saml

package
v5.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 11, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	pulumi.CustomResourceState

	AssertionConsumerPostUrl           pulumi.StringPtrOutput                            `pulumi:"assertionConsumerPostUrl"`
	AssertionConsumerRedirectUrl       pulumi.StringPtrOutput                            `pulumi:"assertionConsumerRedirectUrl"`
	AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverridesPtrOutput `pulumi:"authenticationFlowBindingOverrides"`
	BaseUrl                            pulumi.StringPtrOutput                            `pulumi:"baseUrl"`
	CanonicalizationMethod             pulumi.StringPtrOutput                            `pulumi:"canonicalizationMethod"`
	ClientId                           pulumi.StringOutput                               `pulumi:"clientId"`
	ClientSignatureRequired            pulumi.BoolPtrOutput                              `pulumi:"clientSignatureRequired"`
	Description                        pulumi.StringPtrOutput                            `pulumi:"description"`
	Enabled                            pulumi.BoolPtrOutput                              `pulumi:"enabled"`
	EncryptAssertions                  pulumi.BoolPtrOutput                              `pulumi:"encryptAssertions"`
	EncryptionCertificate              pulumi.StringOutput                               `pulumi:"encryptionCertificate"`
	EncryptionCertificateSha1          pulumi.StringOutput                               `pulumi:"encryptionCertificateSha1"`
	ExtraConfig                        pulumi.MapOutput                                  `pulumi:"extraConfig"`
	ForceNameIdFormat                  pulumi.BoolPtrOutput                              `pulumi:"forceNameIdFormat"`
	ForcePostBinding                   pulumi.BoolPtrOutput                              `pulumi:"forcePostBinding"`
	FrontChannelLogout                 pulumi.BoolPtrOutput                              `pulumi:"frontChannelLogout"`
	FullScopeAllowed                   pulumi.BoolPtrOutput                              `pulumi:"fullScopeAllowed"`
	IdpInitiatedSsoRelayState          pulumi.StringPtrOutput                            `pulumi:"idpInitiatedSsoRelayState"`
	IdpInitiatedSsoUrlName             pulumi.StringPtrOutput                            `pulumi:"idpInitiatedSsoUrlName"`
	IncludeAuthnStatement              pulumi.BoolPtrOutput                              `pulumi:"includeAuthnStatement"`
	LoginTheme                         pulumi.StringPtrOutput                            `pulumi:"loginTheme"`
	LogoutServicePostBindingUrl        pulumi.StringPtrOutput                            `pulumi:"logoutServicePostBindingUrl"`
	LogoutServiceRedirectBindingUrl    pulumi.StringPtrOutput                            `pulumi:"logoutServiceRedirectBindingUrl"`
	MasterSamlProcessingUrl            pulumi.StringPtrOutput                            `pulumi:"masterSamlProcessingUrl"`
	Name                               pulumi.StringOutput                               `pulumi:"name"`
	NameIdFormat                       pulumi.StringOutput                               `pulumi:"nameIdFormat"`
	RealmId                            pulumi.StringOutput                               `pulumi:"realmId"`
	RootUrl                            pulumi.StringPtrOutput                            `pulumi:"rootUrl"`
	SignAssertions                     pulumi.BoolPtrOutput                              `pulumi:"signAssertions"`
	SignDocuments                      pulumi.BoolPtrOutput                              `pulumi:"signDocuments"`
	SignatureAlgorithm                 pulumi.StringPtrOutput                            `pulumi:"signatureAlgorithm"`
	SignatureKeyName                   pulumi.StringPtrOutput                            `pulumi:"signatureKeyName"`
	SigningCertificate                 pulumi.StringOutput                               `pulumi:"signingCertificate"`
	SigningCertificateSha1             pulumi.StringOutput                               `pulumi:"signingCertificateSha1"`
	SigningPrivateKey                  pulumi.StringOutput                               `pulumi:"signingPrivateKey"`
	SigningPrivateKeySha1              pulumi.StringOutput                               `pulumi:"signingPrivateKeySha1"`
	ValidRedirectUris                  pulumi.StringArrayOutput                          `pulumi:"validRedirectUris"`
}

## # saml.Client

Allows for creating and managing Keycloak clients that use the SAML protocol.

Clients are entities that can use Keycloak for user authentication. Typically, clients are applications that redirect users to Keycloak for authentication in order to take advantage of Keycloak's user sessions for SSO.

### Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"os"

"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Enabled: pulumi.Bool(true),
			Realm:   pulumi.String("my-realm"),
		})
		if err != nil {
			return err
		}
		_, err = saml.NewClient(ctx, "samlClient", &saml.ClientArgs{
			ClientId:              pulumi.String("test-saml-client"),
			IncludeAuthnStatement: pulumi.Bool(true),
			RealmId:               realm.ID(),
			SignAssertions:        pulumi.Bool(true),
			SignDocuments:         pulumi.Bool(false),
			SigningCertificate:    readFileOrPanic("saml-cert.pem"),
			SigningPrivateKey:     readFileOrPanic("saml-key.pem"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Argument Reference

The following arguments are supported:

- `realmId` - (Required) The realm this client is attached to. - `clientId` - (Required) The unique ID of this client, referenced in the URI during authentication and in issued tokens. - `name` - (Optional) The display name of this client in the GUI. - `enabled` - (Optional) When false, this client will not be able to initiate a login or obtain access tokens. Defaults to `true`. - `description` - (Optional) The description of this client in the GUI. - `includeAuthnStatement` - (Optional) When `true`, an `AuthnStatement` will be included in the SAML response. - `signDocuments` - (Optional) When `true`, the SAML document will be signed by Keycloak using the realm's private key. - `signAssertions` - (Optional) When `true`, the SAML assertions will be signed by Keycloak using the realm's private key, and embedded within the SAML XML Auth response. - `clientSignatureRequired` - (Optional) When `true`, Keycloak will expect that documents originating from a client will be signed using the certificate and/or key configured via `signingCertificate` and `signingPrivateKey`. - `forcePostBinding` - (Optional) When `true`, Keycloak will always respond to an authentication request via the SAML POST Binding. - `frontChannelLogout` - (Optional) When `true`, this client will require a browser redirect in order to perform a logout. - `nameIdFormat` - (Optional) Sets the Name ID format for the subject. - `rootUrl` - (Optional) When specified, this value is prepended to all relative URLs. - `validRedirectUris` - (Optional) When specified, Keycloak will use this list to validate given Assertion Consumer URLs specified in the authentication request. - `baseUrl` - (Optional) When specified, this URL will be used whenever Keycloak needs to link to this client. - `masterSamlProcessingUrl` - (Optional) When specified, this URL will be used for all SAML requests. - `signingCertificate` - (Optional) If documents or assertions from the client are signed, this certificate will be used to verify the signature. - `signingPrivateKey` - (Optional) If documents or assertions from the client are signed, this private key will be used to verify the signature. - `idpInitiatedSsoUrlName` - (Optional) URL fragment name to reference client when you want to do IDP Initiated SSO. - `idpInitiatedSsoRelayState` - (Optional) Relay state you want to send with SAML request when you want to do IDP Initiated SSO. - `assertionConsumerPostUrl` - (Optional) SAML POST Binding URL for the client's assertion consumer service (login responses). - `assertionConsumerRedirectUrl` - (Optional) SAML Redirect Binding URL for the client's assertion consumer service (login responses). - `logoutServicePostBindingUrl` - (Optional) SAML POST Binding URL for the client's single logout service. - `logoutServiceRedirectBindingUrl` - (Optional) SAML Redirect Binding URL for the client's single logout service. - `fullScopeAllowed` - (Optional) - Allow to include all roles mappings in the access token

### Import

Clients can be imported using the format `{{realm_id}}/{{client_keycloak_id}}`, where `clientKeycloakId` is the unique ID that Keycloak assigns to the client upon creation. This value can be found in the URI when editing this client in the GUI, and is typically a GUID.

Example:

func GetClient 

func GetClient(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientState, opts ...pulumi.ResourceOption) (*Client, error)

GetClient gets an existing Client resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClient 

func NewClient(ctx *pulumi.Context,
	name string, args *ClientArgs, opts ...pulumi.ResourceOption) (*Client, error)

NewClient registers a new resource with the given unique name, arguments, and options.

func (*Client) ElementType 

func (*Client) ElementType() reflect.Type

func (*Client) ToClientOutput 

func (i *Client) ToClientOutput() ClientOutput

func (*Client) ToClientOutputWithContext 

func (i *Client) ToClientOutputWithContext(ctx context.Context) ClientOutput

type ClientArgs 

type ClientArgs struct {
	AssertionConsumerPostUrl           pulumi.StringPtrInput
	AssertionConsumerRedirectUrl       pulumi.StringPtrInput
	AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverridesPtrInput
	BaseUrl                            pulumi.StringPtrInput
	CanonicalizationMethod             pulumi.StringPtrInput
	ClientId                           pulumi.StringInput
	ClientSignatureRequired            pulumi.BoolPtrInput
	Description                        pulumi.StringPtrInput
	Enabled                            pulumi.BoolPtrInput
	EncryptAssertions                  pulumi.BoolPtrInput
	EncryptionCertificate              pulumi.StringPtrInput
	ExtraConfig                        pulumi.MapInput
	ForceNameIdFormat                  pulumi.BoolPtrInput
	ForcePostBinding                   pulumi.BoolPtrInput
	FrontChannelLogout                 pulumi.BoolPtrInput
	FullScopeAllowed                   pulumi.BoolPtrInput
	IdpInitiatedSsoRelayState          pulumi.StringPtrInput
	IdpInitiatedSsoUrlName             pulumi.StringPtrInput
	IncludeAuthnStatement              pulumi.BoolPtrInput
	LoginTheme                         pulumi.StringPtrInput
	LogoutServicePostBindingUrl        pulumi.StringPtrInput
	LogoutServiceRedirectBindingUrl    pulumi.StringPtrInput
	MasterSamlProcessingUrl            pulumi.StringPtrInput
	Name                               pulumi.StringPtrInput
	NameIdFormat                       pulumi.StringPtrInput
	RealmId                            pulumi.StringInput
	RootUrl                            pulumi.StringPtrInput
	SignAssertions                     pulumi.BoolPtrInput
	SignDocuments                      pulumi.BoolPtrInput
	SignatureAlgorithm                 pulumi.StringPtrInput
	SignatureKeyName                   pulumi.StringPtrInput
	SigningCertificate                 pulumi.StringPtrInput
	SigningPrivateKey                  pulumi.StringPtrInput
	ValidRedirectUris                  pulumi.StringArrayInput
}

The set of arguments for constructing a Client resource.

func (ClientArgs) ElementType 

func (ClientArgs) ElementType() reflect.Type

type ClientArray 

type ClientArray []ClientInput

func (ClientArray) ElementType 

func (ClientArray) ElementType() reflect.Type

func (ClientArray) ToClientArrayOutput 

func (i ClientArray) ToClientArrayOutput() ClientArrayOutput

func (ClientArray) ToClientArrayOutputWithContext 

func (i ClientArray) ToClientArrayOutputWithContext(ctx context.Context) ClientArrayOutput

type ClientArrayInput 

type ClientArrayInput interface {
	pulumi.Input

	ToClientArrayOutput() ClientArrayOutput
	ToClientArrayOutputWithContext(context.Context) ClientArrayOutput
}

ClientArrayInput is an input type that accepts ClientArray and ClientArrayOutput values. You can construct a concrete instance of `ClientArrayInput` via: 

ClientArray{ ClientArgs{...} }

type ClientArrayOutput 

type ClientArrayOutput struct{ *pulumi.OutputState }

func (ClientArrayOutput) ElementType 

func (ClientArrayOutput) ElementType() reflect.Type

func (ClientArrayOutput) Index 

func (o ClientArrayOutput) Index(i pulumi.IntInput) ClientOutput

func (ClientArrayOutput) ToClientArrayOutput 

func (o ClientArrayOutput) ToClientArrayOutput() ClientArrayOutput

func (ClientArrayOutput) ToClientArrayOutputWithContext 

func (o ClientArrayOutput) ToClientArrayOutputWithContext(ctx context.Context) ClientArrayOutput

type ClientAuthenticationFlowBindingOverrides 

type ClientAuthenticationFlowBindingOverrides struct {
	BrowserId     *string `pulumi:"browserId"`
	DirectGrantId *string `pulumi:"directGrantId"`
}

type ClientAuthenticationFlowBindingOverridesArgs 

type ClientAuthenticationFlowBindingOverridesArgs struct {
	BrowserId     pulumi.StringPtrInput `pulumi:"browserId"`
	DirectGrantId pulumi.StringPtrInput `pulumi:"directGrantId"`
}

func (ClientAuthenticationFlowBindingOverridesArgs) ElementType 

func (ClientAuthenticationFlowBindingOverridesArgs) ElementType() reflect.Type

func (ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutput 

func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutput() ClientAuthenticationFlowBindingOverridesOutput

func (ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutputWithContext 

func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesOutput

func (ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutput 

func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput

func (ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext 

func (i ClientAuthenticationFlowBindingOverridesArgs) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput

type ClientAuthenticationFlowBindingOverridesInput 

type ClientAuthenticationFlowBindingOverridesInput interface {
	pulumi.Input

	ToClientAuthenticationFlowBindingOverridesOutput() ClientAuthenticationFlowBindingOverridesOutput
	ToClientAuthenticationFlowBindingOverridesOutputWithContext(context.Context) ClientAuthenticationFlowBindingOverridesOutput
}

ClientAuthenticationFlowBindingOverridesInput is an input type that accepts ClientAuthenticationFlowBindingOverridesArgs and ClientAuthenticationFlowBindingOverridesOutput values. You can construct a concrete instance of `ClientAuthenticationFlowBindingOverridesInput` via: 

ClientAuthenticationFlowBindingOverridesArgs{...}

type ClientAuthenticationFlowBindingOverridesOutput 

type ClientAuthenticationFlowBindingOverridesOutput struct{ *pulumi.OutputState }

func (ClientAuthenticationFlowBindingOverridesOutput) BrowserId 

func (o ClientAuthenticationFlowBindingOverridesOutput) BrowserId() pulumi.StringPtrOutput

func (ClientAuthenticationFlowBindingOverridesOutput) DirectGrantId 

func (o ClientAuthenticationFlowBindingOverridesOutput) DirectGrantId() pulumi.StringPtrOutput

func (ClientAuthenticationFlowBindingOverridesOutput) ElementType 

func (ClientAuthenticationFlowBindingOverridesOutput) ElementType() reflect.Type

func (ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutput 

func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutput() ClientAuthenticationFlowBindingOverridesOutput

func (ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutputWithContext 

func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesOutput

func (ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput 

func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput

func (ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext 

func (o ClientAuthenticationFlowBindingOverridesOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput

type ClientAuthenticationFlowBindingOverridesPtrInput 

type ClientAuthenticationFlowBindingOverridesPtrInput interface {
	pulumi.Input

	ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput
	ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput
}

ClientAuthenticationFlowBindingOverridesPtrInput is an input type that accepts ClientAuthenticationFlowBindingOverridesArgs, ClientAuthenticationFlowBindingOverridesPtr and ClientAuthenticationFlowBindingOverridesPtrOutput values. You can construct a concrete instance of `ClientAuthenticationFlowBindingOverridesPtrInput` via: 

