onelogin v0.6.3 published on Friday, May 10, 2024 by Pulumi
onelogin.apps.getInstance
Explore with Pulumi AI
Using getInstance
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getInstance(args: GetInstanceArgs, opts?: InvokeOptions): Promise<GetInstanceResult>
function getInstanceOutput(args: GetInstanceOutputArgs, opts?: InvokeOptions): Output<GetInstanceResult>
def get_instance(allow_assumed_signin: Optional[bool] = None,
auth_method: Optional[int] = None,
auth_method_description: Optional[str] = None,
brand_id: Optional[int] = None,
configuration: Optional[GetInstanceConfiguration] = None,
connector_id: Optional[int] = None,
created_at: Optional[str] = None,
description: Optional[str] = None,
enforcement_point: Optional[GetInstanceEnforcementPoint] = None,
icon_url: Optional[str] = None,
id: Optional[str] = None,
login_config: Optional[int] = None,
name: Optional[str] = None,
notes: Optional[str] = None,
parameters: Optional[GetInstanceParameters] = None,
policy_id: Optional[int] = None,
provisioning: Optional[GetInstanceProvisioning] = None,
role_ids: Optional[Sequence[int]] = None,
sso: Optional[GetInstanceSso] = None,
tab_id: Optional[int] = None,
updated_at: Optional[str] = None,
visible: Optional[bool] = None,
opts: Optional[InvokeOptions] = None) -> GetInstanceResult
def get_instance_output(allow_assumed_signin: Optional[pulumi.Input[bool]] = None,
auth_method: Optional[pulumi.Input[int]] = None,
auth_method_description: Optional[pulumi.Input[str]] = None,
brand_id: Optional[pulumi.Input[int]] = None,
configuration: Optional[pulumi.Input[GetInstanceConfigurationArgs]] = None,
connector_id: Optional[pulumi.Input[int]] = None,
created_at: Optional[pulumi.Input[str]] = None,
description: Optional[pulumi.Input[str]] = None,
enforcement_point: Optional[pulumi.Input[GetInstanceEnforcementPointArgs]] = None,
icon_url: Optional[pulumi.Input[str]] = None,
id: Optional[pulumi.Input[str]] = None,
login_config: Optional[pulumi.Input[int]] = None,
name: Optional[pulumi.Input[str]] = None,
notes: Optional[pulumi.Input[str]] = None,
parameters: Optional[pulumi.Input[GetInstanceParametersArgs]] = None,
policy_id: Optional[pulumi.Input[int]] = None,
provisioning: Optional[pulumi.Input[GetInstanceProvisioningArgs]] = None,
role_ids: Optional[pulumi.Input[Sequence[pulumi.Input[int]]]] = None,
sso: Optional[pulumi.Input[GetInstanceSsoArgs]] = None,
tab_id: Optional[pulumi.Input[int]] = None,
updated_at: Optional[pulumi.Input[str]] = None,
visible: Optional[pulumi.Input[bool]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetInstanceResult]
func GetInstance(ctx *Context, args *GetInstanceArgs, opts ...InvokeOption) (*GetInstanceResult, error)
func GetInstanceOutput(ctx *Context, args *GetInstanceOutputArgs, opts ...InvokeOption) GetInstanceResultOutput
> Note: This function is named GetInstance
in the Go SDK.
