token Mapping[str, str]
    description String
    Policy Description
    duo Map<String>
    externalIdp Map<String>
    fidoU2f Map<String>
    fidoWebauthn Map<String>
    googleOtp Map<String>
    groupsIncludeds List<String>
    List of Group IDs to Include
    hotp Map<String>
    isOie Boolean
    Is the policy using Okta Identity Engine (OIE) with authenticators instead of factors?
    name String
    Policy Name
    oktaCall Map<String>
    oktaEmail Map<String>
    oktaOtp Map<String>
    oktaPassword Map<String>
    oktaPush Map<String>
    oktaQuestion Map<String>
    oktaSms Map<String>
    oktaVerify Map<String>
    onpremMfa Map<String>
    phoneNumber Map<String>
    priority Number
    Policy Priority, this attribute can be set to a valid priority. To avoid endless diff situation we error if an invalid priority is provided. API defaults it to the last (lowest) if not there.
    rsaToken Map<String>
    securityQuestion Map<String>
    status String
    Policy Status: ACTIVE or INACTIVE. Default: ACTIVE
    symantecVip Map<String>
    webauthn Map<String>
    yubikeyToken Map<String>

    Import

    $ pulumi import okta:policy/mfa:Mfa example &#60;policy id&#62;

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Okta pulumi/pulumi-okta
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the okta Terraform Provider.
    okta logo
    Okta v4.9.2 published on Tuesday, Jun 25, 2024 by Pulumi
    pulumi/pulumi-okta