        ClientAuthenticationFlowBindingOverridesArgs{...}

or:

        nil

func ClientAuthenticationFlowBindingOverridesPtr 

func ClientAuthenticationFlowBindingOverridesPtr(v *ClientAuthenticationFlowBindingOverridesArgs) ClientAuthenticationFlowBindingOverridesPtrInput

type ClientAuthenticationFlowBindingOverridesPtrOutput 

type ClientAuthenticationFlowBindingOverridesPtrOutput struct{ *pulumi.OutputState }

func (ClientAuthenticationFlowBindingOverridesPtrOutput) BrowserId 

func (o ClientAuthenticationFlowBindingOverridesPtrOutput) BrowserId() pulumi.StringPtrOutput

func (ClientAuthenticationFlowBindingOverridesPtrOutput) DirectGrantId 

func (o ClientAuthenticationFlowBindingOverridesPtrOutput) DirectGrantId() pulumi.StringPtrOutput

func (ClientAuthenticationFlowBindingOverridesPtrOutput) Elem 

func (o ClientAuthenticationFlowBindingOverridesPtrOutput) Elem() ClientAuthenticationFlowBindingOverridesOutput

func (ClientAuthenticationFlowBindingOverridesPtrOutput) ElementType 

func (ClientAuthenticationFlowBindingOverridesPtrOutput) ElementType() reflect.Type

func (ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput 

func (o ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutput() ClientAuthenticationFlowBindingOverridesPtrOutput

func (ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext 

func (o ClientAuthenticationFlowBindingOverridesPtrOutput) ToClientAuthenticationFlowBindingOverridesPtrOutputWithContext(ctx context.Context) ClientAuthenticationFlowBindingOverridesPtrOutput

type ClientDefaultScope 

type ClientDefaultScope struct {
	pulumi.CustomResourceState

	// The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
	ClientId pulumi.StringOutput `pulumi:"clientId"`
	// An array of client scope names to attach to this client.
	DefaultScopes pulumi.StringArrayOutput `pulumi:"defaultScopes"`
	// The realm this client and scopes exists in.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
}

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"os"

"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = saml.NewClient(ctx, "samlClient", &saml.ClientArgs{
			RealmId:               realm.ID(),
			ClientId:              pulumi.String("saml-client"),
			SignDocuments:         pulumi.Bool(false),
			SignAssertions:        pulumi.Bool(true),
			IncludeAuthnStatement: pulumi.Bool(true),
			SigningCertificate:    readFileOrPanic("saml-cert.pem"),
			SigningPrivateKey:     readFileOrPanic("saml-key.pem"),
		})
		if err != nil {
			return err
		}
		clientScope, err := saml.NewClientScope(ctx, "clientScope", &saml.ClientScopeArgs{
			RealmId: realm.ID(),
		})
		if err != nil {
			return err
		}
		_, err = saml.NewClientDefaultScope(ctx, "clientDefaultScopes", &saml.ClientDefaultScopeArgs{
			RealmId:  realm.ID(),
			ClientId: pulumi.Any(keycloak_saml_client.Client.Id),
			DefaultScopes: pulumi.StringArray{
				pulumi.String("role_list"),
				clientScope.Name,
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

This resource does not support import. Instead of importing, feel free to create this resource as if it did not already exist

on the server.

func GetClientDefaultScope 

func GetClientDefaultScope(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientDefaultScopeState, opts ...pulumi.ResourceOption) (*ClientDefaultScope, error)

GetClientDefaultScope gets an existing ClientDefaultScope resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientDefaultScope 

func NewClientDefaultScope(ctx *pulumi.Context,
	name string, args *ClientDefaultScopeArgs, opts ...pulumi.ResourceOption) (*ClientDefaultScope, error)

NewClientDefaultScope registers a new resource with the given unique name, arguments, and options.

func (*ClientDefaultScope) ElementType 

func (*ClientDefaultScope) ElementType() reflect.Type

func (*ClientDefaultScope) ToClientDefaultScopeOutput 

func (i *ClientDefaultScope) ToClientDefaultScopeOutput() ClientDefaultScopeOutput

func (*ClientDefaultScope) ToClientDefaultScopeOutputWithContext 

func (i *ClientDefaultScope) ToClientDefaultScopeOutputWithContext(ctx context.Context) ClientDefaultScopeOutput

type ClientDefaultScopeArgs 

type ClientDefaultScopeArgs struct {
	// The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
	ClientId pulumi.StringInput
	// An array of client scope names to attach to this client.
	DefaultScopes pulumi.StringArrayInput
	// The realm this client and scopes exists in.
	RealmId pulumi.StringInput
}

The set of arguments for constructing a ClientDefaultScope resource.

func (ClientDefaultScopeArgs) ElementType 

func (ClientDefaultScopeArgs) ElementType() reflect.Type

type ClientDefaultScopeArray 

type ClientDefaultScopeArray []ClientDefaultScopeInput

func (ClientDefaultScopeArray) ElementType 

func (ClientDefaultScopeArray) ElementType() reflect.Type

func (ClientDefaultScopeArray) ToClientDefaultScopeArrayOutput 

func (i ClientDefaultScopeArray) ToClientDefaultScopeArrayOutput() ClientDefaultScopeArrayOutput

func (ClientDefaultScopeArray) ToClientDefaultScopeArrayOutputWithContext 

func (i ClientDefaultScopeArray) ToClientDefaultScopeArrayOutputWithContext(ctx context.Context) ClientDefaultScopeArrayOutput

type ClientDefaultScopeArrayInput 

type ClientDefaultScopeArrayInput interface {
	pulumi.Input

	ToClientDefaultScopeArrayOutput() ClientDefaultScopeArrayOutput
	ToClientDefaultScopeArrayOutputWithContext(context.Context) ClientDefaultScopeArrayOutput
}

ClientDefaultScopeArrayInput is an input type that accepts ClientDefaultScopeArray and ClientDefaultScopeArrayOutput values. You can construct a concrete instance of `ClientDefaultScopeArrayInput` via: 

ClientDefaultScopeArray{ ClientDefaultScopeArgs{...} }

type ClientDefaultScopeArrayOutput 

type ClientDefaultScopeArrayOutput struct{ *pulumi.OutputState }

func (ClientDefaultScopeArrayOutput) ElementType 

func (ClientDefaultScopeArrayOutput) ElementType() reflect.Type

func (ClientDefaultScopeArrayOutput) Index 

func (o ClientDefaultScopeArrayOutput) Index(i pulumi.IntInput) ClientDefaultScopeOutput

func (ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutput 

func (o ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutput() ClientDefaultScopeArrayOutput

func (ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutputWithContext 

func (o ClientDefaultScopeArrayOutput) ToClientDefaultScopeArrayOutputWithContext(ctx context.Context) ClientDefaultScopeArrayOutput

type ClientDefaultScopeInput 

type ClientDefaultScopeInput interface {
	pulumi.Input

	ToClientDefaultScopeOutput() ClientDefaultScopeOutput
	ToClientDefaultScopeOutputWithContext(ctx context.Context) ClientDefaultScopeOutput
}

type ClientDefaultScopeMap 

type ClientDefaultScopeMap map[string]ClientDefaultScopeInput

func (ClientDefaultScopeMap) ElementType 

func (ClientDefaultScopeMap) ElementType() reflect.Type

func (ClientDefaultScopeMap) ToClientDefaultScopeMapOutput 

func (i ClientDefaultScopeMap) ToClientDefaultScopeMapOutput() ClientDefaultScopeMapOutput

func (ClientDefaultScopeMap) ToClientDefaultScopeMapOutputWithContext 

func (i ClientDefaultScopeMap) ToClientDefaultScopeMapOutputWithContext(ctx context.Context) ClientDefaultScopeMapOutput

type ClientDefaultScopeMapInput 

type ClientDefaultScopeMapInput interface {
	pulumi.Input

	ToClientDefaultScopeMapOutput() ClientDefaultScopeMapOutput
	ToClientDefaultScopeMapOutputWithContext(context.Context) ClientDefaultScopeMapOutput
}

ClientDefaultScopeMapInput is an input type that accepts ClientDefaultScopeMap and ClientDefaultScopeMapOutput values. You can construct a concrete instance of `ClientDefaultScopeMapInput` via: 

ClientDefaultScopeMap{ "key": ClientDefaultScopeArgs{...} }

type ClientDefaultScopeMapOutput 

type ClientDefaultScopeMapOutput struct{ *pulumi.OutputState }

func (ClientDefaultScopeMapOutput) ElementType 

func (ClientDefaultScopeMapOutput) ElementType() reflect.Type

func (ClientDefaultScopeMapOutput) MapIndex 

func (o ClientDefaultScopeMapOutput) MapIndex(k pulumi.StringInput) ClientDefaultScopeOutput

func (ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutput 

func (o ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutput() ClientDefaultScopeMapOutput

func (ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutputWithContext 

func (o ClientDefaultScopeMapOutput) ToClientDefaultScopeMapOutputWithContext(ctx context.Context) ClientDefaultScopeMapOutput

type ClientDefaultScopeOutput 

type ClientDefaultScopeOutput struct{ *pulumi.OutputState }

func (ClientDefaultScopeOutput) ClientId 

func (o ClientDefaultScopeOutput) ClientId() pulumi.StringOutput

The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.

func (ClientDefaultScopeOutput) DefaultScopes 

func (o ClientDefaultScopeOutput) DefaultScopes() pulumi.StringArrayOutput

An array of client scope names to attach to this client.

func (ClientDefaultScopeOutput) ElementType 

func (ClientDefaultScopeOutput) ElementType() reflect.Type

func (ClientDefaultScopeOutput) RealmId 

func (o ClientDefaultScopeOutput) RealmId() pulumi.StringOutput

The realm this client and scopes exists in.

func (ClientDefaultScopeOutput) ToClientDefaultScopeOutput 

func (o ClientDefaultScopeOutput) ToClientDefaultScopeOutput() ClientDefaultScopeOutput

func (ClientDefaultScopeOutput) ToClientDefaultScopeOutputWithContext 

func (o ClientDefaultScopeOutput) ToClientDefaultScopeOutputWithContext(ctx context.Context) ClientDefaultScopeOutput

type ClientDefaultScopeState 

type ClientDefaultScopeState struct {
	// The ID of the client to attach default scopes to. Note that this is the unique ID of the client generated by Keycloak.
	ClientId pulumi.StringPtrInput
	// An array of client scope names to attach to this client.
	DefaultScopes pulumi.StringArrayInput
	// The realm this client and scopes exists in.
	RealmId pulumi.StringPtrInput
}

func (ClientDefaultScopeState) ElementType 

func (ClientDefaultScopeState) ElementType() reflect.Type

type ClientInput 

type ClientInput interface {
	pulumi.Input

	ToClientOutput() ClientOutput
	ToClientOutputWithContext(ctx context.Context) ClientOutput
}

type ClientMap 

type ClientMap map[string]ClientInput

func (ClientMap) ElementType 

func (ClientMap) ElementType() reflect.Type

func (ClientMap) ToClientMapOutput 

func (i ClientMap) ToClientMapOutput() ClientMapOutput

func (ClientMap) ToClientMapOutputWithContext 

func (i ClientMap) ToClientMapOutputWithContext(ctx context.Context) ClientMapOutput

type ClientMapInput 

type ClientMapInput interface {
	pulumi.Input

	ToClientMapOutput() ClientMapOutput
	ToClientMapOutputWithContext(context.Context) ClientMapOutput
}

ClientMapInput is an input type that accepts ClientMap and ClientMapOutput values. You can construct a concrete instance of `ClientMapInput` via: 

ClientMap{ "key": ClientArgs{...} }

type ClientMapOutput 

type ClientMapOutput struct{ *pulumi.OutputState }

func (ClientMapOutput) ElementType 

func (ClientMapOutput) ElementType() reflect.Type

func (ClientMapOutput) MapIndex 

func (o ClientMapOutput) MapIndex(k pulumi.StringInput) ClientOutput

func (ClientMapOutput) ToClientMapOutput 

func (o ClientMapOutput) ToClientMapOutput() ClientMapOutput

func (ClientMapOutput) ToClientMapOutputWithContext 

func (o ClientMapOutput) ToClientMapOutputWithContext(ctx context.Context) ClientMapOutput

type ClientOutput 

type ClientOutput struct{ *pulumi.OutputState }

func (ClientOutput) AssertionConsumerPostUrl 

func (o ClientOutput) AssertionConsumerPostUrl() pulumi.StringPtrOutput

func (ClientOutput) AssertionConsumerRedirectUrl 

func (o ClientOutput) AssertionConsumerRedirectUrl() pulumi.StringPtrOutput

func (ClientOutput) AuthenticationFlowBindingOverrides 

func (o ClientOutput) AuthenticationFlowBindingOverrides() ClientAuthenticationFlowBindingOverridesPtrOutput

func (ClientOutput) BaseUrl 

func (o ClientOutput) BaseUrl() pulumi.StringPtrOutput

func (ClientOutput) CanonicalizationMethod 

func (o ClientOutput) CanonicalizationMethod() pulumi.StringPtrOutput

func (ClientOutput) ClientId 

func (o ClientOutput) ClientId() pulumi.StringOutput

func (ClientOutput) ClientSignatureRequired 

func (o ClientOutput) ClientSignatureRequired() pulumi.BoolPtrOutput

func (ClientOutput) Description 

func (o ClientOutput) Description() pulumi.StringPtrOutput

func (ClientOutput) ElementType 

func (ClientOutput) ElementType() reflect.Type

func (ClientOutput) Enabled 

func (o ClientOutput) Enabled() pulumi.BoolPtrOutput

func (ClientOutput) EncryptAssertions 

func (o ClientOutput) EncryptAssertions() pulumi.BoolPtrOutput

func (ClientOutput) EncryptionCertificate 

func (o ClientOutput) EncryptionCertificate() pulumi.StringOutput

func (ClientOutput) EncryptionCertificateSha1 

func (o ClientOutput) EncryptionCertificateSha1() pulumi.StringOutput

func (ClientOutput) ExtraConfig 

func (o ClientOutput) ExtraConfig() pulumi.MapOutput

func (ClientOutput) ForceNameIdFormat 

func (o ClientOutput) ForceNameIdFormat() pulumi.BoolPtrOutput

func (ClientOutput) ForcePostBinding 

func (o ClientOutput) ForcePostBinding() pulumi.BoolPtrOutput

func (ClientOutput) FrontChannelLogout 

func (o ClientOutput) FrontChannelLogout() pulumi.BoolPtrOutput

func (ClientOutput) FullScopeAllowed 

func (o ClientOutput) FullScopeAllowed() pulumi.BoolPtrOutput

func (ClientOutput) IdpInitiatedSsoRelayState 

func (o ClientOutput) IdpInitiatedSsoRelayState() pulumi.StringPtrOutput

func (ClientOutput) IdpInitiatedSsoUrlName 

func (o ClientOutput) IdpInitiatedSsoUrlName() pulumi.StringPtrOutput

func (ClientOutput) IncludeAuthnStatement 

func (o ClientOutput) IncludeAuthnStatement() pulumi.BoolPtrOutput

func (ClientOutput) LoginTheme 

func (o ClientOutput) LoginTheme() pulumi.StringPtrOutput

func (ClientOutput) LogoutServicePostBindingUrl 

func (o ClientOutput) LogoutServicePostBindingUrl() pulumi.StringPtrOutput

func (ClientOutput) LogoutServiceRedirectBindingUrl 

func (o ClientOutput) LogoutServiceRedirectBindingUrl() pulumi.StringPtrOutput

func (ClientOutput) MasterSamlProcessingUrl 

func (o ClientOutput) MasterSamlProcessingUrl() pulumi.StringPtrOutput

func (ClientOutput) Name 

func (o ClientOutput) Name() pulumi.StringOutput

func (ClientOutput) NameIdFormat 

func (o ClientOutput) NameIdFormat() pulumi.StringOutput

func (ClientOutput) RealmId 

func (o ClientOutput) RealmId() pulumi.StringOutput

func (ClientOutput) RootUrl 

func (o ClientOutput) RootUrl() pulumi.StringPtrOutput

func (ClientOutput) SignAssertions 

func (o ClientOutput) SignAssertions() pulumi.BoolPtrOutput

func (ClientOutput) SignDocuments 

func (o ClientOutput) SignDocuments() pulumi.BoolPtrOutput

func (ClientOutput) SignatureAlgorithm 

func (o ClientOutput) SignatureAlgorithm() pulumi.StringPtrOutput

func (ClientOutput) SignatureKeyName 

func (o ClientOutput) SignatureKeyName() pulumi.StringPtrOutput

func (ClientOutput) SigningCertificate 

func (o ClientOutput) SigningCertificate() pulumi.StringOutput

func (ClientOutput) SigningCertificateSha1 

func (o ClientOutput) SigningCertificateSha1() pulumi.StringOutput

func (ClientOutput) SigningPrivateKey 

func (o ClientOutput) SigningPrivateKey() pulumi.StringOutput

func (ClientOutput) SigningPrivateKeySha1 

func (o ClientOutput) SigningPrivateKeySha1() pulumi.StringOutput

func (ClientOutput) ToClientOutput 

func (o ClientOutput) ToClientOutput() ClientOutput

func (ClientOutput) ToClientOutputWithContext 

func (o ClientOutput) ToClientOutputWithContext(ctx context.Context) ClientOutput

func (ClientOutput) ValidRedirectUris 

func (o ClientOutput) ValidRedirectUris() pulumi.StringArrayOutput

type ClientScope 

type ClientScope struct {
	pulumi.CustomResourceState

	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	ConsentScreenText pulumi.StringPtrOutput `pulumi:"consentScreenText"`
	// The description of this client scope in the GUI.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	GuiOrder pulumi.IntPtrOutput `pulumi:"guiOrder"`
	// The display name of this client scope in the GUI.
	Name pulumi.StringOutput `pulumi:"name"`
	// The realm this client scope belongs to.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
}

Allows for creating and managing Keycloak client scopes that can be attached to clients that use the SAML protocol.