public static class GetInstance
{
public static Task<GetInstanceResult> InvokeAsync(GetInstanceArgs args, InvokeOptions? opts = null)
public static Output<GetInstanceResult> Invoke(GetInstanceInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetInstanceResult> getInstance(GetInstanceArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: onelogin:apps/getInstance:getInstance
arguments:
# arguments dictionary
The following arguments are supported:
- Id string
- Allow
Assumed boolSignin - Auth
Method int - Auth
Method stringDescription - Brand
Id int - Configuration
Get
Instance Configuration - Connector
Id int - Created
At string - Description string
- Enforcement
Point GetInstance Enforcement Point - Icon
Url string - Login
Config int - Name string
- Notes string
- Parameters
Get
Instance Parameters - Policy
Id int - Provisioning
Get
Instance Provisioning - Role
Ids List<int> - Sso
Get
Instance Sso - Tab
Id int - Updated
At string - Visible bool
- Id string
- Allow
Assumed boolSignin - Auth
Method int - Auth
Method stringDescription - Brand
Id int - Configuration
Get
Instance Configuration - Connector
Id int - Created
At string - Description string
- Enforcement
Point GetInstance Enforcement Point - Icon
Url string - Login
Config int - Name string
- Notes string
- Parameters
Get
Instance Parameters - Policy
Id int - Provisioning
Get
Instance Provisioning - Role
Ids []int - Sso
Get
Instance Sso - Tab
Id int - Updated
At string - Visible bool
- id String
- allow
Assumed BooleanSignin - auth
Method Integer - auth
Method StringDescription - brand
Id Integer - configuration
Get
Instance Configuration - connector
Id Integer - created
At String - description String
- enforcement
Point GetInstance Enforcement Point - icon
Url String - login
Config Integer - name String
- notes String
- parameters
Get
Instance Parameters - policy
Id Integer - provisioning
Get
Instance Provisioning - role
Ids List<Integer> - sso
Get
Instance Sso - tab
Id Integer - updated
At String - visible Boolean
- id string
- allow
Assumed booleanSignin - auth
Method number - auth
Method stringDescription - brand
Id number - configuration
Get
Instance Configuration - connector
Id number - created
At string - description string
- enforcement
Point GetInstance Enforcement Point - icon
Url string - login
Config number - name string
- notes string
- parameters
Get
Instance Parameters - policy
Id number - provisioning
Get
Instance Provisioning - role
Ids number[] - sso
Get
Instance Sso - tab
Id number - updated
At string - visible boolean
- id str
- allow_
assumed_ boolsignin - auth_
method int - auth_
method_ strdescription - brand_
id int - configuration
Get
Instance Configuration - connector_
id int - created_
at str - description str
- enforcement_
point GetInstance Enforcement Point - icon_
url str - login_
config int - name str
- notes str
- parameters
Get
Instance Parameters - policy_
id int - provisioning
Get
Instance Provisioning - role_
ids Sequence[int] - sso
Get
Instance Sso - tab_
id int - updated_
at str - visible bool
- id String
- allow
Assumed BooleanSignin - auth
Method Number - auth
Method StringDescription - brand
Id Number - configuration Property Map
- connector
Id Number - created
At String - description String
- enforcement
Point Property Map - icon
Url String - login
Config Number - name String
- notes String
- parameters Property Map
- policy
Id Number - provisioning Property Map
- role
Ids List<Number> - sso Property Map
- tab
Id Number - updated
At String - visible Boolean
getInstance Result
The following output properties are available:
- Allow
Assumed boolSignin - Auth
Method int - Auth
Method stringDescription - Brand
Id int - Configuration
Get
Instance Configuration - Connector
Id int - Created
At string - Description string
- Enforcement
Point GetInstance Enforcement Point - Icon
Url string - Id string
- Login
Config int - Name string
- Notes string
- Parameters
Get
Instance Parameters - Policy
Id int - Provisioning
Get
Instance Provisioning - Role
Ids List<int> - Sso
Get
Instance Sso - Tab
Id int - Updated
At string - Visible bool
- Allow
Assumed boolSignin - Auth
Method int - Auth
Method stringDescription - Brand
Id int - Configuration
Get
Instance Configuration - Connector
Id int - Created
At string - Description string
- Enforcement
Point GetInstance Enforcement Point - Icon
Url string - Id string
- Login
Config int - Name string
- Notes string
- Parameters
Get
Instance Parameters - Policy
Id int - Provisioning
Get
Instance Provisioning - Role
Ids []int - Sso
Get
Instance Sso - Tab
Id int - Updated
At string - Visible bool
- allow
Assumed BooleanSignin - auth
Method Integer - auth
Method StringDescription - brand
Id Integer - configuration
Get
Instance Configuration - connector
Id Integer - created
At String - description String
- enforcement
Point GetInstance Enforcement Point - icon
Url String - id String
- login
Config Integer - name String
- notes String
- parameters
Get
Instance Parameters - policy
Id Integer - provisioning
Get
Instance Provisioning - role
Ids List<Integer> - sso
Get
Instance Sso - tab
Id Integer - updated
At String - visible Boolean
- allow
Assumed booleanSignin - auth
Method number - auth
Method stringDescription - brand
Id number - configuration
Get
Instance Configuration - connector
Id number - created
At string - description string
- enforcement
Point GetInstance Enforcement Point - icon
Url string - id string
- login
Config number - name string
- notes string
- parameters
Get
Instance Parameters - policy
Id number - provisioning
Get
Instance Provisioning - role
Ids number[] - sso
Get
Instance Sso - tab
Id number - updated
At string - visible boolean
- allow_
assumed_ boolsignin - auth_
method int - auth_
method_ strdescription - brand_
id int - configuration
Get
Instance Configuration - connector_
id int - created_
at str - description str
- enforcement_
point GetInstance Enforcement Point - icon_
url str - id str
- login_
config int - name str
- notes str
- parameters
Get
Instance Parameters - policy_
id int - provisioning
Get
Instance Provisioning - role_
ids Sequence[int] - sso
Get
Instance Sso - tab_
id int - updated_
at str - visible bool
- allow
Assumed BooleanSignin - auth
Method Number - auth
Method StringDescription - brand
Id Number - configuration Property Map
- connector
Id Number - created
At String - description String
- enforcement
Point Property Map - icon
Url String - id String
- login
Config Number - name String
- notes String
- parameters Property Map
- policy
Id Number - provisioning Property Map
- role
Ids List<Number> - sso Property Map
- tab
Id Number - updated
At String - visible Boolean
Supporting Types
GetInstanceConfiguration
- Access
Token intExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- Login
Url string - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- Oidc
Api stringVersion - Oidc
Application intType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- Oidc
Encryption stringKey - OIDC Apps only
- Post
Logout stringRedirect Uri - OIDC Apps only
- Redirect
Uri string - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- Refresh
Token intExpiration Minutes - Number of minutes the refresh token will be valid for.
- Token
Endpoint intAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- Access
Token intExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- Login
Url string - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- Oidc
Api stringVersion - Oidc
Application intType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- Oidc
Encryption stringKey - OIDC Apps only
- Post
Logout stringRedirect Uri - OIDC Apps only
- Redirect
Uri string - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- Refresh
Token intExpiration Minutes - Number of minutes the refresh token will be valid for.
- Token
Endpoint intAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- access
Token IntegerExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- login
Url String - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- oidc
Api StringVersion - oidc
Application IntegerType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- oidc
Encryption StringKey - OIDC Apps only
- post
Logout StringRedirect Uri - OIDC Apps only
- redirect
Uri String - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- refresh
Token IntegerExpiration Minutes - Number of minutes the refresh token will be valid for.
- token
Endpoint IntegerAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- access
Token numberExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- login
Url string - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- oidc
Api stringVersion - oidc
Application numberType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- oidc
Encryption stringKey - OIDC Apps only
- post
Logout stringRedirect Uri - OIDC Apps only
- redirect
Uri string - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- refresh
Token numberExpiration Minutes - Number of minutes the refresh token will be valid for.
- token
Endpoint numberAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- access_
token_ intexpiration_ minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- login_
url str - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- oidc_
api_ strversion - oidc_
application_ inttype - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- oidc_
encryption_ strkey - OIDC Apps only
- post_
logout_ strredirect_ uri - OIDC Apps only
- redirect_
uri str - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- refresh_
token_ intexpiration_ minutes - Number of minutes the refresh token will be valid for.
- token_
endpoint_ intauth_ method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
- access
Token NumberExpiration Minutes - OIDC Apps only Number of minutes the refresh token will be valid for.
- login
Url String - OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
- oidc
Api StringVersion - oidc
Application NumberType - OIDC Apps Only
- 0: Web
- 1: Native/Mobile
- oidc
Encryption StringKey - OIDC Apps only
- post
Logout StringRedirect Uri - OIDC Apps only
- redirect
Uri String - OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
- refresh
Token NumberExpiration Minutes - Number of minutes the refresh token will be valid for.
- token
Endpoint NumberAuth Method - OIDC Apps only
- 0: Basic
- 1: POST
- 2: None / PKCE
GetInstanceEnforcementPoint
- Case
Sensitive bool - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- Conditions string
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- Context
Root string - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- Landing
Page string - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- Permissions string
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - Require
Sitewide boolAuthentication - Require user authentication to access any resource protected by this enforcement point.