Client Scopes can be used to share common protocol and role mappings between multiple clients within a realm.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = saml.NewClientScope(ctx, "samlClientScope", &saml.ClientScopeArgs{
			RealmId:     realm.ID(),
			Description: pulumi.String("This scope will map a user's group memberships to SAML assertion"),
			GuiOrder:    pulumi.Int(1),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Client scopes can be imported using the format `{{realm_id}}/{{client_scope_id}}`, where `client_scope_id` is the unique ID that Keycloak

assigns to the client scope upon creation. This value can be found in the URI when editing this client scope in the GUI, and is typically a GUID.

Example:

bash

```sh $ pulumi import keycloak:saml/clientScope:ClientScope saml_client_scope my-realm/e8a5d115-6985-4de3-a0f5-732e1be4525e ```

func GetClientScope 

func GetClientScope(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClientScopeState, opts ...pulumi.ResourceOption) (*ClientScope, error)

GetClientScope gets an existing ClientScope resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClientScope 

func NewClientScope(ctx *pulumi.Context,
	name string, args *ClientScopeArgs, opts ...pulumi.ResourceOption) (*ClientScope, error)

NewClientScope registers a new resource with the given unique name, arguments, and options.

func (*ClientScope) ElementType 

func (*ClientScope) ElementType() reflect.Type

func (*ClientScope) ToClientScopeOutput 

func (i *ClientScope) ToClientScopeOutput() ClientScopeOutput

func (*ClientScope) ToClientScopeOutputWithContext 

func (i *ClientScope) ToClientScopeOutputWithContext(ctx context.Context) ClientScopeOutput

type ClientScopeArgs 

type ClientScopeArgs struct {
	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	ConsentScreenText pulumi.StringPtrInput
	// The description of this client scope in the GUI.
	Description pulumi.StringPtrInput
	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	GuiOrder pulumi.IntPtrInput
	// The display name of this client scope in the GUI.
	Name pulumi.StringPtrInput
	// The realm this client scope belongs to.
	RealmId pulumi.StringInput
}

The set of arguments for constructing a ClientScope resource.

func (ClientScopeArgs) ElementType 

func (ClientScopeArgs) ElementType() reflect.Type

type ClientScopeArray 

type ClientScopeArray []ClientScopeInput

func (ClientScopeArray) ElementType 

func (ClientScopeArray) ElementType() reflect.Type

func (ClientScopeArray) ToClientScopeArrayOutput 

func (i ClientScopeArray) ToClientScopeArrayOutput() ClientScopeArrayOutput

func (ClientScopeArray) ToClientScopeArrayOutputWithContext 

func (i ClientScopeArray) ToClientScopeArrayOutputWithContext(ctx context.Context) ClientScopeArrayOutput

type ClientScopeArrayInput 

type ClientScopeArrayInput interface {
	pulumi.Input

	ToClientScopeArrayOutput() ClientScopeArrayOutput
	ToClientScopeArrayOutputWithContext(context.Context) ClientScopeArrayOutput
}

ClientScopeArrayInput is an input type that accepts ClientScopeArray and ClientScopeArrayOutput values. You can construct a concrete instance of `ClientScopeArrayInput` via: 

ClientScopeArray{ ClientScopeArgs{...} }

type ClientScopeArrayOutput 

type ClientScopeArrayOutput struct{ *pulumi.OutputState }

func (ClientScopeArrayOutput) ElementType 

func (ClientScopeArrayOutput) ElementType() reflect.Type

func (ClientScopeArrayOutput) Index 

func (o ClientScopeArrayOutput) Index(i pulumi.IntInput) ClientScopeOutput

func (ClientScopeArrayOutput) ToClientScopeArrayOutput 

func (o ClientScopeArrayOutput) ToClientScopeArrayOutput() ClientScopeArrayOutput

func (ClientScopeArrayOutput) ToClientScopeArrayOutputWithContext 

func (o ClientScopeArrayOutput) ToClientScopeArrayOutputWithContext(ctx context.Context) ClientScopeArrayOutput

type ClientScopeInput 

type ClientScopeInput interface {
	pulumi.Input

	ToClientScopeOutput() ClientScopeOutput
	ToClientScopeOutputWithContext(ctx context.Context) ClientScopeOutput
}

type ClientScopeMap 

type ClientScopeMap map[string]ClientScopeInput

func (ClientScopeMap) ElementType 

func (ClientScopeMap) ElementType() reflect.Type

func (ClientScopeMap) ToClientScopeMapOutput 

func (i ClientScopeMap) ToClientScopeMapOutput() ClientScopeMapOutput

func (ClientScopeMap) ToClientScopeMapOutputWithContext 

func (i ClientScopeMap) ToClientScopeMapOutputWithContext(ctx context.Context) ClientScopeMapOutput

type ClientScopeMapInput 

type ClientScopeMapInput interface {
	pulumi.Input

	ToClientScopeMapOutput() ClientScopeMapOutput
	ToClientScopeMapOutputWithContext(context.Context) ClientScopeMapOutput
}

ClientScopeMapInput is an input type that accepts ClientScopeMap and ClientScopeMapOutput values. You can construct a concrete instance of `ClientScopeMapInput` via: 

ClientScopeMap{ "key": ClientScopeArgs{...} }

type ClientScopeMapOutput 

type ClientScopeMapOutput struct{ *pulumi.OutputState }

func (ClientScopeMapOutput) ElementType 

func (ClientScopeMapOutput) ElementType() reflect.Type

func (ClientScopeMapOutput) MapIndex 

func (o ClientScopeMapOutput) MapIndex(k pulumi.StringInput) ClientScopeOutput

func (ClientScopeMapOutput) ToClientScopeMapOutput 

func (o ClientScopeMapOutput) ToClientScopeMapOutput() ClientScopeMapOutput

func (ClientScopeMapOutput) ToClientScopeMapOutputWithContext 

func (o ClientScopeMapOutput) ToClientScopeMapOutputWithContext(ctx context.Context) ClientScopeMapOutput

type ClientScopeOutput 

type ClientScopeOutput struct{ *pulumi.OutputState }

func (ClientScopeOutput) ConsentScreenText 

func (o ClientScopeOutput) ConsentScreenText() pulumi.StringPtrOutput

When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.

func (ClientScopeOutput) Description 

func (o ClientScopeOutput) Description() pulumi.StringPtrOutput

The description of this client scope in the GUI.

func (ClientScopeOutput) ElementType 

func (ClientScopeOutput) ElementType() reflect.Type

func (ClientScopeOutput) GuiOrder 

func (o ClientScopeOutput) GuiOrder() pulumi.IntPtrOutput

Specify order of the client scope in GUI (such as in Consent page) as integer.

func (ClientScopeOutput) Name 

func (o ClientScopeOutput) Name() pulumi.StringOutput

The display name of this client scope in the GUI.

func (ClientScopeOutput) RealmId 

func (o ClientScopeOutput) RealmId() pulumi.StringOutput

The realm this client scope belongs to.

func (ClientScopeOutput) ToClientScopeOutput 

func (o ClientScopeOutput) ToClientScopeOutput() ClientScopeOutput

func (ClientScopeOutput) ToClientScopeOutputWithContext 

func (o ClientScopeOutput) ToClientScopeOutputWithContext(ctx context.Context) ClientScopeOutput

type ClientScopeState 

type ClientScopeState struct {
	// When set, a consent screen will be displayed to users authenticating to clients with this scope attached. The consent screen will display the string value of this attribute.
	ConsentScreenText pulumi.StringPtrInput
	// The description of this client scope in the GUI.
	Description pulumi.StringPtrInput
	// Specify order of the client scope in GUI (such as in Consent page) as integer.
	GuiOrder pulumi.IntPtrInput
	// The display name of this client scope in the GUI.
	Name pulumi.StringPtrInput
	// The realm this client scope belongs to.
	RealmId pulumi.StringPtrInput
}

func (ClientScopeState) ElementType 

func (ClientScopeState) ElementType() reflect.Type

type ClientState 

type ClientState struct {
	AssertionConsumerPostUrl           pulumi.StringPtrInput
	AssertionConsumerRedirectUrl       pulumi.StringPtrInput
	AuthenticationFlowBindingOverrides ClientAuthenticationFlowBindingOverridesPtrInput
	BaseUrl                            pulumi.StringPtrInput
	CanonicalizationMethod             pulumi.StringPtrInput
	ClientId                           pulumi.StringPtrInput
	ClientSignatureRequired            pulumi.BoolPtrInput
	Description                        pulumi.StringPtrInput
	Enabled                            pulumi.BoolPtrInput
	EncryptAssertions                  pulumi.BoolPtrInput
	EncryptionCertificate              pulumi.StringPtrInput
	EncryptionCertificateSha1          pulumi.StringPtrInput
	ExtraConfig                        pulumi.MapInput
	ForceNameIdFormat                  pulumi.BoolPtrInput
	ForcePostBinding                   pulumi.BoolPtrInput
	FrontChannelLogout                 pulumi.BoolPtrInput
	FullScopeAllowed                   pulumi.BoolPtrInput
	IdpInitiatedSsoRelayState          pulumi.StringPtrInput
	IdpInitiatedSsoUrlName             pulumi.StringPtrInput
	IncludeAuthnStatement              pulumi.BoolPtrInput
	LoginTheme                         pulumi.StringPtrInput
	LogoutServicePostBindingUrl        pulumi.StringPtrInput
	LogoutServiceRedirectBindingUrl    pulumi.StringPtrInput
	MasterSamlProcessingUrl            pulumi.StringPtrInput
	Name                               pulumi.StringPtrInput
	NameIdFormat                       pulumi.StringPtrInput
	RealmId                            pulumi.StringPtrInput
	RootUrl                            pulumi.StringPtrInput
	SignAssertions                     pulumi.BoolPtrInput
	SignDocuments                      pulumi.BoolPtrInput
	SignatureAlgorithm                 pulumi.StringPtrInput
	SignatureKeyName                   pulumi.StringPtrInput
	SigningCertificate                 pulumi.StringPtrInput
	SigningCertificateSha1             pulumi.StringPtrInput
	SigningPrivateKey                  pulumi.StringPtrInput
	SigningPrivateKeySha1              pulumi.StringPtrInput
	ValidRedirectUris                  pulumi.StringArrayInput
}

func (ClientState) ElementType 

func (ClientState) ElementType() reflect.Type

type GetClientAuthenticationFlowBindingOverride 

type GetClientAuthenticationFlowBindingOverride struct {
	BrowserId     string `pulumi:"browserId"`
	DirectGrantId string `pulumi:"directGrantId"`
}

type GetClientAuthenticationFlowBindingOverrideArgs 

type GetClientAuthenticationFlowBindingOverrideArgs struct {
	BrowserId     pulumi.StringInput `pulumi:"browserId"`
	DirectGrantId pulumi.StringInput `pulumi:"directGrantId"`
}

func (GetClientAuthenticationFlowBindingOverrideArgs) ElementType 

func (GetClientAuthenticationFlowBindingOverrideArgs) ElementType() reflect.Type

func (GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutput 

func (i GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutput() GetClientAuthenticationFlowBindingOverrideOutput

func (GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext 

func (i GetClientAuthenticationFlowBindingOverrideArgs) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideOutput

type GetClientAuthenticationFlowBindingOverrideArray 

type GetClientAuthenticationFlowBindingOverrideArray []GetClientAuthenticationFlowBindingOverrideInput

func (GetClientAuthenticationFlowBindingOverrideArray) ElementType 

func (GetClientAuthenticationFlowBindingOverrideArray) ElementType() reflect.Type

func (GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutput 

func (i GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutput() GetClientAuthenticationFlowBindingOverrideArrayOutput

func (GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext 

func (i GetClientAuthenticationFlowBindingOverrideArray) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideArrayOutput

type GetClientAuthenticationFlowBindingOverrideArrayInput 

type GetClientAuthenticationFlowBindingOverrideArrayInput interface {
	pulumi.Input

	ToGetClientAuthenticationFlowBindingOverrideArrayOutput() GetClientAuthenticationFlowBindingOverrideArrayOutput
	ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext(context.Context) GetClientAuthenticationFlowBindingOverrideArrayOutput
}

GetClientAuthenticationFlowBindingOverrideArrayInput is an input type that accepts GetClientAuthenticationFlowBindingOverrideArray and GetClientAuthenticationFlowBindingOverrideArrayOutput values. You can construct a concrete instance of `GetClientAuthenticationFlowBindingOverrideArrayInput` via: 

GetClientAuthenticationFlowBindingOverrideArray{ GetClientAuthenticationFlowBindingOverrideArgs{...} }

type GetClientAuthenticationFlowBindingOverrideArrayOutput 

type GetClientAuthenticationFlowBindingOverrideArrayOutput struct{ *pulumi.OutputState }

func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ElementType 

func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ElementType() reflect.Type

func (GetClientAuthenticationFlowBindingOverrideArrayOutput) Index 

func (o GetClientAuthenticationFlowBindingOverrideArrayOutput) Index(i pulumi.IntInput) GetClientAuthenticationFlowBindingOverrideOutput

func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutput 

func (o GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutput() GetClientAuthenticationFlowBindingOverrideArrayOutput

func (GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext 

func (o GetClientAuthenticationFlowBindingOverrideArrayOutput) ToGetClientAuthenticationFlowBindingOverrideArrayOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideArrayOutput

type GetClientAuthenticationFlowBindingOverrideInput 

type GetClientAuthenticationFlowBindingOverrideInput interface {
	pulumi.Input

	ToGetClientAuthenticationFlowBindingOverrideOutput() GetClientAuthenticationFlowBindingOverrideOutput
	ToGetClientAuthenticationFlowBindingOverrideOutputWithContext(context.Context) GetClientAuthenticationFlowBindingOverrideOutput
}

GetClientAuthenticationFlowBindingOverrideInput is an input type that accepts GetClientAuthenticationFlowBindingOverrideArgs and GetClientAuthenticationFlowBindingOverrideOutput values. You can construct a concrete instance of `GetClientAuthenticationFlowBindingOverrideInput` via: 

GetClientAuthenticationFlowBindingOverrideArgs{...}

type GetClientAuthenticationFlowBindingOverrideOutput 

type GetClientAuthenticationFlowBindingOverrideOutput struct{ *pulumi.OutputState }

func (GetClientAuthenticationFlowBindingOverrideOutput) BrowserId 

func (o GetClientAuthenticationFlowBindingOverrideOutput) BrowserId() pulumi.StringOutput

func (GetClientAuthenticationFlowBindingOverrideOutput) DirectGrantId 

func (o GetClientAuthenticationFlowBindingOverrideOutput) DirectGrantId() pulumi.StringOutput

func (GetClientAuthenticationFlowBindingOverrideOutput) ElementType 

func (GetClientAuthenticationFlowBindingOverrideOutput) ElementType() reflect.Type

func (GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutput 

func (o GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutput() GetClientAuthenticationFlowBindingOverrideOutput

func (GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext 

func (o GetClientAuthenticationFlowBindingOverrideOutput) ToGetClientAuthenticationFlowBindingOverrideOutputWithContext(ctx context.Context) GetClientAuthenticationFlowBindingOverrideOutput

type GetClientInstallationProviderArgs 

type GetClientInstallationProviderArgs struct {
	// The ID of the SAML client. The `id` attribute of a `keycloakClient` resource should be used here.
	ClientId string `pulumi:"clientId"`
	// The ID of the SAML installation provider. Could be one of `saml-idp-descriptor`, `keycloak-saml`, `saml-sp-descriptor`, `keycloak-saml-subsystem`, `mod-auth-mellon`, etc.
	ProviderId string `pulumi:"providerId"`
	// The realm that the SAML client exists within.
	RealmId string `pulumi:"realmId"`
}

A collection of arguments for invoking getClientInstallationProvider.

type GetClientInstallationProviderOutputArgs 

type GetClientInstallationProviderOutputArgs struct {
	// The ID of the SAML client. The `id` attribute of a `keycloakClient` resource should be used here.
	ClientId pulumi.StringInput `pulumi:"clientId"`
	// The ID of the SAML installation provider. Could be one of `saml-idp-descriptor`, `keycloak-saml`, `saml-sp-descriptor`, `keycloak-saml-subsystem`, `mod-auth-mellon`, etc.
	ProviderId pulumi.StringInput `pulumi:"providerId"`
	// The realm that the SAML client exists within.
	RealmId pulumi.StringInput `pulumi:"realmId"`
}

A collection of arguments for invoking getClientInstallationProvider.

func (GetClientInstallationProviderOutputArgs) ElementType 

func (GetClientInstallationProviderOutputArgs) ElementType() reflect.Type

type GetClientInstallationProviderResult 

type GetClientInstallationProviderResult struct {
	ClientId string `pulumi:"clientId"`
	// The provider-assigned unique ID for this managed resource.
	Id         string `pulumi:"id"`
	ProviderId string `pulumi:"providerId"`
	RealmId    string `pulumi:"realmId"`
	// (Computed) The returned document needed for SAML installation.
	Value string `pulumi:"value"`
}

A collection of values returned by getClientInstallationProvider.

func GetClientInstallationProvider 

func GetClientInstallationProvider(ctx *pulumi.Context, args *GetClientInstallationProviderArgs, opts ...pulumi.InvokeOption) (*GetClientInstallationProviderResult, error)

This data source can be used to retrieve Installation Provider of a SAML Client.

## Example Usage

In the example below, we extract the SAML metadata IDPSSODescriptor to pass it to the AWS IAM SAML Provider.

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"os"

"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		samlClient, err := saml.NewClient(ctx, "samlClient", &saml.ClientArgs{
			RealmId:               realm.ID(),
			ClientId:              pulumi.String("test-saml-client"),
			SignDocuments:         pulumi.Bool(false),
			SignAssertions:        pulumi.Bool(true),
			IncludeAuthnStatement: pulumi.Bool(true),
			SigningCertificate:    readFileOrPanic("saml-cert.pem"),
			SigningPrivateKey:     readFileOrPanic("saml-key.pem"),
		})
		if err != nil {
			return err
		}
		samlIdpDescriptor := saml.GetClientInstallationProviderOutput(ctx, saml.GetClientInstallationProviderOutputArgs{
			RealmId:    realm.ID(),
			ClientId:   samlClient.ID(),
			ProviderId: pulumi.String("saml-idp-descriptor"),
		}, nil)
		_, err = iam.NewSamlProvider(ctx, "default", &iam.SamlProviderArgs{
			SamlMetadataDocument: samlIdpDescriptor.ApplyT(func(samlIdpDescriptor saml.GetClientInstallationProviderResult) (*string, error) {
				return &samlIdpDescriptor.Value, nil
			}).(pulumi.StringPtrOutput),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type GetClientInstallationProviderResultOutput 

type GetClientInstallationProviderResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getClientInstallationProvider.

func GetClientInstallationProviderOutput 

func GetClientInstallationProviderOutput(ctx *pulumi.Context, args GetClientInstallationProviderOutputArgs, opts ...pulumi.InvokeOption) GetClientInstallationProviderResultOutput

func (GetClientInstallationProviderResultOutput) ClientId 

func (o GetClientInstallationProviderResultOutput) ClientId() pulumi.StringOutput

func (GetClientInstallationProviderResultOutput) ElementType 

func (GetClientInstallationProviderResultOutput) ElementType() reflect.Type

func (GetClientInstallationProviderResultOutput) Id 

func (o GetClientInstallationProviderResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetClientInstallationProviderResultOutput) ProviderId 

func (o GetClientInstallationProviderResultOutput) ProviderId() pulumi.StringOutput

func (GetClientInstallationProviderResultOutput) RealmId 

func (o GetClientInstallationProviderResultOutput) RealmId() pulumi.StringOutput

func (GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutput 

func (o GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutput() GetClientInstallationProviderResultOutput

func (GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutputWithContext 

func (o GetClientInstallationProviderResultOutput) ToGetClientInstallationProviderResultOutputWithContext(ctx context.Context) GetClientInstallationProviderResultOutput

func (GetClientInstallationProviderResultOutput) Value 

func (o GetClientInstallationProviderResultOutput) Value() pulumi.StringOutput

(Computed) The returned document needed for SAML installation.

type IdentityProvider 

type IdentityProvider struct {
	pulumi.CustomResourceState

	// Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.
	AddReadTokenRoleOnCreate pulumi.BoolPtrOutput `pulumi:"addReadTokenRoleOnCreate"`
	// The alias uniquely identifies an identity provider and it is also used to build the redirect uri.
	Alias pulumi.StringOutput `pulumi:"alias"`
	// Enable/disable authenticate users by default.
	AuthenticateByDefault pulumi.BoolPtrOutput `pulumi:"authenticateByDefault"`
	// AuthnContext ClassRefs
	AuthnContextClassRefs pulumi.StringArrayOutput `pulumi:"authnContextClassRefs"`
	// AuthnContext Comparison
	AuthnContextComparisonType pulumi.StringPtrOutput `pulumi:"authnContextComparisonType"`
	// AuthnContext DeclRefs
	AuthnContextDeclRefs pulumi.StringArrayOutput `pulumi:"authnContextDeclRefs"`
	// Does the external IDP support backchannel logout?
	BackchannelSupported pulumi.BoolPtrOutput `pulumi:"backchannelSupported"`
	// Friendly name for Identity Providers.
	DisplayName pulumi.StringPtrOutput `pulumi:"displayName"`
	// Enable/disable this identity provider.
	Enabled pulumi.BoolPtrOutput `pulumi:"enabled"`
	// The Entity ID that will be used to uniquely identify this SAML Service Provider.
	EntityId    pulumi.StringOutput `pulumi:"entityId"`
	ExtraConfig pulumi.MapOutput    `pulumi:"extraConfig"`
	// Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means
	// that there is not yet existing Keycloak account linked with the authenticated identity provider account.
	FirstBrokerLoginFlowAlias pulumi.StringPtrOutput `pulumi:"firstBrokerLoginFlowAlias"`
	// Require Force Authn.
	ForceAuthn pulumi.BoolPtrOutput `pulumi:"forceAuthn"`
	// GUI Order
	GuiOrder pulumi.StringPtrOutput `pulumi:"guiOrder"`
	// Hide On Login Page.
	HideOnLoginPage pulumi.BoolPtrOutput `pulumi:"hideOnLoginPage"`
	// Internal Identity Provider Id
	InternalId pulumi.StringOutput `pulumi:"internalId"`
	// If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't
	// want to allow login from the provider, but want to integrate with a provider
	LinkOnly pulumi.BoolPtrOutput `pulumi:"linkOnly"`
	// Login Hint.
	LoginHint pulumi.StringPtrOutput `pulumi:"loginHint"`
	// Name ID Policy Format.
	NameIdPolicyFormat pulumi.StringPtrOutput `pulumi:"nameIdPolicyFormat"`
	// Post Binding Authn Request.
	PostBindingAuthnRequest pulumi.BoolPtrOutput `pulumi:"postBindingAuthnRequest"`
	// Post Binding Logout.
	PostBindingLogout pulumi.BoolPtrOutput `pulumi:"postBindingLogout"`
	// Post Binding Response.
	PostBindingResponse pulumi.BoolPtrOutput `pulumi:"postBindingResponse"`
	// Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want
	// additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if
	// you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that
	// authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.
	PostBrokerLoginFlowAlias pulumi.StringPtrOutput `pulumi:"postBrokerLoginFlowAlias"`
	// Principal Attribute
	PrincipalAttribute pulumi.StringPtrOutput `pulumi:"principalAttribute"`
	// Principal Type
	PrincipalType pulumi.StringPtrOutput `pulumi:"principalType"`
	// provider id, is always saml, unless you have a custom implementation
	ProviderId pulumi.StringPtrOutput `pulumi:"providerId"`
	// Realm Name
	Realm pulumi.StringOutput `pulumi:"realm"`
	// Signing Algorithm.
	SignatureAlgorithm pulumi.StringPtrOutput `pulumi:"signatureAlgorithm"`
	// Signing Certificate.
	SigningCertificate pulumi.StringPtrOutput `pulumi:"signingCertificate"`
	// Logout URL.
	SingleLogoutServiceUrl pulumi.StringPtrOutput `pulumi:"singleLogoutServiceUrl"`
	// SSO Logout URL.
	SingleSignOnServiceUrl pulumi.StringOutput `pulumi:"singleSignOnServiceUrl"`
	// Enable/disable if tokens must be stored after authenticating users.
	StoreToken pulumi.BoolPtrOutput `pulumi:"storeToken"`
	// Sync Mode
	SyncMode pulumi.StringPtrOutput `pulumi:"syncMode"`
	// If enabled then email provided by this provider is not verified even if verification is enabled for the realm.
	TrustEmail pulumi.BoolPtrOutput `pulumi:"trustEmail"`
	// Enable/disable signature validation of SAML responses.
	ValidateSignature pulumi.BoolPtrOutput `pulumi:"validateSignature"`
	// Want Assertions Encrypted.
	WantAssertionsEncrypted pulumi.BoolPtrOutput `pulumi:"wantAssertionsEncrypted"`
	// Want Assertions Signed.
	WantAssertionsSigned pulumi.BoolPtrOutput `pulumi:"wantAssertionsSigned"`
	// Sign Key Transformer.
	XmlSignKeyInfoKeyNameTransformer pulumi.StringPtrOutput `pulumi:"xmlSignKeyInfoKeyNameTransformer"`
}

## # saml.IdentityProvider

Allows to create and manage SAML Identity Providers within Keycloak.

SAML (Security Assertion Markup Language) identity providers allows to authenticate through a third-party system, using SAML standard.

### Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := saml.NewIdentityProvider(ctx, "realmIdentityProvider", &saml.IdentityProviderArgs{
			Alias:                   pulumi.String("my-idp"),
			BackchannelSupported:    pulumi.Bool(true),
			ForceAuthn:              pulumi.Bool(true),
			PostBindingAuthnRequest: pulumi.Bool(true),
			PostBindingLogout:       pulumi.Bool(true),
			PostBindingResponse:     pulumi.Bool(true),
			Realm:                   pulumi.String("my-realm"),
			SingleLogoutServiceUrl:  pulumi.String("https://domain.com/adfs/ls/?wa=wsignout1.0"),
			SingleSignOnServiceUrl:  pulumi.String("https://domain.com/adfs/ls/"),
			StoreToken:              pulumi.Bool(false),
			TrustEmail:              pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Argument Reference

The following arguments are supported:

- `realm` - (Required) The name of the realm. This is unique across Keycloak. - `alias` - (Optional) The uniq name of identity provider. - `enabled` - (Optional) When false, users and clients will not be able to access this realm. Defaults to `true`. - `displayName` - (Optional) The display name for the realm that is shown when logging in to the admin console. - `storeToken` - (Optional) Enable/disable if tokens must be stored after authenticating users. Defaults to `true`. - `addReadTokenRoleOnCreate` - (Optional) Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role. Defaults to `false`. - `trustEmail` - (Optional) If enabled then email provided by this provider is not verified even if verification is enabled for the realm. Defaults to `false`. - `linkOnly` - (Optional) If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't want to allow login from the provider, but want to integrate with a provider. Defaults to `false`. - `hideOnLoginPage` - (Optional) If hidden, then login with this provider is possible only if requested explicitly, e.g. using the 'kc_idp_hint' parameter. - `firstBrokerLoginFlowAlias` - (Optional) Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that there is not yet existing Keycloak account linked with the authenticated identity provider account. Defaults to `first broker login`. - `postBrokerLoginFlowAlias` - (Optional) Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it. Defaults to empty. - `authenticateByDefault` - (Optional) Authenticate users by default. Defaults to `false`.

#### SAML Configuration

- `singleSignOnServiceUrl` - (Optional) The Url that must be used to send authentication requests (SAML AuthnRequest). - `singleLogoutServiceUrl` - (Optional) The Url that must be used to send logout requests. - `backchannelSupported` - (Optional) Does the external IDP support back-channel logout ?. - `nameIdPolicyFormat` - (Optional) Specifies the URI reference corresponding to a name identifier format. Defaults to empty. - `postBindingResponse` - (Optional) Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.. - `postBindingAuthnRequest` - (Optional) Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. - `postBindingLogout` - (Optional) Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used. - `wantAssertionsSigned` - (Optional) Indicates whether this service provider expects a signed Assertion. - `wantAssertionsEncrypted` - (Optional) Indicates whether this service provider expects an encrypted Assertion. - `forceAuthn` - (Optional) Indicates whether the identity provider must authenticate the presenter directly rather than rely on a previous security context. - `validateSignature` - (Optional) Enable/disable signature validation of SAML responses. - `signingCertificate` - (Optional) Signing Certificate. - `signatureAlgorithm` - (Optional) Signing Algorithm. Defaults to empty. - `xmlSignKeyInfoKeyNameTransformer` - (Optional) Sign Key Transformer. Defaults to empty.

### Import

Identity providers can be imported using the format `{{realm_id}}/{{idp_alias}}`, where `idpAlias` is the identity provider alias.

Example:

func GetIdentityProvider 

func GetIdentityProvider(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *IdentityProviderState, opts ...pulumi.ResourceOption) (*IdentityProvider, error)

GetIdentityProvider gets an existing IdentityProvider resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewIdentityProvider 

func NewIdentityProvider(ctx *pulumi.Context,
	name string, args *IdentityProviderArgs, opts ...pulumi.ResourceOption) (*IdentityProvider, error)

NewIdentityProvider registers a new resource with the given unique name, arguments, and options.

func (*IdentityProvider) ElementType 

func (*IdentityProvider) ElementType() reflect.Type

func (*IdentityProvider) ToIdentityProviderOutput 

func (i *IdentityProvider) ToIdentityProviderOutput() IdentityProviderOutput

func (*IdentityProvider) ToIdentityProviderOutputWithContext 

func (i *IdentityProvider) ToIdentityProviderOutputWithContext(ctx context.Context) IdentityProviderOutput

type IdentityProviderArgs 

type IdentityProviderArgs struct {
	// Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.
	AddReadTokenRoleOnCreate pulumi.BoolPtrInput
	// The alias uniquely identifies an identity provider and it is also used to build the redirect uri.
	Alias pulumi.StringInput
	// Enable/disable authenticate users by default.
	AuthenticateByDefault pulumi.BoolPtrInput
	// AuthnContext ClassRefs
	AuthnContextClassRefs pulumi.StringArrayInput
	// AuthnContext Comparison
	AuthnContextComparisonType pulumi.StringPtrInput
	// AuthnContext DeclRefs