- Resources
List<Get
Instance Enforcement Point Resource> - Array of resource objects
- Session
Expiry GetFixed Instance Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- Session
Expiry GetInactivity Instance Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- Target string
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- Token string
- Can only be set on create. Access Gateway Token.
- Use
Target boolHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- Vhost string
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- Case
Sensitive bool - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- Conditions string
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- Context
Root string - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- Landing
Page string - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- Permissions string
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - Require
Sitewide boolAuthentication - Require user authentication to access any resource protected by this enforcement point.
- Resources
[]Get
Instance Enforcement Point Resource - Array of resource objects
- Session
Expiry GetFixed Instance Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- Session
Expiry GetInactivity Instance Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- Target string
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- Token string
- Can only be set on create. Access Gateway Token.
- Use
Target boolHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- Vhost string
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- case
Sensitive Boolean - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- conditions String
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- context
Root String - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- landing
Page String - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- permissions String
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - require
Sitewide BooleanAuthentication - Require user authentication to access any resource protected by this enforcement point.
- resources
List<Get
Instance Enforcement Point Resource> - Array of resource objects
- session
Expiry GetFixed Instance Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- session
Expiry GetInactivity Instance Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- target String
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- token String
- Can only be set on create. Access Gateway Token.
- use
Target BooleanHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- vhost String
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- case
Sensitive boolean - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- conditions string
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- context
Root string - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- landing
Page string - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- permissions string
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - require
Sitewide booleanAuthentication - Require user authentication to access any resource protected by this enforcement point.
- resources
Get
Instance Enforcement Point Resource[] - Array of resource objects
- session
Expiry GetFixed Instance Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- session
Expiry GetInactivity Instance Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- target string
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- token string
- Can only be set on create. Access Gateway Token.
- use
Target booleanHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- vhost string
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- case_
sensitive bool - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- conditions str
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- context_
root str - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- landing_
page str - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- permissions str
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - require_
sitewide_ boolauthentication - Require user authentication to access any resource protected by this enforcement point.
- resources
Sequence[Get
Instance Enforcement Point Resource] - Array of resource objects
- session_
expiry_ Getfixed Instance Enforcement Point Session Expiry Fixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- session_
expiry_ Getinactivity Instance Enforcement Point Session Expiry Inactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- target str
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- token str
- Can only be set on create. Access Gateway Token.
- use_
target_ boolhost_ header - Use the target host header as opposed to the original gateway or upstream host header.
- vhost str
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
- case
Sensitive Boolean - The URL path evaluation is case insensitive by default. Resources hosted on web servers such as Apache, NGINX and Java EE are case sensitive paths. Web servers such as Microsoft IIS are not case-sensitive.
- conditions String
- If access is conditional, the conditions that must evaluate to true to allow access to a resource. For example, to require the user must be authenticated and have either the role Admin or User
- context
Root String - The root path to the application, often the name of the application. Can be any name, path or just a slash (“/”). The context root uniquely identifies the application within the enforcement point.
- landing
Page String - The location within the context root to which the browser will be redirected for IdP-initiated single sign-on. For example, the landing page might be an index page in the context root such as index.html or default.aspx. The landing page cannot begin with a slash and must use valid URL characters.
- permissions String
- Specify to always
allow
,deny
access to resources, of if access isconditional
. - require
Sitewide BooleanAuthentication - Require user authentication to access any resource protected by this enforcement point.
- resources List<Property Map>
- Array of resource objects
- session
Expiry Property MapFixed - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- session
Expiry Property MapInactivity - unit: - 0 = Seconds - 1 = Minutes - 2 = Hours value: - When Unit = 0 or 1 value must be 0-60 - When Unit = 2 value must be 0-24
- target String
- A fully-qualified URL to the internal application including scheme, authority and path. The target host authority must be an IP address, not a hostname.
- token String
- Can only be set on create. Access Gateway Token.
- use
Target BooleanHost Header - Use the target host header as opposed to the original gateway or upstream host header.
- vhost String
- A comma-delimited list of one or more virtual hosts that map to applications assigned to the enforcement point. A VHOST may be a host name or an IP address. VHOST distinguish between applications that are at the same context root.