	AuthnContextDeclRefs pulumi.StringArrayInput
	// Does the external IDP support backchannel logout?
	BackchannelSupported pulumi.BoolPtrInput
	// Friendly name for Identity Providers.
	DisplayName pulumi.StringPtrInput
	// Enable/disable this identity provider.
	Enabled pulumi.BoolPtrInput
	// The Entity ID that will be used to uniquely identify this SAML Service Provider.
	EntityId    pulumi.StringInput
	ExtraConfig pulumi.MapInput
	// Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means
	// that there is not yet existing Keycloak account linked with the authenticated identity provider account.
	FirstBrokerLoginFlowAlias pulumi.StringPtrInput
	// Require Force Authn.
	ForceAuthn pulumi.BoolPtrInput
	// GUI Order
	GuiOrder pulumi.StringPtrInput
	// Hide On Login Page.
	HideOnLoginPage pulumi.BoolPtrInput
	// If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't
	// want to allow login from the provider, but want to integrate with a provider
	LinkOnly pulumi.BoolPtrInput
	// Login Hint.
	LoginHint pulumi.StringPtrInput
	// Name ID Policy Format.
	NameIdPolicyFormat pulumi.StringPtrInput
	// Post Binding Authn Request.
	PostBindingAuthnRequest pulumi.BoolPtrInput
	// Post Binding Logout.
	PostBindingLogout pulumi.BoolPtrInput
	// Post Binding Response.
	PostBindingResponse pulumi.BoolPtrInput
	// Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want
	// additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if
	// you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that
	// authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.
	PostBrokerLoginFlowAlias pulumi.StringPtrInput
	// Principal Attribute
	PrincipalAttribute pulumi.StringPtrInput
	// Principal Type
	PrincipalType pulumi.StringPtrInput
	// provider id, is always saml, unless you have a custom implementation
	ProviderId pulumi.StringPtrInput
	// Realm Name
	Realm pulumi.StringInput
	// Signing Algorithm.
	SignatureAlgorithm pulumi.StringPtrInput
	// Signing Certificate.
	SigningCertificate pulumi.StringPtrInput
	// Logout URL.
	SingleLogoutServiceUrl pulumi.StringPtrInput
	// SSO Logout URL.
	SingleSignOnServiceUrl pulumi.StringInput
	// Enable/disable if tokens must be stored after authenticating users.
	StoreToken pulumi.BoolPtrInput
	// Sync Mode
	SyncMode pulumi.StringPtrInput
	// If enabled then email provided by this provider is not verified even if verification is enabled for the realm.
	TrustEmail pulumi.BoolPtrInput
	// Enable/disable signature validation of SAML responses.
	ValidateSignature pulumi.BoolPtrInput
	// Want Assertions Encrypted.
	WantAssertionsEncrypted pulumi.BoolPtrInput
	// Want Assertions Signed.
	WantAssertionsSigned pulumi.BoolPtrInput
	// Sign Key Transformer.
	XmlSignKeyInfoKeyNameTransformer pulumi.StringPtrInput
}

The set of arguments for constructing a IdentityProvider resource.

func (IdentityProviderArgs) ElementType 

func (IdentityProviderArgs) ElementType() reflect.Type

type IdentityProviderArray 

type IdentityProviderArray []IdentityProviderInput

func (IdentityProviderArray) ElementType 

func (IdentityProviderArray) ElementType() reflect.Type

func (IdentityProviderArray) ToIdentityProviderArrayOutput 

func (i IdentityProviderArray) ToIdentityProviderArrayOutput() IdentityProviderArrayOutput

func (IdentityProviderArray) ToIdentityProviderArrayOutputWithContext 

func (i IdentityProviderArray) ToIdentityProviderArrayOutputWithContext(ctx context.Context) IdentityProviderArrayOutput

type IdentityProviderArrayInput 

type IdentityProviderArrayInput interface {
	pulumi.Input

	ToIdentityProviderArrayOutput() IdentityProviderArrayOutput
	ToIdentityProviderArrayOutputWithContext(context.Context) IdentityProviderArrayOutput
}

IdentityProviderArrayInput is an input type that accepts IdentityProviderArray and IdentityProviderArrayOutput values. You can construct a concrete instance of `IdentityProviderArrayInput` via: 

IdentityProviderArray{ IdentityProviderArgs{...} }

type IdentityProviderArrayOutput 

type IdentityProviderArrayOutput struct{ *pulumi.OutputState }

func (IdentityProviderArrayOutput) ElementType 

func (IdentityProviderArrayOutput) ElementType() reflect.Type

func (IdentityProviderArrayOutput) Index 

func (o IdentityProviderArrayOutput) Index(i pulumi.IntInput) IdentityProviderOutput

func (IdentityProviderArrayOutput) ToIdentityProviderArrayOutput 

func (o IdentityProviderArrayOutput) ToIdentityProviderArrayOutput() IdentityProviderArrayOutput

func (IdentityProviderArrayOutput) ToIdentityProviderArrayOutputWithContext 

func (o IdentityProviderArrayOutput) ToIdentityProviderArrayOutputWithContext(ctx context.Context) IdentityProviderArrayOutput

type IdentityProviderInput 

type IdentityProviderInput interface {
	pulumi.Input

	ToIdentityProviderOutput() IdentityProviderOutput
	ToIdentityProviderOutputWithContext(ctx context.Context) IdentityProviderOutput
}

type IdentityProviderMap 

type IdentityProviderMap map[string]IdentityProviderInput

func (IdentityProviderMap) ElementType 

func (IdentityProviderMap) ElementType() reflect.Type

func (IdentityProviderMap) ToIdentityProviderMapOutput 

func (i IdentityProviderMap) ToIdentityProviderMapOutput() IdentityProviderMapOutput

func (IdentityProviderMap) ToIdentityProviderMapOutputWithContext 

func (i IdentityProviderMap) ToIdentityProviderMapOutputWithContext(ctx context.Context) IdentityProviderMapOutput

type IdentityProviderMapInput 

type IdentityProviderMapInput interface {
	pulumi.Input

	ToIdentityProviderMapOutput() IdentityProviderMapOutput
	ToIdentityProviderMapOutputWithContext(context.Context) IdentityProviderMapOutput
}

IdentityProviderMapInput is an input type that accepts IdentityProviderMap and IdentityProviderMapOutput values. You can construct a concrete instance of `IdentityProviderMapInput` via: 

IdentityProviderMap{ "key": IdentityProviderArgs{...} }

type IdentityProviderMapOutput 

type IdentityProviderMapOutput struct{ *pulumi.OutputState }

func (IdentityProviderMapOutput) ElementType 

func (IdentityProviderMapOutput) ElementType() reflect.Type

func (IdentityProviderMapOutput) MapIndex 

func (o IdentityProviderMapOutput) MapIndex(k pulumi.StringInput) IdentityProviderOutput

func (IdentityProviderMapOutput) ToIdentityProviderMapOutput 

func (o IdentityProviderMapOutput) ToIdentityProviderMapOutput() IdentityProviderMapOutput

func (IdentityProviderMapOutput) ToIdentityProviderMapOutputWithContext 

func (o IdentityProviderMapOutput) ToIdentityProviderMapOutputWithContext(ctx context.Context) IdentityProviderMapOutput

type IdentityProviderOutput 

type IdentityProviderOutput struct{ *pulumi.OutputState }

func (IdentityProviderOutput) AddReadTokenRoleOnCreate 

func (o IdentityProviderOutput) AddReadTokenRoleOnCreate() pulumi.BoolPtrOutput

Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.

func (IdentityProviderOutput) Alias 

func (o IdentityProviderOutput) Alias() pulumi.StringOutput

The alias uniquely identifies an identity provider and it is also used to build the redirect uri.

func (IdentityProviderOutput) AuthenticateByDefault 

func (o IdentityProviderOutput) AuthenticateByDefault() pulumi.BoolPtrOutput

Enable/disable authenticate users by default.

func (IdentityProviderOutput) AuthnContextClassRefs 

func (o IdentityProviderOutput) AuthnContextClassRefs() pulumi.StringArrayOutput

AuthnContext ClassRefs

func (IdentityProviderOutput) AuthnContextComparisonType 

func (o IdentityProviderOutput) AuthnContextComparisonType() pulumi.StringPtrOutput

AuthnContext Comparison

func (IdentityProviderOutput) AuthnContextDeclRefs 

func (o IdentityProviderOutput) AuthnContextDeclRefs() pulumi.StringArrayOutput

AuthnContext DeclRefs

func (IdentityProviderOutput) BackchannelSupported 

func (o IdentityProviderOutput) BackchannelSupported() pulumi.BoolPtrOutput

Does the external IDP support backchannel logout?

func (IdentityProviderOutput) DisplayName 

func (o IdentityProviderOutput) DisplayName() pulumi.StringPtrOutput

Friendly name for Identity Providers.

func (IdentityProviderOutput) ElementType 

func (IdentityProviderOutput) ElementType() reflect.Type

func (IdentityProviderOutput) Enabled 

func (o IdentityProviderOutput) Enabled() pulumi.BoolPtrOutput

Enable/disable this identity provider.

func (IdentityProviderOutput) EntityId 

func (o IdentityProviderOutput) EntityId() pulumi.StringOutput

The Entity ID that will be used to uniquely identify this SAML Service Provider.

func (IdentityProviderOutput) ExtraConfig 

func (o IdentityProviderOutput) ExtraConfig() pulumi.MapOutput

func (IdentityProviderOutput) FirstBrokerLoginFlowAlias 

func (o IdentityProviderOutput) FirstBrokerLoginFlowAlias() pulumi.StringPtrOutput

Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means that there is not yet existing Keycloak account linked with the authenticated identity provider account.

func (IdentityProviderOutput) ForceAuthn 

func (o IdentityProviderOutput) ForceAuthn() pulumi.BoolPtrOutput

Require Force Authn.

func (IdentityProviderOutput) GuiOrder 

func (o IdentityProviderOutput) GuiOrder() pulumi.StringPtrOutput

GUI Order

func (IdentityProviderOutput) HideOnLoginPage 

func (o IdentityProviderOutput) HideOnLoginPage() pulumi.BoolPtrOutput

Hide On Login Page.

func (IdentityProviderOutput) InternalId 

func (o IdentityProviderOutput) InternalId() pulumi.StringOutput

Internal Identity Provider Id

func (IdentityProviderOutput) LinkOnly 

func (o IdentityProviderOutput) LinkOnly() pulumi.BoolPtrOutput

If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't want to allow login from the provider, but want to integrate with a provider

func (IdentityProviderOutput) LoginHint added in v5.2.0 

func (o IdentityProviderOutput) LoginHint() pulumi.StringPtrOutput

Login Hint.

func (IdentityProviderOutput) NameIdPolicyFormat 

func (o IdentityProviderOutput) NameIdPolicyFormat() pulumi.StringPtrOutput

Name ID Policy Format.

func (IdentityProviderOutput) PostBindingAuthnRequest 

func (o IdentityProviderOutput) PostBindingAuthnRequest() pulumi.BoolPtrOutput

Post Binding Authn Request.

func (IdentityProviderOutput) PostBindingLogout 

func (o IdentityProviderOutput) PostBindingLogout() pulumi.BoolPtrOutput

Post Binding Logout.

func (IdentityProviderOutput) PostBindingResponse 

func (o IdentityProviderOutput) PostBindingResponse() pulumi.BoolPtrOutput

Post Binding Response.

func (IdentityProviderOutput) PostBrokerLoginFlowAlias 

func (o IdentityProviderOutput) PostBrokerLoginFlowAlias() pulumi.StringPtrOutput

Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.

func (IdentityProviderOutput) PrincipalAttribute 

func (o IdentityProviderOutput) PrincipalAttribute() pulumi.StringPtrOutput

Principal Attribute

func (IdentityProviderOutput) PrincipalType 

func (o IdentityProviderOutput) PrincipalType() pulumi.StringPtrOutput

Principal Type

func (IdentityProviderOutput) ProviderId 

func (o IdentityProviderOutput) ProviderId() pulumi.StringPtrOutput

provider id, is always saml, unless you have a custom implementation

func (IdentityProviderOutput) Realm 

func (o IdentityProviderOutput) Realm() pulumi.StringOutput

Realm Name

func (IdentityProviderOutput) SignatureAlgorithm 

func (o IdentityProviderOutput) SignatureAlgorithm() pulumi.StringPtrOutput

Signing Algorithm.

func (IdentityProviderOutput) SigningCertificate 

func (o IdentityProviderOutput) SigningCertificate() pulumi.StringPtrOutput

Signing Certificate.

func (IdentityProviderOutput) SingleLogoutServiceUrl 

func (o IdentityProviderOutput) SingleLogoutServiceUrl() pulumi.StringPtrOutput

Logout URL.

func (IdentityProviderOutput) SingleSignOnServiceUrl 

func (o IdentityProviderOutput) SingleSignOnServiceUrl() pulumi.StringOutput

SSO Logout URL.

func (IdentityProviderOutput) StoreToken 

func (o IdentityProviderOutput) StoreToken() pulumi.BoolPtrOutput

Enable/disable if tokens must be stored after authenticating users.

func (IdentityProviderOutput) SyncMode 

func (o IdentityProviderOutput) SyncMode() pulumi.StringPtrOutput

Sync Mode

func (IdentityProviderOutput) ToIdentityProviderOutput 

func (o IdentityProviderOutput) ToIdentityProviderOutput() IdentityProviderOutput

func (IdentityProviderOutput) ToIdentityProviderOutputWithContext 

func (o IdentityProviderOutput) ToIdentityProviderOutputWithContext(ctx context.Context) IdentityProviderOutput

func (IdentityProviderOutput) TrustEmail 

func (o IdentityProviderOutput) TrustEmail() pulumi.BoolPtrOutput

If enabled then email provided by this provider is not verified even if verification is enabled for the realm.

func (IdentityProviderOutput) ValidateSignature 

func (o IdentityProviderOutput) ValidateSignature() pulumi.BoolPtrOutput

Enable/disable signature validation of SAML responses.

func (IdentityProviderOutput) WantAssertionsEncrypted 

func (o IdentityProviderOutput) WantAssertionsEncrypted() pulumi.BoolPtrOutput

Want Assertions Encrypted.

func (IdentityProviderOutput) WantAssertionsSigned 

func (o IdentityProviderOutput) WantAssertionsSigned() pulumi.BoolPtrOutput

Want Assertions Signed.

func (IdentityProviderOutput) XmlSignKeyInfoKeyNameTransformer 

func (o IdentityProviderOutput) XmlSignKeyInfoKeyNameTransformer() pulumi.StringPtrOutput

Sign Key Transformer.

type IdentityProviderState 

type IdentityProviderState struct {
	// Enable/disable if new users can read any stored tokens. This assigns the broker.read-token role.
	AddReadTokenRoleOnCreate pulumi.BoolPtrInput
	// The alias uniquely identifies an identity provider and it is also used to build the redirect uri.
	Alias pulumi.StringPtrInput
	// Enable/disable authenticate users by default.
	AuthenticateByDefault pulumi.BoolPtrInput
	// AuthnContext ClassRefs
	AuthnContextClassRefs pulumi.StringArrayInput
	// AuthnContext Comparison
	AuthnContextComparisonType pulumi.StringPtrInput
	// AuthnContext DeclRefs
	AuthnContextDeclRefs pulumi.StringArrayInput
	// Does the external IDP support backchannel logout?
	BackchannelSupported pulumi.BoolPtrInput
	// Friendly name for Identity Providers.
	DisplayName pulumi.StringPtrInput
	// Enable/disable this identity provider.
	Enabled pulumi.BoolPtrInput
	// The Entity ID that will be used to uniquely identify this SAML Service Provider.
	EntityId    pulumi.StringPtrInput
	ExtraConfig pulumi.MapInput
	// Alias of authentication flow, which is triggered after first login with this identity provider. Term 'First Login' means
	// that there is not yet existing Keycloak account linked with the authenticated identity provider account.
	FirstBrokerLoginFlowAlias pulumi.StringPtrInput
	// Require Force Authn.
	ForceAuthn pulumi.BoolPtrInput
	// GUI Order
	GuiOrder pulumi.StringPtrInput
	// Hide On Login Page.
	HideOnLoginPage pulumi.BoolPtrInput
	// Internal Identity Provider Id
	InternalId pulumi.StringPtrInput
	// If true, users cannot log in through this provider. They can only link to this provider. This is useful if you don't
	// want to allow login from the provider, but want to integrate with a provider
	LinkOnly pulumi.BoolPtrInput
	// Login Hint.
	LoginHint pulumi.StringPtrInput