GetInstanceEnforcementPointResource
- Conditions string
- required if permission == "conditions"
- Is
Path boolRegex - Path string
- Permission string
- Require
Auth bool
- Conditions string
- required if permission == "conditions"
- Is
Path boolRegex - Path string
- Permission string
- Require
Auth bool
- conditions String
- required if permission == "conditions"
- is
Path BooleanRegex - path String
- permission String
- require
Auth Boolean
- conditions string
- required if permission == "conditions"
- is
Path booleanRegex - path string
- permission string
- require
Auth boolean
- conditions str
- required if permission == "conditions"
- is_
path_ boolregex - path str
- permission str
- require_
auth bool
- conditions String
- required if permission == "conditions"
- is
Path BooleanRegex - path String
- permission String
- require
Auth Boolean
GetInstanceEnforcementPointSessionExpiryFixed
GetInstanceEnforcementPointSessionExpiryInactivity
GetInstanceParameters
GetInstanceParametersGroups
- Attributes
Transformations string - Default
Values string - Id int
- Label string
- Provisioned
Entitlements bool - Skip
If boolBlank - User
Attribute stringMacros - User
Attribute stringMappings - Values string
- Attributes
Transformations string - Default
Values string - Id int
- Label string
- Provisioned
Entitlements bool - Skip
If boolBlank - User
Attribute stringMacros - User
Attribute stringMappings - Values string
- attributes
Transformations String - default
Values String - id Integer
- label String
- provisioned
Entitlements Boolean - skip
If BooleanBlank - user
Attribute StringMacros - user
Attribute StringMappings - values String
- attributes
Transformations string - default
Values string - id number
- label string
- provisioned
Entitlements boolean - skip
If booleanBlank - user
Attribute stringMacros - user
Attribute stringMappings - values string
- attributes_
transformations str - default_
values str - id int
- label str
- provisioned_
entitlements bool - skip_
if_ boolblank - user_
attribute_ strmacros - user_
attribute_ strmappings - values str
- attributes
Transformations String - default
Values String - id Number
- label String
- provisioned
Entitlements Boolean - skip
If BooleanBlank - user
Attribute StringMacros - user
Attribute StringMappings - values String
GetInstanceProvisioning
GetInstanceSso
- Acs
Url string - App Name. This is only returned after Creating a SAML App.
- Certificate
Get
Instance Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- Client
Id string - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- Client
Secret string - OpenId Connet Client Secret
- Issuer string
- Issuer of app. This is only returned after Creating a SAML App.
- Metadata
Url string - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- Acs
Url string - App Name. This is only returned after Creating a SAML App.
- Certificate
Get
Instance Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- Client
Id string - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- Client
Secret string - OpenId Connet Client Secret
- Issuer string
- Issuer of app. This is only returned after Creating a SAML App.
- Metadata
Url string - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- acs
Url String - App Name. This is only returned after Creating a SAML App.
- certificate
Get
Instance Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- client
Id String - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- client
Secret String - OpenId Connet Client Secret
- issuer String
- Issuer of app. This is only returned after Creating a SAML App.
- metadata
Url String - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- acs
Url string - App Name. This is only returned after Creating a SAML App.
- certificate
Get
Instance Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- client
Id string - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- client
Secret string - OpenId Connet Client Secret
- issuer string
- Issuer of app. This is only returned after Creating a SAML App.
- metadata
Url string - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- acs_
url str - App Name. This is only returned after Creating a SAML App.
- certificate
Get
Instance Sso Certificate - The certificate used for signing. This is only returned after Creating a SAML App.
- client_
id str - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- client_
secret str - OpenId Connet Client Secret
- issuer str
- Issuer of app. This is only returned after Creating a SAML App.
- metadata_
url str - ID of the apps underlying connector. This is only returned after Creating a SAML App.
- acs
Url String - App Name. This is only returned after Creating a SAML App.
- certificate Property Map
- The certificate used for signing. This is only returned after Creating a SAML App.
- client
Id String - The OpenId Connect Client Id. Note that client_secret is only returned after Creating an OIDC App.
- client
Secret String - OpenId Connet Client Secret
- issuer String
- Issuer of app. This is only returned after Creating a SAML App.
- metadata
Url String - ID of the apps underlying connector. This is only returned after Creating a SAML App.
GetInstanceSsoCertificate
Package Details
- Repository
- onelogin pulumi/pulumi-onelogin
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
onelogin
Terraform Provider.