	// Name ID Policy Format.
	NameIdPolicyFormat pulumi.StringPtrInput
	// Post Binding Authn Request.
	PostBindingAuthnRequest pulumi.BoolPtrInput
	// Post Binding Logout.
	PostBindingLogout pulumi.BoolPtrInput
	// Post Binding Response.
	PostBindingResponse pulumi.BoolPtrInput
	// Alias of authentication flow, which is triggered after each login with this identity provider. Useful if you want
	// additional verification of each user authenticated with this identity provider (for example OTP). Leave this empty if
	// you don't want any additional authenticators to be triggered after login with this identity provider. Also note, that
	// authenticator implementations must assume that user is already set in ClientSession as identity provider already set it.
	PostBrokerLoginFlowAlias pulumi.StringPtrInput
	// Principal Attribute
	PrincipalAttribute pulumi.StringPtrInput
	// Principal Type
	PrincipalType pulumi.StringPtrInput
	// provider id, is always saml, unless you have a custom implementation
	ProviderId pulumi.StringPtrInput
	// Realm Name
	Realm pulumi.StringPtrInput
	// Signing Algorithm.
	SignatureAlgorithm pulumi.StringPtrInput
	// Signing Certificate.
	SigningCertificate pulumi.StringPtrInput
	// Logout URL.
	SingleLogoutServiceUrl pulumi.StringPtrInput
	// SSO Logout URL.
	SingleSignOnServiceUrl pulumi.StringPtrInput
	// Enable/disable if tokens must be stored after authenticating users.
	StoreToken pulumi.BoolPtrInput
	// Sync Mode
	SyncMode pulumi.StringPtrInput
	// If enabled then email provided by this provider is not verified even if verification is enabled for the realm.
	TrustEmail pulumi.BoolPtrInput
	// Enable/disable signature validation of SAML responses.
	ValidateSignature pulumi.BoolPtrInput
	// Want Assertions Encrypted.
	WantAssertionsEncrypted pulumi.BoolPtrInput
	// Want Assertions Signed.
	WantAssertionsSigned pulumi.BoolPtrInput
	// Sign Key Transformer.
	XmlSignKeyInfoKeyNameTransformer pulumi.StringPtrInput
}

func (IdentityProviderState) ElementType 

func (IdentityProviderState) ElementType() reflect.Type

type LookupClientArgs 

type LookupClientArgs struct {
	// The client id (not its unique ID).
	ClientId string `pulumi:"clientId"`
	// The realm id.
	RealmId string `pulumi:"realmId"`
}

A collection of arguments for invoking getClient.

type LookupClientOutputArgs 

type LookupClientOutputArgs struct {
	// The client id (not its unique ID).
	ClientId pulumi.StringInput `pulumi:"clientId"`
	// The realm id.
	RealmId pulumi.StringInput `pulumi:"realmId"`
}

A collection of arguments for invoking getClient.

func (LookupClientOutputArgs) ElementType 

func (LookupClientOutputArgs) ElementType() reflect.Type

type LookupClientResult 

type LookupClientResult struct {
	AssertionConsumerPostUrl           string                                       `pulumi:"assertionConsumerPostUrl"`
	AssertionConsumerRedirectUrl       string                                       `pulumi:"assertionConsumerRedirectUrl"`
	AuthenticationFlowBindingOverrides []GetClientAuthenticationFlowBindingOverride `pulumi:"authenticationFlowBindingOverrides"`
	BaseUrl                            string                                       `pulumi:"baseUrl"`
	CanonicalizationMethod             string                                       `pulumi:"canonicalizationMethod"`
	ClientId                           string                                       `pulumi:"clientId"`
	ClientSignatureRequired            bool                                         `pulumi:"clientSignatureRequired"`
	Description                        string                                       `pulumi:"description"`
	Enabled                            bool                                         `pulumi:"enabled"`
	EncryptAssertions                  bool                                         `pulumi:"encryptAssertions"`
	EncryptionCertificate              string                                       `pulumi:"encryptionCertificate"`
	EncryptionCertificateSha1          string                                       `pulumi:"encryptionCertificateSha1"`
	ExtraConfig                        map[string]interface{}                       `pulumi:"extraConfig"`
	ForceNameIdFormat                  bool                                         `pulumi:"forceNameIdFormat"`
	ForcePostBinding                   bool                                         `pulumi:"forcePostBinding"`
	FrontChannelLogout                 bool                                         `pulumi:"frontChannelLogout"`
	FullScopeAllowed                   bool                                         `pulumi:"fullScopeAllowed"`
	// The provider-assigned unique ID for this managed resource.
	Id                              string   `pulumi:"id"`
	IdpInitiatedSsoRelayState       string   `pulumi:"idpInitiatedSsoRelayState"`
	IdpInitiatedSsoUrlName          string   `pulumi:"idpInitiatedSsoUrlName"`
	IncludeAuthnStatement           bool     `pulumi:"includeAuthnStatement"`
	LoginTheme                      string   `pulumi:"loginTheme"`
	LogoutServicePostBindingUrl     string   `pulumi:"logoutServicePostBindingUrl"`
	LogoutServiceRedirectBindingUrl string   `pulumi:"logoutServiceRedirectBindingUrl"`
	MasterSamlProcessingUrl         string   `pulumi:"masterSamlProcessingUrl"`
	Name                            string   `pulumi:"name"`
	NameIdFormat                    string   `pulumi:"nameIdFormat"`
	RealmId                         string   `pulumi:"realmId"`
	RootUrl                         string   `pulumi:"rootUrl"`
	SamlSignatureKeyName            string   `pulumi:"samlSignatureKeyName"`
	SignAssertions                  bool     `pulumi:"signAssertions"`
	SignDocuments                   bool     `pulumi:"signDocuments"`
	SignatureAlgorithm              string   `pulumi:"signatureAlgorithm"`
	SignatureKeyName                string   `pulumi:"signatureKeyName"`
	SigningCertificate              string   `pulumi:"signingCertificate"`
	SigningCertificateSha1          string   `pulumi:"signingCertificateSha1"`
	SigningPrivateKey               string   `pulumi:"signingPrivateKey"`
	SigningPrivateKeySha1           string   `pulumi:"signingPrivateKeySha1"`
	ValidRedirectUris               []string `pulumi:"validRedirectUris"`
}

A collection of values returned by getClient.

func LookupClient 

func LookupClient(ctx *pulumi.Context, args *LookupClientArgs, opts ...pulumi.InvokeOption) (*LookupClientResult, error)

This data source can be used to fetch properties of a Keycloak client that uses the SAML protocol.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realmManagement, err := saml.LookupClient(ctx, &saml.LookupClientArgs{
			RealmId:  "my-realm",
			ClientId: "realm-management",
		}, nil)
		if err != nil {
			return err
		}
		_, err = keycloak.LookupRole(ctx, &keycloak.LookupRoleArgs{
			RealmId:  "my-realm",
			ClientId: pulumi.StringRef(realmManagement.Id),
			Name:     "realm-admin",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

type LookupClientResultOutput 

type LookupClientResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getClient.

func LookupClientOutput 

func LookupClientOutput(ctx *pulumi.Context, args LookupClientOutputArgs, opts ...pulumi.InvokeOption) LookupClientResultOutput

func (LookupClientResultOutput) AssertionConsumerPostUrl 

func (o LookupClientResultOutput) AssertionConsumerPostUrl() pulumi.StringOutput

func (LookupClientResultOutput) AssertionConsumerRedirectUrl 

func (o LookupClientResultOutput) AssertionConsumerRedirectUrl() pulumi.StringOutput

func (LookupClientResultOutput) AuthenticationFlowBindingOverrides 

func (o LookupClientResultOutput) AuthenticationFlowBindingOverrides() GetClientAuthenticationFlowBindingOverrideArrayOutput

func (LookupClientResultOutput) BaseUrl 

func (o LookupClientResultOutput) BaseUrl() pulumi.StringOutput

func (LookupClientResultOutput) CanonicalizationMethod 

func (o LookupClientResultOutput) CanonicalizationMethod() pulumi.StringOutput

func (LookupClientResultOutput) ClientId 

func (o LookupClientResultOutput) ClientId() pulumi.StringOutput

func (LookupClientResultOutput) ClientSignatureRequired 

func (o LookupClientResultOutput) ClientSignatureRequired() pulumi.BoolOutput

func (LookupClientResultOutput) Description 

func (o LookupClientResultOutput) Description() pulumi.StringOutput

func (LookupClientResultOutput) ElementType 

func (LookupClientResultOutput) ElementType() reflect.Type

func (LookupClientResultOutput) Enabled 

func (o LookupClientResultOutput) Enabled() pulumi.BoolOutput

func (LookupClientResultOutput) EncryptAssertions 

func (o LookupClientResultOutput) EncryptAssertions() pulumi.BoolOutput

func (LookupClientResultOutput) EncryptionCertificate 

func (o LookupClientResultOutput) EncryptionCertificate() pulumi.StringOutput

func (LookupClientResultOutput) EncryptionCertificateSha1 

func (o LookupClientResultOutput) EncryptionCertificateSha1() pulumi.StringOutput

func (LookupClientResultOutput) ExtraConfig 

func (o LookupClientResultOutput) ExtraConfig() pulumi.MapOutput

func (LookupClientResultOutput) ForceNameIdFormat 

func (o LookupClientResultOutput) ForceNameIdFormat() pulumi.BoolOutput

func (LookupClientResultOutput) ForcePostBinding 

func (o LookupClientResultOutput) ForcePostBinding() pulumi.BoolOutput

func (LookupClientResultOutput) FrontChannelLogout 

func (o LookupClientResultOutput) FrontChannelLogout() pulumi.BoolOutput

func (LookupClientResultOutput) FullScopeAllowed 

func (o LookupClientResultOutput) FullScopeAllowed() pulumi.BoolOutput

func (LookupClientResultOutput) Id 

func (o LookupClientResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (LookupClientResultOutput) IdpInitiatedSsoRelayState 

func (o LookupClientResultOutput) IdpInitiatedSsoRelayState() pulumi.StringOutput

func (LookupClientResultOutput) IdpInitiatedSsoUrlName 

func (o LookupClientResultOutput) IdpInitiatedSsoUrlName() pulumi.StringOutput

func (LookupClientResultOutput) IncludeAuthnStatement 

func (o LookupClientResultOutput) IncludeAuthnStatement() pulumi.BoolOutput

func (LookupClientResultOutput) LoginTheme 

func (o LookupClientResultOutput) LoginTheme() pulumi.StringOutput

func (LookupClientResultOutput) LogoutServicePostBindingUrl 

func (o LookupClientResultOutput) LogoutServicePostBindingUrl() pulumi.StringOutput

func (LookupClientResultOutput) LogoutServiceRedirectBindingUrl 

func (o LookupClientResultOutput) LogoutServiceRedirectBindingUrl() pulumi.StringOutput

func (LookupClientResultOutput) MasterSamlProcessingUrl 

func (o LookupClientResultOutput) MasterSamlProcessingUrl() pulumi.StringOutput

func (LookupClientResultOutput) Name 

func (o LookupClientResultOutput) Name() pulumi.StringOutput

func (LookupClientResultOutput) NameIdFormat 

func (o LookupClientResultOutput) NameIdFormat() pulumi.StringOutput

func (LookupClientResultOutput) RealmId 

func (o LookupClientResultOutput) RealmId() pulumi.StringOutput

func (LookupClientResultOutput) RootUrl 

func (o LookupClientResultOutput) RootUrl() pulumi.StringOutput

func (LookupClientResultOutput) SamlSignatureKeyName 

func (o LookupClientResultOutput) SamlSignatureKeyName() pulumi.StringOutput

func (LookupClientResultOutput) SignAssertions 

func (o LookupClientResultOutput) SignAssertions() pulumi.BoolOutput

func (LookupClientResultOutput) SignDocuments 

func (o LookupClientResultOutput) SignDocuments() pulumi.BoolOutput

func (LookupClientResultOutput) SignatureAlgorithm 

func (o LookupClientResultOutput) SignatureAlgorithm() pulumi.StringOutput

func (LookupClientResultOutput) SignatureKeyName 

func (o LookupClientResultOutput) SignatureKeyName() pulumi.StringOutput

func (LookupClientResultOutput) SigningCertificate 

func (o LookupClientResultOutput) SigningCertificate() pulumi.StringOutput

func (LookupClientResultOutput) SigningCertificateSha1 

func (o LookupClientResultOutput) SigningCertificateSha1() pulumi.StringOutput

func (LookupClientResultOutput) SigningPrivateKey 

func (o LookupClientResultOutput) SigningPrivateKey() pulumi.StringOutput

func (LookupClientResultOutput) SigningPrivateKeySha1 

func (o LookupClientResultOutput) SigningPrivateKeySha1() pulumi.StringOutput

func (LookupClientResultOutput) ToLookupClientResultOutput 

func (o LookupClientResultOutput) ToLookupClientResultOutput() LookupClientResultOutput

func (LookupClientResultOutput) ToLookupClientResultOutputWithContext 

func (o LookupClientResultOutput) ToLookupClientResultOutputWithContext(ctx context.Context) LookupClientResultOutput

func (LookupClientResultOutput) ValidRedirectUris 

func (o LookupClientResultOutput) ValidRedirectUris() pulumi.StringArrayOutput

type ScriptProtocolMapper 

type ScriptProtocolMapper struct {
	pulumi.CustomResourceState

	// The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified.
	ClientId pulumi.StringPtrOutput `pulumi:"clientId"`
	// The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified.
	ClientScopeId pulumi.StringPtrOutput `pulumi:"clientScopeId"`
	// An optional human-friendly name for this attribute.
	FriendlyName pulumi.StringPtrOutput `pulumi:"friendlyName"`
	// The display name of this protocol mapper in the GUI.
	Name pulumi.StringOutput `pulumi:"name"`
	// The realm this protocol mapper exists within.
	RealmId pulumi.StringOutput `pulumi:"realmId"`
	// The name of the SAML attribute.
	SamlAttributeName pulumi.StringOutput `pulumi:"samlAttributeName"`
	// The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.
	SamlAttributeNameFormat pulumi.StringOutput `pulumi:"samlAttributeNameFormat"`
	// JavaScript code to compute the attribute value.
	Script pulumi.StringOutput `pulumi:"script"`
	// When `true`, all values will be stored under one attribute with multiple attribute values. Defaults to `true`.
	SingleValueAttribute pulumi.BoolPtrOutput `pulumi:"singleValueAttribute"`
}

Allows for creating and managing script protocol mappers for SAML clients within Keycloak.

Script protocol mappers evaluate a JavaScript function to produce an attribute value based on context information.

Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		realm, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Realm:   pulumi.String("my-realm"),
			Enabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		samlClient, err := saml.NewClient(ctx, "samlClient", &saml.ClientArgs{
			RealmId:  realm.ID(),
			ClientId: pulumi.String("saml-client"),
		})
		if err != nil {
			return err
		}
		_, err = saml.NewScriptProtocolMapper(ctx, "samlScriptMapper", &saml.ScriptProtocolMapperArgs{
			RealmId:                 realm.ID(),
			ClientId:                samlClient.ID(),
			Script:                  pulumi.String("exports = 'foo';"),
			SamlAttributeName:       pulumi.String("displayName"),
			SamlAttributeNameFormat: pulumi.String("Unspecified"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

Protocol mappers can be imported using one of the following formats:

- Client: `{{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}`

- Client Scope: `{{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}}`

Example:

bash

```sh $ pulumi import keycloak:saml/scriptProtocolMapper:ScriptProtocolMapper saml_script_mapper my-realm/client/a7202154-8793-4656-b655-1dd18c181e14/71602afa-f7d1-4788-8c49-ef8fd00af0f4 ```

```sh $ pulumi import keycloak:saml/scriptProtocolMapper:ScriptProtocolMapper saml_script_mapper my-realm/client-scope/b799ea7e-73ee-4a73-990a-1eafebe8e20a/71602afa-f7d1-4788-8c49-ef8fd00af0f4 ```

func GetScriptProtocolMapper 

func GetScriptProtocolMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ScriptProtocolMapperState, opts ...pulumi.ResourceOption) (*ScriptProtocolMapper, error)

GetScriptProtocolMapper gets an existing ScriptProtocolMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewScriptProtocolMapper 

func NewScriptProtocolMapper(ctx *pulumi.Context,
	name string, args *ScriptProtocolMapperArgs, opts ...pulumi.ResourceOption) (*ScriptProtocolMapper, error)

NewScriptProtocolMapper registers a new resource with the given unique name, arguments, and options.

func (*ScriptProtocolMapper) ElementType 

func (*ScriptProtocolMapper) ElementType() reflect.Type

func (*ScriptProtocolMapper) ToScriptProtocolMapperOutput 

func (i *ScriptProtocolMapper) ToScriptProtocolMapperOutput() ScriptProtocolMapperOutput

func (*ScriptProtocolMapper) ToScriptProtocolMapperOutputWithContext 

func (i *ScriptProtocolMapper) ToScriptProtocolMapperOutputWithContext(ctx context.Context) ScriptProtocolMapperOutput

type ScriptProtocolMapperArgs 

type ScriptProtocolMapperArgs struct {
	// The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified.
	ClientId pulumi.StringPtrInput
	// The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified.
	ClientScopeId pulumi.StringPtrInput
	// An optional human-friendly name for this attribute.
	FriendlyName pulumi.StringPtrInput
	// The display name of this protocol mapper in the GUI.
	Name pulumi.StringPtrInput
	// The realm this protocol mapper exists within.
	RealmId pulumi.StringInput
	// The name of the SAML attribute.
	SamlAttributeName pulumi.StringInput
	// The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.
	SamlAttributeNameFormat pulumi.StringInput
	// JavaScript code to compute the attribute value.
	Script pulumi.StringInput
	// When `true`, all values will be stored under one attribute with multiple attribute values. Defaults to `true`.
	SingleValueAttribute pulumi.BoolPtrInput
}

The set of arguments for constructing a ScriptProtocolMapper resource.

func (ScriptProtocolMapperArgs) ElementType 

func (ScriptProtocolMapperArgs) ElementType() reflect.Type

type ScriptProtocolMapperArray 

type ScriptProtocolMapperArray []ScriptProtocolMapperInput

func (ScriptProtocolMapperArray) ElementType 

func (ScriptProtocolMapperArray) ElementType() reflect.Type

func (ScriptProtocolMapperArray) ToScriptProtocolMapperArrayOutput 

func (i ScriptProtocolMapperArray) ToScriptProtocolMapperArrayOutput() ScriptProtocolMapperArrayOutput

func (ScriptProtocolMapperArray) ToScriptProtocolMapperArrayOutputWithContext 

func (i ScriptProtocolMapperArray) ToScriptProtocolMapperArrayOutputWithContext(ctx context.Context) ScriptProtocolMapperArrayOutput

type ScriptProtocolMapperArrayInput 

type ScriptProtocolMapperArrayInput interface {
	pulumi.Input

	ToScriptProtocolMapperArrayOutput() ScriptProtocolMapperArrayOutput
	ToScriptProtocolMapperArrayOutputWithContext(context.Context) ScriptProtocolMapperArrayOutput
}

ScriptProtocolMapperArrayInput is an input type that accepts ScriptProtocolMapperArray and ScriptProtocolMapperArrayOutput values. You can construct a concrete instance of `ScriptProtocolMapperArrayInput` via: 

ScriptProtocolMapperArray{ ScriptProtocolMapperArgs{...} }

type ScriptProtocolMapperArrayOutput 

type ScriptProtocolMapperArrayOutput struct{ *pulumi.OutputState }

func (ScriptProtocolMapperArrayOutput) ElementType 

func (ScriptProtocolMapperArrayOutput) ElementType() reflect.Type

func (ScriptProtocolMapperArrayOutput) Index 

func (o ScriptProtocolMapperArrayOutput) Index(i pulumi.IntInput) ScriptProtocolMapperOutput

func (ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutput 

func (o ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutput() ScriptProtocolMapperArrayOutput

func (ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutputWithContext 

func (o ScriptProtocolMapperArrayOutput) ToScriptProtocolMapperArrayOutputWithContext(ctx context.Context) ScriptProtocolMapperArrayOutput

type ScriptProtocolMapperInput 

type ScriptProtocolMapperInput interface {
	pulumi.Input

	ToScriptProtocolMapperOutput() ScriptProtocolMapperOutput
	ToScriptProtocolMapperOutputWithContext(ctx context.Context) ScriptProtocolMapperOutput
}

type ScriptProtocolMapperMap 

type ScriptProtocolMapperMap map[string]ScriptProtocolMapperInput

func (ScriptProtocolMapperMap) ElementType 

func (ScriptProtocolMapperMap) ElementType() reflect.Type

func (ScriptProtocolMapperMap) ToScriptProtocolMapperMapOutput 

func (i ScriptProtocolMapperMap) ToScriptProtocolMapperMapOutput() ScriptProtocolMapperMapOutput

func (ScriptProtocolMapperMap) ToScriptProtocolMapperMapOutputWithContext 

func (i ScriptProtocolMapperMap) ToScriptProtocolMapperMapOutputWithContext(ctx context.Context) ScriptProtocolMapperMapOutput

type ScriptProtocolMapperMapInput 

type ScriptProtocolMapperMapInput interface {
	pulumi.Input

	ToScriptProtocolMapperMapOutput() ScriptProtocolMapperMapOutput
	ToScriptProtocolMapperMapOutputWithContext(context.Context) ScriptProtocolMapperMapOutput
}

ScriptProtocolMapperMapInput is an input type that accepts ScriptProtocolMapperMap and ScriptProtocolMapperMapOutput values. You can construct a concrete instance of `ScriptProtocolMapperMapInput` via: 

ScriptProtocolMapperMap{ "key": ScriptProtocolMapperArgs{...} }

type ScriptProtocolMapperMapOutput 

type ScriptProtocolMapperMapOutput struct{ *pulumi.OutputState }

func (ScriptProtocolMapperMapOutput) ElementType 

func (ScriptProtocolMapperMapOutput) ElementType() reflect.Type

func (ScriptProtocolMapperMapOutput) MapIndex 

func (o ScriptProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) ScriptProtocolMapperOutput

func (ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutput 

func (o ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutput() ScriptProtocolMapperMapOutput

func (ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutputWithContext 

func (o ScriptProtocolMapperMapOutput) ToScriptProtocolMapperMapOutputWithContext(ctx context.Context) ScriptProtocolMapperMapOutput

type ScriptProtocolMapperOutput 

type ScriptProtocolMapperOutput struct{ *pulumi.OutputState }

func (ScriptProtocolMapperOutput) ClientId 

func (o ScriptProtocolMapperOutput) ClientId() pulumi.StringPtrOutput

The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified.

func (ScriptProtocolMapperOutput) ClientScopeId 

func (o ScriptProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput

The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified.

func (ScriptProtocolMapperOutput) ElementType 

func (ScriptProtocolMapperOutput) ElementType() reflect.Type

func (ScriptProtocolMapperOutput) FriendlyName 

func (o ScriptProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput

An optional human-friendly name for this attribute.

func (ScriptProtocolMapperOutput) Name 

func (o ScriptProtocolMapperOutput) Name() pulumi.StringOutput

The display name of this protocol mapper in the GUI.

func (ScriptProtocolMapperOutput) RealmId 

func (o ScriptProtocolMapperOutput) RealmId() pulumi.StringOutput

The realm this protocol mapper exists within.

func (ScriptProtocolMapperOutput) SamlAttributeName 

func (o ScriptProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput

The name of the SAML attribute.

func (ScriptProtocolMapperOutput) SamlAttributeNameFormat 

func (o ScriptProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput

The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.

func (ScriptProtocolMapperOutput) Script 

func (o ScriptProtocolMapperOutput) Script() pulumi.StringOutput

JavaScript code to compute the attribute value.

func (ScriptProtocolMapperOutput) SingleValueAttribute 

func (o ScriptProtocolMapperOutput) SingleValueAttribute() pulumi.BoolPtrOutput

When `true`, all values will be stored under one attribute with multiple attribute values. Defaults to `true`.

func (ScriptProtocolMapperOutput) ToScriptProtocolMapperOutput 

func (o ScriptProtocolMapperOutput) ToScriptProtocolMapperOutput() ScriptProtocolMapperOutput

func (ScriptProtocolMapperOutput) ToScriptProtocolMapperOutputWithContext 

func (o ScriptProtocolMapperOutput) ToScriptProtocolMapperOutputWithContext(ctx context.Context) ScriptProtocolMapperOutput

type ScriptProtocolMapperState 

type ScriptProtocolMapperState struct {
	// The client this protocol mapper should be attached to. Conflicts with `clientScopeId`. One of `clientId` or `clientScopeId` must be specified.
	ClientId pulumi.StringPtrInput
	// The client scope this protocol mapper should be attached to. Conflicts with `clientId`. One of `clientId` or `clientScopeId` must be specified.
	ClientScopeId pulumi.StringPtrInput
	// An optional human-friendly name for this attribute.
	FriendlyName pulumi.StringPtrInput
	// The display name of this protocol mapper in the GUI.
	Name pulumi.StringPtrInput
	// The realm this protocol mapper exists within.
	RealmId pulumi.StringPtrInput
	// The name of the SAML attribute.
	SamlAttributeName pulumi.StringPtrInput
	// The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.
	SamlAttributeNameFormat pulumi.StringPtrInput
	// JavaScript code to compute the attribute value.
	Script pulumi.StringPtrInput
	// When `true`, all values will be stored under one attribute with multiple attribute values. Defaults to `true`.
	SingleValueAttribute pulumi.BoolPtrInput
}

func (ScriptProtocolMapperState) ElementType 

func (ScriptProtocolMapperState) ElementType() reflect.Type

type UserAttributeProtocolMapper 

type UserAttributeProtocolMapper struct {
	pulumi.CustomResourceState

	ClientId                pulumi.StringPtrOutput `pulumi:"clientId"`
	ClientScopeId           pulumi.StringPtrOutput `pulumi:"clientScopeId"`
	FriendlyName            pulumi.StringPtrOutput `pulumi:"friendlyName"`
	Name                    pulumi.StringOutput    `pulumi:"name"`
	RealmId                 pulumi.StringOutput    `pulumi:"realmId"`
	SamlAttributeName       pulumi.StringOutput    `pulumi:"samlAttributeName"`
	SamlAttributeNameFormat pulumi.StringOutput    `pulumi:"samlAttributeNameFormat"`
	UserAttribute           pulumi.StringOutput    `pulumi:"userAttribute"`
}

## # saml.UserAttributeProtocolMapper

Allows for creating and managing user attribute protocol mappers for SAML clients within Keycloak.

SAML user attribute protocol mappers allow you to map custom attributes defined for a user within Keycloak to an attribute in a SAML assertion. Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.

### Example Usage (Client)

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Enabled: pulumi.Bool(true),
			Realm:   pulumi.String("my-realm"),
		})
		if err != nil {
			return err
		}
		samlClient, err := saml.NewClient(ctx, "samlClient", &saml.ClientArgs{
			ClientId: pulumi.String("test-saml-client"),
			RealmId:  pulumi.Any(keycloak_realm.Test.Id),
		})
		if err != nil {
			return err
		}
		_, err = saml.NewUserAttributeProtocolMapper(ctx, "samlUserAttributeMapper", &saml.UserAttributeProtocolMapperArgs{
			ClientId:                samlClient.ID(),
			RealmId:                 pulumi.Any(keycloak_realm.Test.Id),
			SamlAttributeName:       pulumi.String("displayName"),
			SamlAttributeNameFormat: pulumi.String("Unspecified"),
			UserAttribute:           pulumi.String("displayName"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Argument Reference

The following arguments are supported:

- `realmId` - (Required) The realm this protocol mapper exists within. - `clientId` - (Required if `clientScopeId` is not specified) The SAML client this protocol mapper is attached to. - `clientScopeId` - (Required if `clientId` is not specified) The SAML client scope this protocol mapper is attached to. - `name` - (Required) The display name of this protocol mapper in the GUI. - `userAttribute` - (Required) The custom user attribute to map. - `friendlyName` - (Optional) An optional human-friendly name for this attribute. - `samlAttributeName` - (Required) The name of the SAML attribute. - `samlAttributeNameFormat` - (Required) The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.

### Import

Protocol mappers can be imported using one of the following formats: - Client: `{{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}` - Client Scope: `{{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}}`

Example:

func GetUserAttributeProtocolMapper 

func GetUserAttributeProtocolMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserAttributeProtocolMapperState, opts ...pulumi.ResourceOption) (*UserAttributeProtocolMapper, error)

GetUserAttributeProtocolMapper gets an existing UserAttributeProtocolMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserAttributeProtocolMapper 

func NewUserAttributeProtocolMapper(ctx *pulumi.Context,
	name string, args *UserAttributeProtocolMapperArgs, opts ...pulumi.ResourceOption) (*UserAttributeProtocolMapper, error)

NewUserAttributeProtocolMapper registers a new resource with the given unique name, arguments, and options.

func (*UserAttributeProtocolMapper) ElementType 

func (*UserAttributeProtocolMapper) ElementType() reflect.Type

func (*UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutput 

func (i *UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutput() UserAttributeProtocolMapperOutput

func (*UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutputWithContext 

func (i *UserAttributeProtocolMapper) ToUserAttributeProtocolMapperOutputWithContext(ctx context.Context) UserAttributeProtocolMapperOutput

type UserAttributeProtocolMapperArgs 

type UserAttributeProtocolMapperArgs struct {
	ClientId                pulumi.StringPtrInput
	ClientScopeId           pulumi.StringPtrInput
	FriendlyName            pulumi.StringPtrInput
	Name                    pulumi.StringPtrInput
	RealmId                 pulumi.StringInput
	SamlAttributeName       pulumi.StringInput
	SamlAttributeNameFormat pulumi.StringInput
	UserAttribute           pulumi.StringInput
}

The set of arguments for constructing a UserAttributeProtocolMapper resource.

func (UserAttributeProtocolMapperArgs) ElementType 

func (UserAttributeProtocolMapperArgs) ElementType() reflect.Type

type UserAttributeProtocolMapperArray 

type UserAttributeProtocolMapperArray []UserAttributeProtocolMapperInput

func (UserAttributeProtocolMapperArray) ElementType 

func (UserAttributeProtocolMapperArray) ElementType() reflect.Type

func (UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutput 

func (i UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutput() UserAttributeProtocolMapperArrayOutput

func (UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutputWithContext 

func (i UserAttributeProtocolMapperArray) ToUserAttributeProtocolMapperArrayOutputWithContext(ctx context.Context) UserAttributeProtocolMapperArrayOutput

type UserAttributeProtocolMapperArrayInput 

type UserAttributeProtocolMapperArrayInput interface {
	pulumi.Input

	ToUserAttributeProtocolMapperArrayOutput() UserAttributeProtocolMapperArrayOutput
	ToUserAttributeProtocolMapperArrayOutputWithContext(context.Context) UserAttributeProtocolMapperArrayOutput
}

UserAttributeProtocolMapperArrayInput is an input type that accepts UserAttributeProtocolMapperArray and UserAttributeProtocolMapperArrayOutput values. You can construct a concrete instance of `UserAttributeProtocolMapperArrayInput` via: 

UserAttributeProtocolMapperArray{ UserAttributeProtocolMapperArgs{...} }

type UserAttributeProtocolMapperArrayOutput 

type UserAttributeProtocolMapperArrayOutput struct{ *pulumi.OutputState }

func (UserAttributeProtocolMapperArrayOutput) ElementType 

func (UserAttributeProtocolMapperArrayOutput) ElementType() reflect.Type

func (UserAttributeProtocolMapperArrayOutput) Index 

func (o UserAttributeProtocolMapperArrayOutput) Index(i pulumi.IntInput) UserAttributeProtocolMapperOutput

func (UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutput 

func (o UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutput() UserAttributeProtocolMapperArrayOutput

func (UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutputWithContext 

func (o UserAttributeProtocolMapperArrayOutput) ToUserAttributeProtocolMapperArrayOutputWithContext(ctx context.Context) UserAttributeProtocolMapperArrayOutput

type UserAttributeProtocolMapperInput 

type UserAttributeProtocolMapperInput interface {
	pulumi.Input

	ToUserAttributeProtocolMapperOutput() UserAttributeProtocolMapperOutput
	ToUserAttributeProtocolMapperOutputWithContext(ctx context.Context) UserAttributeProtocolMapperOutput
}

type UserAttributeProtocolMapperMap 

type UserAttributeProtocolMapperMap map[string]UserAttributeProtocolMapperInput

func (UserAttributeProtocolMapperMap) ElementType 

func (UserAttributeProtocolMapperMap) ElementType() reflect.Type

func (UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutput 

func (i UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutput() UserAttributeProtocolMapperMapOutput

func (UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutputWithContext 

func (i UserAttributeProtocolMapperMap) ToUserAttributeProtocolMapperMapOutputWithContext(ctx context.Context) UserAttributeProtocolMapperMapOutput

type UserAttributeProtocolMapperMapInput 

type UserAttributeProtocolMapperMapInput interface {
	pulumi.Input

	ToUserAttributeProtocolMapperMapOutput() UserAttributeProtocolMapperMapOutput
	ToUserAttributeProtocolMapperMapOutputWithContext(context.Context) UserAttributeProtocolMapperMapOutput
}

UserAttributeProtocolMapperMapInput is an input type that accepts UserAttributeProtocolMapperMap and UserAttributeProtocolMapperMapOutput values. You can construct a concrete instance of `UserAttributeProtocolMapperMapInput` via: 

UserAttributeProtocolMapperMap{ "key": UserAttributeProtocolMapperArgs{...} }

type UserAttributeProtocolMapperMapOutput 

type UserAttributeProtocolMapperMapOutput struct{ *pulumi.OutputState }

func (UserAttributeProtocolMapperMapOutput) ElementType 

func (UserAttributeProtocolMapperMapOutput) ElementType() reflect.Type

func (UserAttributeProtocolMapperMapOutput) MapIndex 

func (o UserAttributeProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) UserAttributeProtocolMapperOutput

func (UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutput 

func (o UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutput() UserAttributeProtocolMapperMapOutput

func (UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutputWithContext 

func (o UserAttributeProtocolMapperMapOutput) ToUserAttributeProtocolMapperMapOutputWithContext(ctx context.Context) UserAttributeProtocolMapperMapOutput

type UserAttributeProtocolMapperOutput 

type UserAttributeProtocolMapperOutput struct{ *pulumi.OutputState }

func (UserAttributeProtocolMapperOutput) ClientId 

func (o UserAttributeProtocolMapperOutput) ClientId() pulumi.StringPtrOutput

func (UserAttributeProtocolMapperOutput) ClientScopeId 

func (o UserAttributeProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput

func (UserAttributeProtocolMapperOutput) ElementType 

func (UserAttributeProtocolMapperOutput) ElementType() reflect.Type

func (UserAttributeProtocolMapperOutput) FriendlyName 

func (o UserAttributeProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput

func (UserAttributeProtocolMapperOutput) Name 

func (o UserAttributeProtocolMapperOutput) Name() pulumi.StringOutput

func (UserAttributeProtocolMapperOutput) RealmId 

func (o UserAttributeProtocolMapperOutput) RealmId() pulumi.StringOutput

func (UserAttributeProtocolMapperOutput) SamlAttributeName 

func (o UserAttributeProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput

func (UserAttributeProtocolMapperOutput) SamlAttributeNameFormat 

func (o UserAttributeProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput

func (UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutput 

func (o UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutput() UserAttributeProtocolMapperOutput

func (UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutputWithContext 

func (o UserAttributeProtocolMapperOutput) ToUserAttributeProtocolMapperOutputWithContext(ctx context.Context) UserAttributeProtocolMapperOutput

func (UserAttributeProtocolMapperOutput) UserAttribute 

func (o UserAttributeProtocolMapperOutput) UserAttribute() pulumi.StringOutput

type UserAttributeProtocolMapperState 

type UserAttributeProtocolMapperState struct {
	ClientId                pulumi.StringPtrInput
	ClientScopeId           pulumi.StringPtrInput
	FriendlyName            pulumi.StringPtrInput
	Name                    pulumi.StringPtrInput
	RealmId                 pulumi.StringPtrInput
	SamlAttributeName       pulumi.StringPtrInput
	SamlAttributeNameFormat pulumi.StringPtrInput
	UserAttribute           pulumi.StringPtrInput
}

func (UserAttributeProtocolMapperState) ElementType 

func (UserAttributeProtocolMapperState) ElementType() reflect.Type

type UserPropertyProtocolMapper 

type UserPropertyProtocolMapper struct {
	pulumi.CustomResourceState

	ClientId                pulumi.StringPtrOutput `pulumi:"clientId"`
	ClientScopeId           pulumi.StringPtrOutput `pulumi:"clientScopeId"`
	FriendlyName            pulumi.StringPtrOutput `pulumi:"friendlyName"`
	Name                    pulumi.StringOutput    `pulumi:"name"`
	RealmId                 pulumi.StringOutput    `pulumi:"realmId"`
	SamlAttributeName       pulumi.StringOutput    `pulumi:"samlAttributeName"`
	SamlAttributeNameFormat pulumi.StringOutput    `pulumi:"samlAttributeNameFormat"`
	UserProperty            pulumi.StringOutput    `pulumi:"userProperty"`
}

## # saml.UserPropertyProtocolMapper

Allows for creating and managing user property protocol mappers for SAML clients within Keycloak.

SAML user property protocol mappers allow you to map properties of the Keycloak user model to an attribute in a SAML assertion. Protocol mappers can be defined for a single client, or they can be defined for a client scope which can be shared between multiple different clients.

### Example Usage (Client)

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak"
"github.com/pulumi/pulumi-keycloak/sdk/v5/go/keycloak/saml"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := keycloak.NewRealm(ctx, "realm", &keycloak.RealmArgs{
			Enabled: pulumi.Bool(true),
			Realm:   pulumi.String("my-realm"),
		})
		if err != nil {
			return err
		}
		samlClient, err := saml.NewClient(ctx, "samlClient", &saml.ClientArgs{
			ClientId: pulumi.String("test-saml-client"),
			RealmId:  pulumi.Any(keycloak_realm.Test.Id),
		})
		if err != nil {
			return err
		}
		_, err = saml.NewUserPropertyProtocolMapper(ctx, "samlUserPropertyMapper", &saml.UserPropertyProtocolMapperArgs{
			ClientId:                samlClient.ID(),
			RealmId:                 pulumi.Any(keycloak_realm.Test.Id),
			SamlAttributeName:       pulumi.String("email"),
			SamlAttributeNameFormat: pulumi.String("Unspecified"),
			UserProperty:            pulumi.String("email"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

### Argument Reference

The following arguments are supported:

- `realmId` - (Required) The realm this protocol mapper exists within. - `clientId` - (Required if `clientScopeId` is not specified) The SAML client this protocol mapper is attached to. - `clientScopeId` - (Required if `clientId` is not specified) The SAML client scope this protocol mapper is attached to. - `name` - (Required) The display name of this protocol mapper in the GUI. - `userProperty` - (Required) The property of the Keycloak user model to map. - `friendlyName` - (Optional) An optional human-friendly name for this attribute. - `samlAttributeName` - (Required) The name of the SAML attribute. - `samlAttributeNameFormat` - (Required) The SAML attribute Name Format. Can be one of `Unspecified`, `Basic`, or `URI Reference`.

### Import

Protocol mappers can be imported using one of the following formats: - Client: `{{realm_id}}/client/{{client_keycloak_id}}/{{protocol_mapper_id}}` - Client Scope: `{{realm_id}}/client-scope/{{client_scope_keycloak_id}}/{{protocol_mapper_id}}`

Example:

func GetUserPropertyProtocolMapper 

func GetUserPropertyProtocolMapper(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *UserPropertyProtocolMapperState, opts ...pulumi.ResourceOption) (*UserPropertyProtocolMapper, error)

GetUserPropertyProtocolMapper gets an existing UserPropertyProtocolMapper resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewUserPropertyProtocolMapper 

func NewUserPropertyProtocolMapper(ctx *pulumi.Context,
	name string, args *UserPropertyProtocolMapperArgs, opts ...pulumi.ResourceOption) (*UserPropertyProtocolMapper, error)

NewUserPropertyProtocolMapper registers a new resource with the given unique name, arguments, and options.

func (*UserPropertyProtocolMapper) ElementType 

func (*UserPropertyProtocolMapper) ElementType() reflect.Type

func (*UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutput 

func (i *UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutput() UserPropertyProtocolMapperOutput

func (*UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutputWithContext 

func (i *UserPropertyProtocolMapper) ToUserPropertyProtocolMapperOutputWithContext(ctx context.Context) UserPropertyProtocolMapperOutput

type UserPropertyProtocolMapperArgs 

type UserPropertyProtocolMapperArgs struct {
	ClientId                pulumi.StringPtrInput
	ClientScopeId           pulumi.StringPtrInput
	FriendlyName            pulumi.StringPtrInput
	Name                    pulumi.StringPtrInput
	RealmId                 pulumi.StringInput
	SamlAttributeName       pulumi.StringInput
	SamlAttributeNameFormat pulumi.StringInput
	UserProperty            pulumi.StringInput
}

The set of arguments for constructing a UserPropertyProtocolMapper resource.

func (UserPropertyProtocolMapperArgs) ElementType 

func (UserPropertyProtocolMapperArgs) ElementType() reflect.Type

type UserPropertyProtocolMapperArray 

type UserPropertyProtocolMapperArray []UserPropertyProtocolMapperInput

func (UserPropertyProtocolMapperArray) ElementType 

func (UserPropertyProtocolMapperArray) ElementType() reflect.Type

func (UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutput 

func (i UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutput() UserPropertyProtocolMapperArrayOutput

func (UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutputWithContext 

func (i UserPropertyProtocolMapperArray) ToUserPropertyProtocolMapperArrayOutputWithContext(ctx context.Context) UserPropertyProtocolMapperArrayOutput

type UserPropertyProtocolMapperArrayInput 

type UserPropertyProtocolMapperArrayInput interface {
	pulumi.Input

	ToUserPropertyProtocolMapperArrayOutput() UserPropertyProtocolMapperArrayOutput
	ToUserPropertyProtocolMapperArrayOutputWithContext(context.Context) UserPropertyProtocolMapperArrayOutput
}

UserPropertyProtocolMapperArrayInput is an input type that accepts UserPropertyProtocolMapperArray and UserPropertyProtocolMapperArrayOutput values. You can construct a concrete instance of `UserPropertyProtocolMapperArrayInput` via: 

UserPropertyProtocolMapperArray{ UserPropertyProtocolMapperArgs{...} }

type UserPropertyProtocolMapperArrayOutput 

type UserPropertyProtocolMapperArrayOutput struct{ *pulumi.OutputState }

func (UserPropertyProtocolMapperArrayOutput) ElementType 

func (UserPropertyProtocolMapperArrayOutput) ElementType() reflect.Type

func (UserPropertyProtocolMapperArrayOutput) Index 

func (o UserPropertyProtocolMapperArrayOutput) Index(i pulumi.IntInput) UserPropertyProtocolMapperOutput

func (UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutput 

func (o UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutput() UserPropertyProtocolMapperArrayOutput

func (UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutputWithContext 

func (o UserPropertyProtocolMapperArrayOutput) ToUserPropertyProtocolMapperArrayOutputWithContext(ctx context.Context) UserPropertyProtocolMapperArrayOutput

type UserPropertyProtocolMapperInput 

type UserPropertyProtocolMapperInput interface {
	pulumi.Input

	ToUserPropertyProtocolMapperOutput() UserPropertyProtocolMapperOutput
	ToUserPropertyProtocolMapperOutputWithContext(ctx context.Context) UserPropertyProtocolMapperOutput
}

type UserPropertyProtocolMapperMap 

type UserPropertyProtocolMapperMap map[string]UserPropertyProtocolMapperInput

func (UserPropertyProtocolMapperMap) ElementType 

func (UserPropertyProtocolMapperMap) ElementType() reflect.Type

func (UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutput 

func (i UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutput() UserPropertyProtocolMapperMapOutput

func (UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutputWithContext 

func (i UserPropertyProtocolMapperMap) ToUserPropertyProtocolMapperMapOutputWithContext(ctx context.Context) UserPropertyProtocolMapperMapOutput

type UserPropertyProtocolMapperMapInput 

type UserPropertyProtocolMapperMapInput interface {
	pulumi.Input

	ToUserPropertyProtocolMapperMapOutput() UserPropertyProtocolMapperMapOutput
	ToUserPropertyProtocolMapperMapOutputWithContext(context.Context) UserPropertyProtocolMapperMapOutput
}

UserPropertyProtocolMapperMapInput is an input type that accepts UserPropertyProtocolMapperMap and UserPropertyProtocolMapperMapOutput values. You can construct a concrete instance of `UserPropertyProtocolMapperMapInput` via: 

UserPropertyProtocolMapperMap{ "key": UserPropertyProtocolMapperArgs{...} }

type UserPropertyProtocolMapperMapOutput 

type UserPropertyProtocolMapperMapOutput struct{ *pulumi.OutputState }

func (UserPropertyProtocolMapperMapOutput) ElementType 

func (UserPropertyProtocolMapperMapOutput) ElementType() reflect.Type

func (UserPropertyProtocolMapperMapOutput) MapIndex 

func (o UserPropertyProtocolMapperMapOutput) MapIndex(k pulumi.StringInput) UserPropertyProtocolMapperOutput

func (UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutput 

func (o UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutput() UserPropertyProtocolMapperMapOutput

func (UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutputWithContext 

func (o UserPropertyProtocolMapperMapOutput) ToUserPropertyProtocolMapperMapOutputWithContext(ctx context.Context) UserPropertyProtocolMapperMapOutput

type UserPropertyProtocolMapperOutput 

type UserPropertyProtocolMapperOutput struct{ *pulumi.OutputState }

func (UserPropertyProtocolMapperOutput) ClientId 

func (o UserPropertyProtocolMapperOutput) ClientId() pulumi.StringPtrOutput

func (UserPropertyProtocolMapperOutput) ClientScopeId 

func (o UserPropertyProtocolMapperOutput) ClientScopeId() pulumi.StringPtrOutput

func (UserPropertyProtocolMapperOutput) ElementType 

func (UserPropertyProtocolMapperOutput) ElementType() reflect.Type

func (UserPropertyProtocolMapperOutput) FriendlyName 

func (o UserPropertyProtocolMapperOutput) FriendlyName() pulumi.StringPtrOutput

func (UserPropertyProtocolMapperOutput) Name 

func (o UserPropertyProtocolMapperOutput) Name() pulumi.StringOutput

func (UserPropertyProtocolMapperOutput) RealmId 

func (o UserPropertyProtocolMapperOutput) RealmId() pulumi.StringOutput

func (UserPropertyProtocolMapperOutput) SamlAttributeName 

func (o UserPropertyProtocolMapperOutput) SamlAttributeName() pulumi.StringOutput

func (UserPropertyProtocolMapperOutput) SamlAttributeNameFormat 

func (o UserPropertyProtocolMapperOutput) SamlAttributeNameFormat() pulumi.StringOutput

func (UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutput 

func (o UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutput() UserPropertyProtocolMapperOutput

func (UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutputWithContext 

func (o UserPropertyProtocolMapperOutput) ToUserPropertyProtocolMapperOutputWithContext(ctx context.Context) UserPropertyProtocolMapperOutput

func (UserPropertyProtocolMapperOutput) UserProperty 

func (o UserPropertyProtocolMapperOutput) UserProperty() pulumi.StringOutput

type UserPropertyProtocolMapperState 

type UserPropertyProtocolMapperState struct {
	ClientId                pulumi.StringPtrInput
	ClientScopeId           pulumi.StringPtrInput
	FriendlyName            pulumi.StringPtrInput
	Name                    pulumi.StringPtrInput
	RealmId                 pulumi.StringPtrInput
	SamlAttributeName       pulumi.StringPtrInput
	SamlAttributeNameFormat pulumi.StringPtrInput
	UserProperty            pulumi.StringPtrInput
}

func (UserPropertyProtocolMapperState) ElementType 

func (UserPropertyProtocolMapperState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.